diff --git a/tests/api/auth/sign_in.rs b/tests/api/auth/sign_in.rs index 73555c7..9b602b4 100644 --- a/tests/api/auth/sign_in.rs +++ b/tests/api/auth/sign_in.rs @@ -3,6 +3,7 @@ use auth_server::{ settings::JWT_CONFIG, }; use jsonwebtoken::Validation; +use reqwest::header::USER_AGENT; use serde_json::json; use crate::helpers::TestApplication; @@ -56,6 +57,36 @@ async fn sign_in_with_valid_credentials_persists_refresh_token() { assert_eq!(saved_refresh_token.jit, refresh_token.jit); } +#[tokio::test] +async fn sign_in_persists_refresh_token_metadata() { + let app = TestApplication::spawn().await; + + app.sign_up().await; + + let user_agent = "user agent"; + + app.post("/auth/sign-in") + .json(&json!({ + "email": app.test_user.email, + "password": app.test_user.password + })) + .header(USER_AGENT, user_agent) + .send() + .await + .expect("Failed to execute request."); + + let saved_refresh_token = sqlx::query!("SELECT * from refresh_tokens") + .fetch_one(&app.pool) + .await + .expect("Failed to fetch new refresh_token"); + + assert_eq!(saved_refresh_token.user_agent, Some(user_agent.to_string())); + assert_eq!( + saved_refresh_token.ip_address, + Some(app.address.ip().to_string()) + ); +} + #[tokio::test] async fn sign_in_with_valid_credentials_return_tokens_that_expire() { let app = TestApplication::spawn().await; diff --git a/tests/api/auth/tokens.rs b/tests/api/auth/tokens.rs index 88bf121..ff8b9b8 100644 --- a/tests/api/auth/tokens.rs +++ b/tests/api/auth/tokens.rs @@ -1,4 +1,5 @@ use auth_server::handlers::TokensResponse; +use reqwest::header::USER_AGENT; use serde_json::json; use crate::helpers::TestApplication; @@ -40,14 +41,46 @@ async fn refresh_tokens_with_invalid_refresh_token_returns_401() { } #[tokio::test] -async fn refresh_tokens_with_used_refresh_token_invalids_token_family() { +async fn refresh_tokens_persists_refresh_token_metadata() { let app = TestApplication::spawn().await; app.sign_up().await; let sign_in_response = app.sign_in().await; - assert_eq!(200, sign_in_response.status().as_u16()); + let sign_in_tokens: TokensResponse = sign_in_response + .json() + .await + .expect("Valid sign-in didn't return pair of tokens."); + + let user_agent = "user agent"; + + app.post("/auth/tokens/refresh") + .json(&json!({"refresh_token": sign_in_tokens.refresh_token})) + .header(USER_AGENT, user_agent) + .send() + .await + .expect("Failed to execute request."); + + let saved_refresh_token = sqlx::query!("SELECT * from refresh_tokens") + .fetch_one(&app.pool) + .await + .expect("Failed to fetch new refresh_token"); + + assert_eq!(saved_refresh_token.user_agent, Some(user_agent.to_string())); + assert_eq!( + saved_refresh_token.ip_address, + Some(app.address.ip().to_string()) + ); +} + +#[tokio::test] +async fn refresh_tokens_with_used_refresh_token_invalids_token_family() { + let app = TestApplication::spawn().await; + + app.sign_up().await; + + let sign_in_response = app.sign_in().await; let sign_in_tokens: TokensResponse = sign_in_response .json()