Files

35 lines
894 B
Go

package crypto
import (
"testing"
"time"
)
func TestSessionRoundTrip(t *testing.T) {
secret := []byte("s3cr3t")
now := time.Unix(1_700_000_000, 0)
tok := SignSession(secret, "admin", now.Add(time.Hour))
user, ok := VerifySession(secret, tok, now)
if !ok || user != "admin" {
t.Fatalf("verify = %q,%v want admin,true", user, ok)
}
}
func TestSessionRejectsExpired(t *testing.T) {
secret := []byte("s3cr3t")
now := time.Unix(1_700_000_000, 0)
tok := SignSession(secret, "admin", now.Add(-time.Second))
if _, ok := VerifySession(secret, tok, now); ok {
t.Fatal("expired token must be rejected")
}
}
func TestSessionRejectsTampered(t *testing.T) {
secret := []byte("s3cr3t")
now := time.Unix(1_700_000_000, 0)
tok := SignSession(secret, "admin", now.Add(time.Hour))
if _, ok := VerifySession([]byte("other"), tok, now); ok {
t.Fatal("wrong secret must be rejected")
}
}