test: Add CheckCSRF valid token test for 100% coverage
Test the success path where a valid CSRF token is provided with a matching session. This covers the final branch in CheckCSRF.
This commit is contained in:
parent
e1ff07fd9f
commit
2f203bf2d9
1 changed files with 26 additions and 0 deletions
|
|
@ -1333,6 +1333,32 @@ func TestCheckCSRF_InvalidCSRFToken(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestCheckCSRF_ValidCSRFToken(t *testing.T) {
|
||||
// Initialize stores with temp directory
|
||||
dir := t.TempDir()
|
||||
InitCSRFStore(dir)
|
||||
|
||||
// Create a session ID
|
||||
sessionID := "valid-session-id-12345678"
|
||||
|
||||
// Generate a valid CSRF token for this session
|
||||
validToken := generateCSRFToken(sessionID)
|
||||
|
||||
w := httptest.NewRecorder()
|
||||
req := httptest.NewRequest("POST", "/api/test", nil)
|
||||
req.AddCookie(&http.Cookie{
|
||||
Name: "pulse_session",
|
||||
Value: sessionID,
|
||||
})
|
||||
req.Header.Set("X-CSRF-Token", validToken)
|
||||
|
||||
// Valid CSRF token should pass
|
||||
result := CheckCSRF(w, req)
|
||||
if !result {
|
||||
t.Error("CheckCSRF should return true when CSRF token is valid")
|
||||
}
|
||||
}
|
||||
|
||||
func TestCheckCSRF_CSRFTokenFromFormValue(t *testing.T) {
|
||||
w := httptest.NewRecorder()
|
||||
req := httptest.NewRequest("POST", "/api/test?csrf_token=form-token-value", nil)
|
||||
|
|
|
|||
Loading…
Reference in a new issue