test: Add CheckAuth tests for API package

Add tests for sliding expiration session validation and no-auth
configured scenarios. These test explicit paths for better coverage
documentation even though they were already exercised indirectly.
This commit is contained in:
rcourtman 2025-12-02 13:57:23 +00:00
parent 2f203bf2d9
commit daafb51493

View file

@ -810,3 +810,41 @@ func TestCheckAuth_NoSessionCookie(t *testing.T) {
t.Error("CheckAuth should return false without session or valid auth")
}
}
func TestCheckAuth_ValidSessionWithSlidingExpiration(t *testing.T) {
dir := t.TempDir()
InitSessionStore(dir)
store := GetSessionStore()
sessionToken := generateSessionToken()
store.CreateSession(sessionToken, 24*time.Hour, "test-agent", "127.0.0.1")
cfg := &config.Config{
// No auth configured, so session alone should work
}
req := httptest.NewRequest("GET", "/api/test", nil)
req.AddCookie(&http.Cookie{
Name: "pulse_session",
Value: sessionToken,
})
w := httptest.NewRecorder()
result := CheckAuth(cfg, w, req)
if !result {
t.Error("CheckAuth should return true for valid session with sliding expiration")
}
}
func TestCheckAuth_NoAuthConfigured(t *testing.T) {
cfg := &config.Config{
// No auth configured at all
}
req := httptest.NewRequest("GET", "/api/test", nil)
w := httptest.NewRecorder()
result := CheckAuth(cfg, w, req)
// Should return true when no auth is configured
if !result {
t.Error("CheckAuth should return true when no auth is configured")
}
}