MCPcopy
hub / github.com/gofiber/fiber / Test_CSRF_DeleteToken

Function Test_CSRF_DeleteToken

middleware/csrf/csrf_test.go:1608–1665  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

1606}
1607
1608func Test_CSRF_DeleteToken(t *testing.T) {
1609 t.Parallel()
1610 app := fiber.New()
1611
1612 config := ConfigDefault
1613
1614 app.Use(New(config))
1615
1616 app.Post("/", func(c fiber.Ctx) error {
1617 return c.SendStatus(fiber.StatusOK)
1618 })
1619
1620 h := app.Handler()
1621 ctx := &fasthttp.RequestCtx{}
1622
1623 // DeleteToken after token generation and remove the cookie
1624 ctx.Request.Header.Reset()
1625 ctx.Request.ResetBody()
1626 ctx.Response.Reset()
1627 ctx.Request.Header.Set(HeaderName, "")
1628 handler := HandlerFromContext(app.AcquireCtx(ctx))
1629 if handler != nil {
1630 ctx.Request.Header.DelAllCookies()
1631 err := handler.DeleteToken(app.AcquireCtx(ctx))
1632 require.ErrorIs(t, err, ErrTokenNotFound)
1633 }
1634 h(ctx)
1635
1636 // Generate CSRF token
1637 ctx.Request.Header.SetMethod(fiber.MethodGet)
1638 h(ctx)
1639 token := string(ctx.Response.Header.Peek(fiber.HeaderSetCookie))
1640 token = strings.Split(strings.Split(token, ";")[0], "=")[1]
1641
1642 // Delete the CSRF token
1643 ctx.Request.Header.Reset()
1644 ctx.Request.ResetBody()
1645 ctx.Response.Reset()
1646 ctx.Request.Header.SetMethod(fiber.MethodPost)
1647 ctx.Request.Header.Set(HeaderName, token)
1648 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
1649 handler = HandlerFromContext(app.AcquireCtx(ctx))
1650 if handler != nil {
1651 if err := handler.DeleteToken(app.AcquireCtx(ctx)); err != nil {
1652 t.Fatal(err)
1653 }
1654 }
1655 h(ctx)
1656
1657 ctx.Request.Header.Reset()
1658 ctx.Request.ResetBody()
1659 ctx.Response.Reset()
1660 ctx.Request.Header.SetMethod(fiber.MethodPost)
1661 ctx.Request.Header.Set(HeaderName, token)
1662 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
1663 h(ctx)
1664 require.Equal(t, 403, ctx.Response.StatusCode())
1665}

Callers

nothing calls this directly

Calls 15

HandlerFromContextFunction · 0.85
HandlerMethod · 0.80
AcquireCtxMethod · 0.80
DeleteTokenMethod · 0.80
SetMethodMethod · 0.80
NewFunction · 0.70
NewMethod · 0.65
UseMethod · 0.65
PostMethod · 0.65
SendStatusMethod · 0.65
ResetMethod · 0.65
SetMethod · 0.65

Tested by

no test coverage detected