MCPcopy
hub / github.com/gofiber/fiber / Test_CSRF_DeleteToken_WithSession

Function Test_CSRF_DeleteToken_WithSession

middleware/csrf/csrf_test.go:1667–1735  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

1665}
1666
1667func Test_CSRF_DeleteToken_WithSession(t *testing.T) {
1668 t.Parallel()
1669
1670 // session store
1671 store := session.NewStore(session.Config{
1672 Extractor: extractors.FromCookie("_session"),
1673 })
1674
1675 // fiber instance
1676 app := fiber.New()
1677
1678 // fiber context
1679 ctx := &fasthttp.RequestCtx{}
1680
1681 // get session
1682 sess, err := store.Get(app.AcquireCtx(ctx))
1683 require.NoError(t, err)
1684 require.True(t, sess.Fresh())
1685
1686 // the session string is no longer be 123
1687 newSessionIDString := sess.ID()
1688 require.NoError(t, sess.Save())
1689
1690 app.AcquireCtx(ctx).Request().Header.SetCookie("_session", newSessionIDString)
1691
1692 // middleware config
1693 config := Config{
1694 Session: store,
1695 }
1696
1697 // middleware
1698 app.Use(New(config))
1699
1700 app.Post("/", func(c fiber.Ctx) error {
1701 return c.SendStatus(fiber.StatusOK)
1702 })
1703
1704 h := app.Handler()
1705
1706 // Generate CSRF token
1707 ctx.Request.Header.SetMethod(fiber.MethodGet)
1708 ctx.Request.Header.SetCookie("_session", newSessionIDString)
1709 h(ctx)
1710 token := string(ctx.Response.Header.Peek(fiber.HeaderSetCookie))
1711 token = strings.Split(strings.Split(token, ";")[0], "=")[1]
1712
1713 // Delete the CSRF token
1714 ctx.Request.Reset()
1715 ctx.Response.Reset()
1716 ctx.Request.Header.SetMethod(fiber.MethodPost)
1717 ctx.Request.Header.Set(HeaderName, token)
1718 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
1719 handler := HandlerFromContext(app.AcquireCtx(ctx))
1720 if handler != nil {
1721 if err := handler.DeleteToken(app.AcquireCtx(ctx)); err != nil {
1722 t.Fatal(err)
1723 }
1724 }

Callers

nothing calls this directly

Calls 15

GetMethod · 0.95
NewStoreFunction · 0.92
FromCookieFunction · 0.92
HandlerFromContextFunction · 0.85
AcquireCtxMethod · 0.80
HandlerMethod · 0.80
SetMethodMethod · 0.80
DeleteTokenMethod · 0.80
NewFunction · 0.70
NewMethod · 0.65
FreshMethod · 0.65
RequestMethod · 0.65

Tested by

no test coverage detected