RiskRancher/core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity
Files
a7ddd19a13ee36f280f4de38ece4f53289aa4f98
core/pkg/auth/auth_test.go
t 084c1321fc First release of open core
2026-04-02 10:57:36 -04:00

50 lines
1.0 KiB
Go
Raw Blame History

package auth
import (
"testing"
)
func TestPasswordHashing(t *testing.T) {
password := "SuperSecretSOCPassword123!"
hash, err := HashPassword(password)
if err != nil {
t.Fatalf("Failed to hash password: %v", err)
}
if hash == password {
t.Fatalf("Security failure: Hash matches plain text!")
}
if len(hash) == 0 {
t.Fatalf("Hash is empty")
}
isValid := CheckPasswordHash(password, hash)
if !isValid {
t.Errorf("Expected valid password to match hash, but it failed")
}
isInvalid := CheckPasswordHash("WrongPassword!", hash)
if isInvalid {
t.Errorf("Security failure: Incorrect password returned true!")
}
}
func TestGenerateSessionToken(t *testing.T) {
token1, err1 := GenerateSessionToken()
token2, err2 := GenerateSessionToken()
if err1 != nil || err2 != nil {
t.Fatalf("Failed to generate session tokens")
}
if len(token1) < 32 {
t.Errorf("Token is too short for security standards: %d chars", len(token1))
}
if token1 == token2 {
t.Errorf("CRITICAL: RNG generated the exact same token twice: %s", token1)
}
}
Reference in New Issue View Git Blame Copy Permalink