2fas-server/internal/common/security/middleware_test.go
2022-12-31 10:22:38 +01:00

29 lines
654 B
Go

package security
import (
"github.com/2fas/api/config"
http2 "github.com/2fas/api/internal/common/http"
"github.com/gin-gonic/gin"
"github.com/stretchr/testify/assert"
"net/http"
"net/http/httptest"
"testing"
)
func Test_DoNotAllowUntrustedIp(t *testing.T) {
c := config.SecurityConfig{TrustedIP: []string{
"192.168.0.1/32",
}}
whitelistMiddleware := http2.IPWhitelistMiddleware(c)
recorder := httptest.NewRecorder()
ctx, _ := gin.CreateTestContext(recorder)
ctx.Request, _ = http.NewRequest("POST", "/", nil)
ctx.Request.Header.Set("X-Forwarded-For", "192.168.0.2")
whitelistMiddleware(ctx)
assert.Equal(t, recorder.Code, 401)
}