2

I am trying to write a test method for sign up on my revel application. Look at the following code 

package tests

import "github.com/revel/revel"
import "github.com/PuerkitoBio/goquery"
import "bytes"
import "net/url"

//import "net/http"

var csrf string

type AccountTest struct {
    revel.TestSuite
}

func (self *AccountTest) Before() {
    //println("Set up")
}

func (self *AccountTest) TestGetSignUp() {
    self.Get("/signup")
    site := bytes.NewBuffer(self.ResponseBody)
    doc, _ := goquery.NewDocumentFromReader(site)
    doc.Find("input").Each(func(i int, s *goquery.Selection) {
        name, exists := s.Attr("name")
        if name == "csrf_token" && exists {
            csrf, _ = s.Attr("value")
        }
    })
    self.AssertOk()
    self.AssertContains("Sign Up")
    self.AssertContentType("text/html; charset=utf-8")
}

func (self *AccountTest) TestPostSignUp() {
    self.PostForm("/signup", url.Values{
        "name":         {"cormier"},
        "email":        {"cormisample.com"},
        "emailConfirm": {"cormier@sample.com"},
        "password":     {"Test!1234"},
        "termof":       {"true"},
        "csrf_token":   {csrf},
    })
    self.AssertOk()
    self.AssertContentType("text/html; charset=utf-8")
}

func (self *AccountTest) After() {
    //println("Tear down")
}

The test does not pass by TestPostSignUp function, it seems like, that the request is rejected through csrf middleware that I implemented revel-csrf. As you can see above, I read csrf token and save into variable(csrf). By Postform request I passed the variable, but does not work.

My question is, how to make a test with post request that will pass csrf protection.

Brenden
  • 7,708
  • 11
  • 61
  • 75
softshipper
  • 32,463
  • 51
  • 192
  • 400
  • It'd be great if you could give us some feedback on the new built-in CSRF functionality: https://github.com/revel/revel/blob/master/modules/csrf/app/csrf_test.go – Brenden Oct 30 '14 at 00:03

1 Answers1

5

I solve the problem following:

package tests

    import "github.com/revel/revel"
    import "github.com/PuerkitoBio/goquery"
    import "bytes"
    import "net/url"

    //import "net/http"

    var csrf string

    type AccountTest struct {
        revel.TestSuite
    }

    func (self *AccountTest) Before() {

        self.Get("/signup")
        site := bytes.NewBuffer(self.ResponseBody)
        doc, _ := goquery.NewDocumentFromReader(site)
        doc.Find("input").Each(func(i int, s *goquery.Selection) {
            name, exists := s.Attr("name")
            if name == "csrf_token" && exists {
                csrf, _ = s.Attr("value")
            }
        })

    }

    func (self *AccountTest) TestSignUp() {

        self.PostForm("/signup", url.Values{
            "name":         {"cormier"},
            "email":        {"cormier@sample.com"},
            "emailConfirm": {"cormier@sample.com"},
            "password":     {"Test!1234"},
            "termof":       {"true"},
            "csrf_token":   {csrf},
        })
        self.AssertOk()
        self.AssertContentType("text/html; charset=utf-8")
    }

    func (self *AccountTest) After() {
    }
softshipper
  • 32,463
  • 51
  • 192
  • 400