package auth import ( "net/http" "net/http/httptest" "testing" "github.com/bxcodec/faker/v3" "github.com/stretchr/testify/assert" ) func TestAuthorizationMiddleware(t *testing.T) { token := faker.Word() t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) { handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) }) middleware := AuthenticationMiddleware{ Secret: token, } middlewareHandler := middleware.Middleware(handler) request, _ := http.NewRequest("GET", "/", nil) responseRecorder := httptest.NewRecorder() middlewareHandler.ServeHTTP(responseRecorder, request) assert.Equal(t, 403, responseRecorder.Code) }) t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) { handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) }) middleware := AuthenticationMiddleware{ Secret: token, } middlewareHandler := middleware.Middleware(handler) request, _ := http.NewRequest("GET", "/", nil) request.Header.Set("Authorization", token) responseRecorder := httptest.NewRecorder() middlewareHandler.ServeHTTP(responseRecorder, request) assert.Equal(t, 200, responseRecorder.Code) }) }