/
auth.t
111 lines (86 loc) · 2.54 KB
/
auth.t
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# vim:set ft= ts=4 sw=4 et fdm=marker:
use lib 'lib';
use Test::Nginx::Socket::Lua;
#worker_connections(1014);
#master_process_enabled(1);
#log_level('warn');
#no_nginx_manager();
#repeat_each(1);
repeat_each(2);
plan tests => repeat_each() * (blocks() * 2 + 1);
#no_diff();
no_long_string();
run_tests();
__DATA__
=== TEST 1: basic test passing
--- config
location /lua {
lua_need_request_body on;
client_max_body_size 100k;
client_body_buffer_size 100k;
access_by_lua '
-- check the client IP addr is in our black list
if ngx.var.remote_addr == "132.5.72.3" then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
-- check if the request body contains bad words
if ngx.var.request_body and string.match(ngx.var.request_body, "fuck") then
return ngx.redirect("/terms_of_use.html")
end
-- tests passed
';
echo Logged in;
}
--- request
GET /lua
--- response_body
Logged in
=== TEST 2: bad words in request body
--- config
location /lua {
lua_need_request_body on;
client_max_body_size 100k;
client_body_buffer_size 100k;
access_by_lua '
-- check the client IP addr is in our black list
if ngx.var.remote_addr == "132.5.72.3" then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
-- check if the request body contains bad words
if ngx.var.request_body and string.match(ngx.var.request_body, "fuck") then
return ngx.redirect("/terms_of_use.html")
end
-- tests passed
';
echo Logged in;
}
--- request
POST /lua
He fucks himself!
--- response_body_like: 302 Found
--- response_headers_like
Location: /terms_of_use\.html
--- error_code: 302
=== TEST 3: client IP
--- config
location /lua {
lua_need_request_body on;
client_max_body_size 100k;
client_body_buffer_size 100k;
access_by_lua '
-- check the client IP addr is in our black list
if ngx.var.remote_addr == "127.0.0.1" then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
-- check if the request body contains bad words
if ngx.var.request_body and string.match(ngx.var.request_body, "fuck") then
return ngx.redirect("/terms_of_use.html")
end
-- tests passed
';
echo Logged in;
}
--- request
GET /lua
--- response_body_like: 403 Forbidden
--- error_code: 403