File: auth.t

package info (click to toggle)
nginx 1.18.0-6.1%2Bdeb11u3
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 19,344 kB
  • sloc: ansic: 250,653; perl: 7,548; sh: 1,408; ruby: 879; python: 358; makefile: 338; awk: 36; cpp: 18
file content (109 lines) | stat: -rw-r--r-- 2,585 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
 
# vim:set ft= ts=4 sw=4 et fdm=marker:
use Test::Nginx::Socket::Lua;

#worker_connections(1014);
#master_process_enabled(1);
#log_level('warn');
#no_nginx_manager();

#repeat_each(1);
repeat_each(2);

plan tests => repeat_each() * (blocks() * 2 + 1);

#no_diff();
no_long_string();
run_tests();

__DATA__

=== TEST 1: basic test passing
--- config
    location /lua {
        lua_need_request_body on;
        client_max_body_size 100k;
        client_body_buffer_size 100k;

        access_by_lua '
            -- check the client IP addr is in our black list
            if ngx.var.remote_addr == "132.5.72.3" then
                ngx.exit(ngx.HTTP_FORBIDDEN)
            end

            -- check if the request body contains bad words
            if ngx.var.request_body and string.match(ngx.var.request_body, "fuck") then
                return ngx.redirect("/terms_of_use.html")
            end

            -- tests passed
        ';

        echo Logged in;
    }
--- request
GET /lua
--- response_body
Logged in



=== TEST 2: bad words in request body
--- config
    location /lua {
        lua_need_request_body on;
        client_max_body_size 100k;
        client_body_buffer_size 100k;

        access_by_lua '
            -- check the client IP addr is in our black list
            if ngx.var.remote_addr == "132.5.72.3" then
                ngx.exit(ngx.HTTP_FORBIDDEN)
            end

            -- check if the request body contains bad words
            if ngx.var.request_body and string.match(ngx.var.request_body, "fuck") then
                return ngx.redirect("/terms_of_use.html")
            end

            -- tests passed
        ';

        echo Logged in;
    }
--- request
POST /lua
He fucks himself!
--- response_body_like: 302 Found
--- response_headers_like
Location: /terms_of_use\.html
--- error_code: 302



=== TEST 3: client IP
--- config
    location /lua {
        lua_need_request_body on;
        client_max_body_size 100k;
        client_body_buffer_size 100k;

        access_by_lua '
            -- check the client IP addr is in our black list
            if ngx.var.remote_addr == "127.0.0.1" then
                ngx.exit(ngx.HTTP_FORBIDDEN)
            end

            -- check if the request body contains bad words
            if ngx.var.request_body and string.match(ngx.var.request_body, "fuck") then
                return ngx.redirect("/terms_of_use.html")
            end

            -- tests passed
        ';

        echo Logged in;
    }
--- request
GET /lua
--- response_body_like: 403 Forbidden
--- error_code: 403