91 lines
2.3 KiB
Go
91 lines
2.3 KiB
Go
package dbdata
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/xlzd/gotp"
|
|
)
|
|
|
|
func TestCheckUser(t *testing.T) {
|
|
ast := assert.New(t)
|
|
|
|
preIpData()
|
|
defer closeIpdata()
|
|
|
|
group := "group1"
|
|
|
|
// 添加一个组
|
|
dns := []ValData{{Val: "114.114.114.114"}}
|
|
route := []ValData{{Val: "192.168.1.1/24"}}
|
|
g := Group{Name: group, Status: 1, ClientDns: dns, RouteInclude: route}
|
|
err := SetGroup(&g)
|
|
ast.Nil(err)
|
|
// 判断 IpMask
|
|
ast.Equal(g.RouteInclude[0].IpMask, "192.168.1.1/255.255.255.0")
|
|
|
|
// 添加一个用户
|
|
u := User{Username: "aaa", Groups: []string{group}, Status: 1}
|
|
err = SetUser(&u)
|
|
ast.Nil(err)
|
|
|
|
// 验证 PinCode + OtpSecret
|
|
totp := gotp.NewDefaultTOTP(u.OtpSecret)
|
|
secret := totp.Now()
|
|
err = CheckUser("aaa", u.PinCode+secret, group)
|
|
ast.Nil(err)
|
|
|
|
// 单独验证密码
|
|
u.DisableOtp = true
|
|
_ = SetUser(&u)
|
|
err = CheckUser("aaa", u.PinCode, group)
|
|
ast.Nil(err)
|
|
|
|
// 添加一个radius组
|
|
group2 := "group2"
|
|
authData := map[string]interface{}{
|
|
"type": "radius",
|
|
"radius": map[string]string{
|
|
"addr": "192.168.1.12:1044",
|
|
"secret": "43214132",
|
|
},
|
|
}
|
|
g2 := Group{Name: group2, Status: 1, ClientDns: dns, RouteInclude: route, Auth: authData}
|
|
err = SetGroup(&g2)
|
|
ast.Nil(err)
|
|
err = CheckUser("aaa", "bbbbbbb", group2)
|
|
if ast.NotNil(err) {
|
|
ast.Equal("aaa Radius服务器连接异常, 请检测服务器和端口", err.Error())
|
|
}
|
|
// 添加用户策略
|
|
dns2 := []ValData{{Val: "8.8.8.8"}}
|
|
route2 := []ValData{{Val: "192.168.2.1/24"}}
|
|
p1 := Policy{Username: "aaa", Status: 1, ClientDns: dns2, RouteInclude: route2}
|
|
err = SetPolicy(&p1)
|
|
ast.Nil(err)
|
|
err = CheckUser("aaa", u.PinCode, group)
|
|
ast.Nil(err)
|
|
// 添加一个ldap组
|
|
group3 := "group3"
|
|
authData = map[string]interface{}{
|
|
"type": "ldap",
|
|
"ldap": map[string]interface{}{
|
|
"addr": "192.168.8.12:389",
|
|
"tls": true,
|
|
"bind_name": "userfind@abc.com",
|
|
"bind_pwd": "afdbfdsafds",
|
|
"base_dn": "dc=abc,dc=com",
|
|
"object_class": "person",
|
|
"search_attr": "sAMAccountName",
|
|
"member_of": "cn=vpn,cn=user,dc=abc,dc=com",
|
|
},
|
|
}
|
|
g3 := Group{Name: group3, Status: 1, ClientDns: dns, RouteInclude: route, Auth: authData}
|
|
err = SetGroup(&g3)
|
|
ast.Nil(err)
|
|
err = CheckUser("aaa", "bbbbbbb", group3)
|
|
if ast.NotNil(err) {
|
|
ast.Equal("aaa LDAP服务器连接异常, 请检测服务器和端口", err.Error())
|
|
}
|
|
}
|