d-bis/explorer-monorepo
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bdae5a9f6e8e2a357a4f33f5159045e35ae31ec3
explorer-monorepo/backend/api/gateway/gateway_test.go
defiQUG bdae5a9f6e feat: explorer API, wallet, CCIP scripts, and config refresh 
- Backend REST/gateway/track routes, analytics, Blockscout proxy paths.
- Frontend wallet and liquidity surfaces; MetaMask token list alignment.
- Deployment docs, verification scripts, address inventory updates.

Check: go build ./... under backend/ (pass).
Made-with: Cursor
2026-04-07 23:22:12 -07:00

79 lines
2.0 KiB
Go
Raw Blame History

package gateway
import (
"net/http/httptest"
"testing"
"time"
)
func TestAuthMiddlewareRejectsAnonymousByDefault(t *testing.T) {
t.Setenv("GATEWAY_ALLOW_ANONYMOUS", "")
t.Setenv("GATEWAY_API_KEYS", "")
auth := NewAuthMiddleware()
req := httptest.NewRequest("GET", "http://example.com", nil)
if auth.Authenticate(req) {
t.Fatal("expected anonymous request to be rejected by default")
}
}
func TestAuthMiddlewareAllowsConfiguredAPIKey(t *testing.T) {
t.Setenv("GATEWAY_ALLOW_ANONYMOUS", "")
t.Setenv("GATEWAY_API_KEYS", "alpha,beta")
auth := NewAuthMiddleware()
req := httptest.NewRequest("GET", "http://example.com", nil)
req.Header.Set("X-API-Key", "beta")
if !auth.Authenticate(req) {
t.Fatal("expected configured API key to be accepted")
}
}
func TestAuthMiddlewareAllowsAnonymousOnlyWhenEnabled(t *testing.T) {
t.Setenv("GATEWAY_ALLOW_ANONYMOUS", "true")
t.Setenv("GATEWAY_API_KEYS", "")
auth := NewAuthMiddleware()
req := httptest.NewRequest("GET", "http://example.com", nil)
if !auth.Authenticate(req) {
t.Fatal("expected anonymous request to be accepted when explicitly enabled")
}
}
func TestRateLimiterBlocksAfterWindowBudget(t *testing.T) {
limiter := NewRateLimiter()
req := httptest.NewRequest("GET", "http://example.com", nil)
req.RemoteAddr = "203.0.113.10:1234"
for i := 0; i < gatewayRequestsPerMinute; i++ {
if !limiter.Allow(req) {
t.Fatalf("expected request %d to pass", i+1)
}
}
if limiter.Allow(req) {
t.Fatal("expected request over the per-minute budget to be rejected")
}
}
func TestRateLimiterResetsAfterWindow(t *testing.T) {
limiter := NewRateLimiter()
req := httptest.NewRequest("GET", "http://example.com", nil)
req.RemoteAddr = "203.0.113.11:1234"
if !limiter.Allow(req) {
t.Fatal("expected first request to pass")
}
limiter.mu.Lock()
limiter.limits["203.0.113.11"].resetAt = time.Now().Add(-time.Second)
limiter.mu.Unlock()
if !limiter.Allow(req) {
t.Fatal("expected limiter window to reset")
}
}
Reference in New Issue View Git Blame Copy Permalink