Tests for password hashes

Signed-off-by: Olivier 'reivilibre <olivier@librepush.net>

src/passwords.rs

@@ -52,3 +52,43 @@ pub fn check_hash(password: &str, hash: &str) -> eyre::Result<bool> {
 
     Ok(argon2.verify_password(password.as_bytes(), &hash).is_ok())
 }
+
+#[cfg(test)]
+mod test {
+    use rstest::{fixture, rstest};
+
+    use crate::{config::PasswordHashingConfig, passwords::check_hash};
+
+    use super::create_password_hash;
+
+    /// Password hash for "secret"
+    const EXAMPLE_SECRET_PASSWORD_HASH: &str = "$argon2id$v=19$m=512,t=1,p=1$Z11PjkMSx/rm4IbDzDmK2Q$VtUH6Iee/GD1FltULyLf6/QRwjNA9d5+mjAKS+WzlZw";
+
+    /// Password hash for "verysecret"
+    const EXAMPLE_VERYSECRET_PASSWORD_HASH: &str = "$argon2id$v=19$m=512,t=1,p=1$tcGnJC8EOR4B43z35roeFg$o3grpVK9HAb3850iRI1/nXR+nPZbyFWchmkbkBhm7Co";
+
+    #[fixture]
+    fn password_config() -> PasswordHashingConfig {
+        PasswordHashingConfig {
+            memory: 512,
+            iterations: 1,
+            parallelism: 1,
+        }
+    }
+
+    #[rstest]
+    fn test_valid_password(password_config: PasswordHashingConfig) {
+        let pwh = create_password_hash("secret", &password_config).unwrap();
+
+        assert!(check_hash("secret", &pwh).unwrap());
+        assert!(check_hash("secret", EXAMPLE_SECRET_PASSWORD_HASH).unwrap());
+    }
+
+    #[rstest]
+    fn test_invalid_password(password_config: PasswordHashingConfig) {
+        let pwh = create_password_hash("verysecret", &password_config).unwrap();
+
+        assert!(!check_hash("secret", &pwh).unwrap());
+        assert!(!check_hash("secret", EXAMPLE_VERYSECRET_PASSWORD_HASH).unwrap());
+    }
+}