obscura-server 0.9.1

A server for relaying secure messages using the Signal Protocol
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

#![allow(
    clippy::unwrap_used,
    clippy::panic,
    clippy::todo,
    clippy::missing_panics_doc,
    clippy::must_use_candidate,
    missing_debug_implementations,
    clippy::cast_precision_loss,
    clippy::clone_on_ref_ptr,
    clippy::match_same_arms,
    clippy::items_after_statements,
    unreachable_pub,
    clippy::print_stdout,
    clippy::similar_names
)]
use obscura_server::adapters::database::message_repo::MessageRepository;
use reqwest::StatusCode;

mod common;

#[tokio::test]
async fn test_message_limit_fifo() {
    let app = common::TestApp::spawn().await;

    // Clear DB to ensure clean state (though new run_ids usually handle isolation,
    // but here we count exact messages for one user)
    sqlx::query("DELETE FROM messages").execute(&app.pool).await.unwrap();

    let user_a = app.register_user(&common::generate_username("alice")).await;
    let user_b = app.register_user(&common::generate_username("bob")).await;

    // Flood 1005 messages
    for i in 0..1005 {
        let payload = format!("msg_{i}").into_bytes();
        app.send_message(&user_a.token, user_b.device_id, &payload).await;
    }

    // Manually trigger cleanup using the repo
    let repo = MessageRepository::new();
    let mut conn = app.pool.acquire().await.unwrap();
    repo.delete_global_overflow(&mut conn, 1000).await.expect("Failed to run cleanup");

    // Connect WS and verify first message is msg_5 (0-4 dropped)
    let mut ws = app.connect_ws(&user_b.token).await;

    if let Some(env) = ws.receive_envelope().await {
        let content = env.message;
        assert_eq!(content, b"msg_5", "First message should be msg_5 (0-4 should have been pruned)");
    } else {
        panic!("No messages received");
    }
}

#[tokio::test]
async fn test_rate_limiting() {
    // 1. Setup with strict limits (1 req/s)
    let mut config = common::get_test_config();
    config.rate_limit.per_second = 1;
    config.rate_limit.burst = 1;

    let app = common::TestApp::spawn_with_config(config).await;

    // 2. First request (OK - or 401/404 but not 429)
    // We use a random token to avoid auth processing cost affecting timing too much,
    // but rate limiting happens before auth in the middleware chain.
    let resp1 = app
        .client
        .get(format!("{}/v1/gateway?token=bad", app.server_url)) // HTTP request to upgrade endpoint
        .send()
        .await
        .unwrap();

    assert_ne!(resp1.status(), StatusCode::TOO_MANY_REQUESTS);

    // 3. Second request immediately (Should be 429)
    let resp2 = app.client.get(format!("{}/v1/gateway?token=bad", app.server_url)).send().await.unwrap();

    assert_eq!(resp2.status(), StatusCode::TOO_MANY_REQUESTS);
}