Pierre Fitness Platform MCP Server

security_csrf_test.rs•2.21 kB

// Integration tests for CSRF token manager // SPDX-License-Identifier: MIT OR Apache-2.0 // Copyright (c) 2025 Pierre Fitness Intelligence #![allow(missing_docs)] use pierre_mcp_server::security::csrf::CsrfTokenManager; use uuid::Uuid; #[tokio::test] async fn test_generate_csrf_token() -> anyhow::Result<()> { let manager = CsrfTokenManager::new(); let user_id = Uuid::new_v4(); let token = manager.generate_token(user_id).await?; // Token should be 64 characters (32 bytes hex encoded) assert_eq!(token.len(), 64, "CSRF token should be 64 characters"); // Token should be valid hex assert!( token.chars().all(|c| c.is_ascii_hexdigit()), "CSRF token should be valid hex" ); Ok(()) } #[tokio::test] async fn test_validate_csrf_token() -> anyhow::Result<()> { let manager = CsrfTokenManager::new(); let user_id = Uuid::new_v4(); let other_user_id = Uuid::new_v4(); let token = manager.generate_token(user_id).await?; // Valid token for correct user assert!( manager.validate_token(&token, user_id).await.is_ok(), "Valid token should pass validation" ); // Invalid token for different user assert!( manager.validate_token(&token, other_user_id).await.is_err(), "Token should fail for different user" ); // Invalid token string assert!( manager .validate_token("invalid_token", user_id) .await .is_err(), "Invalid token should fail validation" ); Ok(()) } #[tokio::test] async fn test_invalidate_csrf_token() -> anyhow::Result<()> { let manager = CsrfTokenManager::new(); let user_id = Uuid::new_v4(); let token = manager.generate_token(user_id).await?; // Token should be valid initially assert!( manager.validate_token(&token, user_id).await.is_ok(), "Token should be valid before invalidation" ); // Invalidate token manager.invalidate_token(&token).await; // Token should be invalid after invalidation assert!( manager.validate_token(&token, user_id).await.is_err(), "Token should be invalid after invalidation" ); Ok(()) }

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jfarcand/pierre_mcp_server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

security_csrf_test.rs•2.21 kB