chore: review comments

steveiliop56 · steveiliop56 · commit b60e546ecd77 · 2026-03-29T19:38:59.000+03:00
diff --git a/internal/controller/context_controller_test.go b/internal/controller/context_controller_test.go
@@ -125,7 +125,7 @@ func TestContextController(t *testing.T) {
 
 			router.ServeHTTP(recorder, request)
 
-			assert.Equal(t, recorder.Result().StatusCode, http.StatusOK)
+			assert.Equal(t, http.StatusOK, recorder.Code)
 			assert.Equal(t, test.expected, recorder.Body.String())
 		})
 	}
diff --git a/internal/controller/oidc_controller_test.go b/internal/controller/oidc_controller_test.go
@@ -329,7 +329,7 @@ func TestOIDCController(t *testing.T) {
 			},
 		},
 		{
-			description: "Ensure token endpoint deletes code afer use",
+			description: "Ensure token endpoint deletes code after use",
 			middlewares: []gin.HandlerFunc{
 				simpleCtx,
 			},
diff --git a/internal/controller/proxy_controller_test.go b/internal/controller/proxy_controller_test.go
@@ -282,7 +282,7 @@ func TestProxyController(t *testing.T) {
 			},
 		},
 		{
-			description: "Ensure user allow ACL allows correct user (should allow testuer)",
+			description: "Ensure user allow ACL allows correct user (should allow testuser)",
 			middlewares: []gin.HandlerFunc{
 				simpleCtx,
 			},
@@ -296,7 +296,7 @@ func TestProxyController(t *testing.T) {
 			},
 		},
 		{
-			description: "Ensure user allow ACL blocks incorrect user (should block testuer)",
+			description: "Ensure user allow ACL blocks incorrect user (should block totpuser)",
 			middlewares: []gin.HandlerFunc{
 				simpleCtxTotp,
 			},
diff --git a/internal/controller/user_controller_test.go b/internal/controller/user_controller_test.go
@@ -74,7 +74,7 @@ func TestUserController(t *testing.T) {
 				assert.Equal(t, "tinyauth-session", cookie.Name)
 				assert.True(t, cookie.HttpOnly)
 				assert.Equal(t, "example.com", cookie.Domain)
-				assert.Equal(t, cookie.MaxAge, 10)
+				assert.Equal(t, 10, cookie.MaxAge)
 			},
 		},
 		{
@@ -163,7 +163,7 @@ func TestUserController(t *testing.T) {
 				assert.Equal(t, "tinyauth-session", cookie.Name)
 				assert.True(t, cookie.HttpOnly)
 				assert.Equal(t, "example.com", cookie.Domain)
-				assert.Equal(t, cookie.MaxAge, 3600) // 1 hour, default for totp pending sessions
+				assert.Equal(t, 3600, cookie.MaxAge) // 1 hour, default for totp pending sessions
 			},
 		},
 		{
@@ -233,7 +233,7 @@ func TestUserController(t *testing.T) {
 				assert.Equal(t, "tinyauth-session", totpCookie.Name)
 				assert.True(t, totpCookie.HttpOnly)
 				assert.Equal(t, "example.com", totpCookie.Domain)
-				assert.Equal(t, totpCookie.MaxAge, 10) // should use the regular session expiry time
+				assert.Equal(t, 10, totpCookie.MaxAge) // should use the regular session expiry time
 			},
 		},
 		{
diff --git a/internal/controller/well_known_controller_test.go b/internal/controller/well_known_controller_test.go
@@ -66,7 +66,7 @@ func TestWellKnownController(t *testing.T) {
 					ServiceDocumentation:              "https://tinyauth.app/docs/guides/oidc",
 				}
 
-				assert.Equal(t, res, expected)
+				assert.Equal(t, expected, res)
 			},
 		},
 		{
diff --git a/internal/service/auth_service.go b/internal/service/auth_service.go
@@ -801,5 +801,5 @@ func (auth *AuthService) lockdownMode() {
 func (auth *AuthService) ClearRateLimitsTestingOnly() {
 	auth.loginMutex.Lock()
 	auth.loginAttempts = make(map[string]*LoginAttempt)
-  auth.loginMutex.Unlock()
+	auth.loginMutex.Unlock()
 }

Original file line number	Diff line number	Diff line change
`@@ -125,7 +125,7 @@ func TestContextController(t *testing.T) {`
`125`	`125`
`126`	`126`	`router.ServeHTTP(recorder, request)`
`127`	`127`
`128`		`- assert.Equal(t, recorder.Result().StatusCode, http.StatusOK)`
	`128`	`+ assert.Equal(t, http.StatusOK, recorder.Code)`
`129`	`129`	`assert.Equal(t, test.expected, recorder.Body.String())`
`130`	`130`	`})`
`131`	`131`	`}`
Original file line number	Diff line number	Diff line change
`@@ -329,7 +329,7 @@ func TestOIDCController(t *testing.T) {`
`329`	`329`	`},`
`330`	`330`	`},`
`331`	`331`	`{`
`332`		`- description: "Ensure token endpoint deletes code afer use",`
	`332`	`+ description: "Ensure token endpoint deletes code after use",`
`333`	`333`	`middlewares: []gin.HandlerFunc{`
`334`	`334`	`simpleCtx,`
`335`	`335`	`},`
Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ func TestWellKnownController(t *testing.T) {`
`66`	`66`	`ServiceDocumentation: "https://tinyauth.app/docs/guides/oidc",`
`67`	`67`	`}`
`68`	`68`
`69`		`- assert.Equal(t, res, expected)`
	`69`	`+ assert.Equal(t, expected, res)`
`70`	`70`	`},`
`71`	`71`	`},`
`72`	`72`	`{`
Original file line number	Diff line number	Diff line change
`@@ -801,5 +801,5 @@ func (auth *AuthService) lockdownMode() {`
`801`	`801`	`func (auth *AuthService) ClearRateLimitsTestingOnly() {`
`802`	`802`	`auth.loginMutex.Lock()`
`803`	`803`	`auth.loginAttempts = make(map[string]*LoginAttempt)`
`804`		`- auth.loginMutex.Unlock()`
	`804`	`+ auth.loginMutex.Unlock()`
`805`	`805`	`}`