Home Explore Help
Sign In
wiki
/
weseek__growi
mirror of https://github.com/weseek/growi
2
0
Fork 0
Files Issues 0 Wiki
Tree: 0d4c2c60ad
Branches Tags
weseek__growi
/
packages
/
app
/
src
/
test
/
middlewares
/
access-token-parser.test.js

access-token-parser.test.js 2.1 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 
  1. const mongoose = require('mongoose');
    2. 

  2. 

  3. const { getInstance } = require('../setup-crowi');
    4. 

  4. 

  5. describe('accessTokenParser', () => {
    6. 

  6.   let crowi;
    7. 

  7.   let accessTokenParser;
    8. 

  8. 

  9.   let User;
    10. 

  10.   let targetUser;
    11. 

  11. 

  12.   beforeAll(async(done) => {
    13. 

  13.     crowi = await getInstance();
    14. 

  14.     User = mongoose.model('User');
    15. 

  15.     accessTokenParser = require('@server/middlewares/access-token-parser')(crowi);
    16. 

  16. 

  17.     targetUser = await User.create({
    18. 

  18.       name: 'Example for access token parser',
    19. 

  19.       username: 'targetUser',
    20. 

  20.       password: 'usertestpass',
    21. 

  21.       lang: 'en_US',
    22. 

  22.       apiToken: 'N4xPDjh48TBsC7ahUN+ajjL5asnGpwtA5VAR+EhIDeg=',
    23. 

  23.     });
    24. 

  24. 

  25. 

  26.     done();
    27. 

  27.   });
    28. 

  28. 

  29.   crowi = {
    30. 

  30.     model: jest.fn().mockReturnValue(User),
    31. 

  31.   };
    32. 

  32.   const req = {
    33. 

  33.     skipCsrfVerify: false,
    34. 

  34.     query: {},
    35. 

  35.     body: {},
    36. 

  36.     user: {},
    37. 

  37.   };
    38. 

  38. 

  39.   const res = {};
    40. 

  40.   const next = jest.fn().mockReturnValue('next');
    41. 

  41. 

  42.   test('without accessToken', async() => {
    43. 

  43.     const result = await accessTokenParser(req, res, next);
    44. 

  44. 

  45.     expect(next).toHaveBeenCalled();
    46. 

  46.     expect(result).toBe('next');
    47. 

  47.     expect(req.skipCsrfVerify).toBe(false);
    48. 

  48.   });
    49. 

  49. 

  50.   test('with invalid accessToken', async() => {
    51. 

  51.     req.query.access_token = 'invalidAccessToken';
    52. 

  52. 

  53.     const result = await accessTokenParser(req, res, next);
    54. 

  54. 

  55.     expect(next).toHaveBeenCalled();
    56. 

  56.     expect(result).toBe('next');
    57. 

  57.     expect(req.skipCsrfVerify).toBe(false);
    58. 

  58.   });
    59. 

  59. 

  60.   test('with accessToken in query', async() => {
    61. 

  61.     req.query.access_token = 'N4xPDjh48TBsC7ahUN+ajjL5asnGpwtA5VAR+EhIDeg=';
    62. 

  62. 

  63.     const result = await accessTokenParser(req, res, next);
    64. 

  64. 

  65.     expect(next).toHaveBeenCalled();
    66. 

  66.     expect(result).toBe('next');
    67. 

  67.     expect(req.skipCsrfVerify).toBe(true);
    68. 

  68.     expect(req.user._id).toStrictEqual(targetUser._id);
    69. 

  69.   });
    70. 

  70. 

  71.   test('with accessToken in body', async() => {
    72. 

  72.     req.body.access_token = 'N4xPDjh48TBsC7ahUN+ajjL5asnGpwtA5VAR+EhIDeg=';
    73. 

  73. 

  74.     const result = await accessTokenParser(req, res, next);
    75. 

  75. 

  76.     expect(next).toHaveBeenCalled();
    77. 

  77.     expect(result).toBe('next');
    78. 

  78.     expect(req.skipCsrfVerify).toBe(true);
    79. 

  79.     expect(req.user._id).toStrictEqual(targetUser._id);
    80. 

  80.   });
    81. 

  81. 

  82. 

  83. });
    84.