wiki
/
weseek__growi
огледало од https://github.com/weseek/growi


			
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
							const mongoose = require('mongoose');

const { getInstance } = require('../setup-crowi');

describe('accessTokenParser', () => {
  let crowi;
  let accessTokenParser;

  let User;
  let targetUser;

  beforeAll(async() => {
    crowi = await getInstance();
    User = mongoose.model('User');
    accessTokenParser = require('~/server/middlewares/access-token-parser')(crowi);

    targetUser = await User.create({
      name: 'Example for access token parser',
      username: 'targetUser',
      password: 'usertestpass',
      lang: 'en_US',
      apiToken: 'N4xPDjh48TBsC7ahUN+ajjL5asnGpwtA5VAR+EhIDeg=',
    });
  });

  crowi = {
    model: jest.fn().mockReturnValue(User),
  };
  const req = {
    skipCsrfVerify: false,
    query: {},
    body: {},
    user: {},
  };

  const res = {};
  const next = jest.fn().mockReturnValue('next');

  test('without accessToken', async() => {
    const result = await accessTokenParser(req, res, next);

    expect(next).toHaveBeenCalled();
    expect(result).toBe('next');
    expect(req.skipCsrfVerify).toBe(false);
  });

  test('with invalid accessToken', async() => {
    req.query.access_token = 'invalidAccessToken';

    const result = await accessTokenParser(req, res, next);

    expect(next).toHaveBeenCalled();
    expect(result).toBe('next');
    expect(req.skipCsrfVerify).toBe(false);
  });

  test('with accessToken in query', async() => {
    req.query.access_token = 'N4xPDjh48TBsC7ahUN+ajjL5asnGpwtA5VAR+EhIDeg=';

    const result = await accessTokenParser(req, res, next);

    expect(next).toHaveBeenCalled();
    expect(result).toBe('next');
    expect(req.skipCsrfVerify).toBe(true);
    expect(req.user._id).toStrictEqual(targetUser._id);
  });

  test('with accessToken in body', async() => {
    req.body.access_token = 'N4xPDjh48TBsC7ahUN+ajjL5asnGpwtA5VAR+EhIDeg=';

    const result = await accessTokenParser(req, res, next);

    expect(next).toHaveBeenCalled();
    expect(result).toBe('next');
    expect(req.skipCsrfVerify).toBe(true);
    expect(req.user._id).toStrictEqual(targetUser._id);
  });


});