صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
wiki
/
weseek__growi
mirrorاز https://github.com/weseek/growi
2
0
انشعاب 0
پرونده‌ها مشکلات 0 ویکی
درخت: deab4e0d66
شاخه‌ها تگ‌ها
weseek__growi
/
src
/
test
/
middlewares
/
access-token-parser.test.js

access-token-parser.test.js 2.2 KB
تاريخچه خام

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. const mongoose = require('mongoose');
    2. 

  2. 

  3. const { getInstance } = require('../setup-crowi');
    4. 

  4. 

  5. describe('loginRequired', () => {
    6. 

  6.   let crowi;
    7. 

  7.   let accessTokenParser;
    8. 

  8. 

  9.   let User;
    10. 

  10.   let targetUser;
    11. 

  11. 

  12.   beforeAll(async(done) => {
    13. 

  13.     crowi = await getInstance();
    14. 

  14.     User = mongoose.model('User');
    15. 

  15.     accessTokenParser = require('@server/middlewares/access-token-parser')(crowi);
    16. 

  16. 

  17.     targetUser = await User.create({
    18. 

  18.       name: 'Example for access token parser',
    19. 

  19.       username: 'targetUser',
    20. 

  20.       password: 'usertestpass',
    21. 

  21.       lang: 'en_US',
    22. 

  22.       apiToken: 'N4xPDjh48TBsC7ahUN+ajjL5asnGpwtA5VAR+EhIDeg=',
    23. 

  23.     });
    24. 

  24. 

  25. 

  26.     done();
    27. 

  27.   });
    28. 

  28. 

  29.   describe('accessTokenParser', () => {
    30. 

  30.     crowi = {
    31. 

  31.       model: jest.fn().mockReturnValue(User),
    32. 

  32.     };
    33. 

  33.     const req = {
    34. 

  34.       skipCsrfVerify: false,
    35. 

  35.       query: {},
    36. 

  36.       body: {},
    37. 

  37.       user: {},
    38. 

  38.     };
    39. 

  39.     const res = {};
    40. 

  40.     const next = jest.fn().mockReturnValue('next');
    41. 

  41. 

  42.     test('without accessToken', async() => {
    43. 

  43.       const result = await accessTokenParser(req, res, next);
    44. 

  44. 

  45.       expect(next).toHaveBeenCalled();
    46. 

  46.       expect(result).toBe('next');
    47. 

  47.       expect(req.skipCsrfVerify).toBe(false);
    48. 

  48.     });
    49. 

  49. 

  50.     test('with invalid accessToken', async() => {
    51. 

  51.       req.query.access_token = 'invalidAccessToken';
    52. 

  52. 

  53.       const result = await accessTokenParser(req, res, next);
    54. 

  54. 

  55.       expect(next).toHaveBeenCalled();
    56. 

  56.       expect(result).toBe('next');
    57. 

  57.       expect(req.skipCsrfVerify).toBe(false);
    58. 

  58.     });
    59. 

  59. 

  60.     test('with accessToken in query', async() => {
    61. 

  61.       req.query.access_token = 'N4xPDjh48TBsC7ahUN+ajjL5asnGpwtA5VAR+EhIDeg=';
    62. 

  62. 

  63.       const result = await accessTokenParser(req, res, next);
    64. 

  64. 

  65.       expect(next).toHaveBeenCalled();
    66. 

  66.       expect(result).toBe('next');
    67. 

  67.       expect(req.skipCsrfVerify).toBe(true);
    68. 

  68.       expect(req.user._id).toStrictEqual(targetUser._id);
    69. 

  69.     });
    70. 

  70. 

  71.     test('with accessToken in body', async() => {
    72. 

  72.       req.body.access_token = 'N4xPDjh48TBsC7ahUN+ajjL5asnGpwtA5VAR+EhIDeg=';
    73. 

  73. 

  74.       const result = await accessTokenParser(req, res, next);
    75. 

  75. 

  76.       expect(next).toHaveBeenCalled();
    77. 

  77.       expect(result).toBe('next');
    78. 

  78.       expect(req.skipCsrfVerify).toBe(true);
    79. 

  79.       expect(req.user._id).toStrictEqual(targetUser._id);
    80. 

  80.     });
    81. 

  81. 

  82. 

  83.   });
    84. 

  84. 

  85. });
    86.