auth-server-helper/test/index.js

/*
 * Copyright (C) Sapphirecode - All Rights Reserved
 * This file is part of auth-server-helper which is released under MIT.
 * See file 'LICENSE' for full license details.
 * Created by Timo Hocker <timo@scode.ovh>, May 2020
 */

// @ts-nocheck
'use strict';

const test = require ('ava');
const mock_server = require ('../mock_server');
const client = require ('@sapphirecode/auth-client-helper');
const consts = require ('@sapphirecode/consts');
const fetch = require ('node-fetch');

test.before (async () => {
  await mock_server.start_server ();
});

test ('login', async (t) => {
  const session = await client.login (
    'testuser',
    'foo',
    'http://localhost:3000'
  );

  t.is (typeof session, 'string');

  const resp = await fetch ('http://localhost:3000', { headers: { session } });

  t.is (resp.status, consts.http.status_ok);
  t.is (await resp.text (), 'foo');
});

test ('allow access to excluded paths', async (t) => {
  const resp = await fetch ('http://localhost:3000/noauthreg');

  t.is (resp.status, consts.http.status_ok);
  t.is (await resp.text (), 'foo');
});

test ('allow access to excluded paths with correct method', async (t) => {
  const resp = await fetch (
    'http://localhost:3000/noauthobj',
    { method: 'POST' }
  );

  t.is (resp.status, consts.http.status_ok);
  t.is (await resp.text (), 'foo');
});

test ('reject access to excluded paths with wrong method', async (t) => {
  const resp = await fetch (
    'http://localhost:3000/noauthobj'
  );

  t.is (resp.status, consts.http.status_unauthorized);
});

test ('reject invalid user', async (t) => {
  await t.throwsAsync (client.login (
    'foo',
    'foo',
    'http://localhost:3000'
  ));
});

test ('reject invalid password', async (t) => {
  await t.throwsAsync (client.login (
    'testuser',
    'bar',
    'http://localhost:3000'
  ));
});