1
0
mirror of https://github.com/laurent22/joplin.git synced 2024-12-24 10:27:10 +02:00

Server: Moved session tests to route

This commit is contained in:
Laurent Cozic 2021-01-13 22:06:47 +00:00
parent fc58db5d1a
commit 247bd9bfd9
6 changed files with 58 additions and 72 deletions

View File

@ -1,38 +0,0 @@
import { createUser, checkThrowAsync, beforeAllDb, afterAllTests, beforeEachDb, controllers } from '../../utils/testing/testUtils';
import { ErrorForbidden } from '../../utils/errors';
describe('SessionController', function() {
beforeAll(async () => {
await beforeAllDb('SessionController');
});
afterAll(async () => {
await afterAllTests();
});
beforeEach(async () => {
await beforeEachDb();
});
it('should authenticate a user and give back a session', async function() {
const user = await createUser(1);
const controller = controllers().apiSession();
const session = await controller.authenticate(user.email, '123456');
expect(!!session).toBe(true);
expect(!!session.id).toBe(true);
expect(!!session.user_id).toBe(true);
});
it('should not give a session for invalid login', async function() {
const user = await createUser(1);
const controller = controllers().apiSession();
let error = await checkThrowAsync(async () => controller.authenticate(user.email, 'wrong'));
expect(error instanceof ErrorForbidden).toBe(true);
error = await checkThrowAsync(async () => controller.authenticate('wrong@wrong.com', '123456'));
expect(error instanceof ErrorForbidden).toBe(true);
});
});

View File

@ -17,7 +17,7 @@ describe('notificationHandler', function() {
});
test('should check admin password', async function() {
const { user } = await createUserAndSession(1, true);
const { user, session } = await createUserAndSession(1, true);
const admin = await models().user({ userId: user.id }).save({
email: defaultAdminEmail,
@ -26,7 +26,7 @@ describe('notificationHandler', function() {
});
{
const context = await koaAppContext({ owner: user });
const context = await koaAppContext({ sessionId: session.id });
await notificationHandler(context, koaNext);
const notifications: Notification[] = await models().notification().all();
@ -43,7 +43,7 @@ describe('notificationHandler', function() {
password: 'changed!',
});
const context = await koaAppContext({ owner: user });
const context = await koaAppContext({ sessionId: session.id });
await notificationHandler(context, koaNext);
const notifications: Notification[] = await models().notification().all();

View File

@ -22,7 +22,7 @@ describe('ownerHandler', function() {
sessionId: session.id,
});
expect(!!context.owner).toBe(false);
context.owner = null;
await ownerHandler(context, koaNext);
@ -37,7 +37,7 @@ describe('ownerHandler', function() {
sessionId: 'ihack',
});
expect(!!context.owner).toBe(false);
context.owner = null;
await ownerHandler(context, koaNext);

View File

@ -1,5 +1,6 @@
import BaseModel from './BaseModel';
import { User, Session } from '../db';
import uuidgen from '../utils/uuidgen';
export default class SessionModel extends BaseModel {
@ -14,4 +15,11 @@ export default class SessionModel extends BaseModel {
return userModel.load(session.user_id);
}
public async createUserSession(userId: string): Promise<Session> {
return this.save({
id: uuidgen(),
user_id: userId,
}, { isNew: true });
}
}

View File

@ -1,6 +1,24 @@
import { Session } from '../../db';
import routeHandler from '../../middleware/routeHandler';
import { beforeAllDb, afterAllTests, beforeEachDb, koaAppContext, createUserAndSession, models } from '../../utils/testing/testUtils';
import { AppContext } from '../../utils/types';
async function postSession(email: string, password: string): Promise<AppContext> {
const context = await koaAppContext({
request: {
method: 'POST',
url: '/api/sessions',
body: {
email: email,
password: password,
},
},
});
await routeHandler(context);
return context;
}
describe('api_sessions', function() {
@ -19,19 +37,7 @@ describe('api_sessions', function() {
test('should login user', async function() {
const { user } = await createUserAndSession(1, false);
const context = await koaAppContext({
request: {
method: 'POST',
url: '/api/sessions',
body: {
email: user.email,
password: '123456',
},
},
});
await routeHandler(context);
const context = await postSession(user.email, '123456');
expect(context.response.status).toBe(200);
expect(!!context.response.body.id).toBe(true);
@ -42,20 +48,20 @@ describe('api_sessions', function() {
test('should not login user with wrong password', async function() {
const { user } = await createUserAndSession(1, false);
const context = await koaAppContext({
request: {
method: 'POST',
url: '/api/sessions',
body: {
email: user.email,
password: 'wrong',
},
},
});
{
const context = await postSession(user.email, 'wrong');
expect(context.response.status).toBe(403);
}
await routeHandler(context);
{
const context = await postSession('wrong@wrong.com', '123456');
expect(context.response.status).toBe(403);
}
expect(context.response.status).toBe(403);
{
const context = await postSession('', '');
expect(context.response.status).toBe(403);
}
});
});

View File

@ -1,18 +1,28 @@
import { SubPath, Route } from '../../utils/routeUtils';
import { ErrorNotFound } from '../../utils/errors';
import { ErrorForbidden, ErrorMethodNotAllowed, ErrorNotFound } from '../../utils/errors';
import { AppContext } from '../../utils/types';
import { bodyFields } from '../../utils/requestUtils';
import { User } from '../../db';
const route: Route = {
exec: async function(path: SubPath, ctx: AppContext) {
// -------------------------------------------
// ROUTE api/sessions
// -------------------------------------------
if (!path.link) {
if (ctx.method === 'POST') {
const user = await bodyFields(ctx.req);
const sessionController = ctx.controllers.apiSession();
const session = await sessionController.authenticate(user.email, user.password);
const fields: User = await bodyFields(ctx.req);
const user = await ctx.models.user().login(fields.email, fields.password);
if (!user) throw new ErrorForbidden('Invalid username or password');
const session = await ctx.models.session().createUserSession(user.id);
return { id: session.id };
}
throw new ErrorMethodNotAllowed();
}
throw new ErrorNotFound(`Invalid link: ${path.link}`);