mirror of
https://github.com/laurent22/joplin.git
synced 2024-12-24 10:27:10 +02:00
Server: Moved session tests to route
This commit is contained in:
parent
fc58db5d1a
commit
247bd9bfd9
@ -1,38 +0,0 @@
|
||||
import { createUser, checkThrowAsync, beforeAllDb, afterAllTests, beforeEachDb, controllers } from '../../utils/testing/testUtils';
|
||||
import { ErrorForbidden } from '../../utils/errors';
|
||||
|
||||
describe('SessionController', function() {
|
||||
|
||||
beforeAll(async () => {
|
||||
await beforeAllDb('SessionController');
|
||||
});
|
||||
|
||||
afterAll(async () => {
|
||||
await afterAllTests();
|
||||
});
|
||||
|
||||
beforeEach(async () => {
|
||||
await beforeEachDb();
|
||||
});
|
||||
|
||||
it('should authenticate a user and give back a session', async function() {
|
||||
const user = await createUser(1);
|
||||
const controller = controllers().apiSession();
|
||||
const session = await controller.authenticate(user.email, '123456');
|
||||
expect(!!session).toBe(true);
|
||||
expect(!!session.id).toBe(true);
|
||||
expect(!!session.user_id).toBe(true);
|
||||
});
|
||||
|
||||
it('should not give a session for invalid login', async function() {
|
||||
const user = await createUser(1);
|
||||
const controller = controllers().apiSession();
|
||||
|
||||
let error = await checkThrowAsync(async () => controller.authenticate(user.email, 'wrong'));
|
||||
expect(error instanceof ErrorForbidden).toBe(true);
|
||||
|
||||
error = await checkThrowAsync(async () => controller.authenticate('wrong@wrong.com', '123456'));
|
||||
expect(error instanceof ErrorForbidden).toBe(true);
|
||||
});
|
||||
|
||||
});
|
@ -17,7 +17,7 @@ describe('notificationHandler', function() {
|
||||
});
|
||||
|
||||
test('should check admin password', async function() {
|
||||
const { user } = await createUserAndSession(1, true);
|
||||
const { user, session } = await createUserAndSession(1, true);
|
||||
|
||||
const admin = await models().user({ userId: user.id }).save({
|
||||
email: defaultAdminEmail,
|
||||
@ -26,7 +26,7 @@ describe('notificationHandler', function() {
|
||||
});
|
||||
|
||||
{
|
||||
const context = await koaAppContext({ owner: user });
|
||||
const context = await koaAppContext({ sessionId: session.id });
|
||||
await notificationHandler(context, koaNext);
|
||||
|
||||
const notifications: Notification[] = await models().notification().all();
|
||||
@ -43,7 +43,7 @@ describe('notificationHandler', function() {
|
||||
password: 'changed!',
|
||||
});
|
||||
|
||||
const context = await koaAppContext({ owner: user });
|
||||
const context = await koaAppContext({ sessionId: session.id });
|
||||
await notificationHandler(context, koaNext);
|
||||
|
||||
const notifications: Notification[] = await models().notification().all();
|
||||
|
@ -22,7 +22,7 @@ describe('ownerHandler', function() {
|
||||
sessionId: session.id,
|
||||
});
|
||||
|
||||
expect(!!context.owner).toBe(false);
|
||||
context.owner = null;
|
||||
|
||||
await ownerHandler(context, koaNext);
|
||||
|
||||
@ -37,7 +37,7 @@ describe('ownerHandler', function() {
|
||||
sessionId: 'ihack',
|
||||
});
|
||||
|
||||
expect(!!context.owner).toBe(false);
|
||||
context.owner = null;
|
||||
|
||||
await ownerHandler(context, koaNext);
|
||||
|
||||
|
@ -1,5 +1,6 @@
|
||||
import BaseModel from './BaseModel';
|
||||
import { User, Session } from '../db';
|
||||
import uuidgen from '../utils/uuidgen';
|
||||
|
||||
export default class SessionModel extends BaseModel {
|
||||
|
||||
@ -14,4 +15,11 @@ export default class SessionModel extends BaseModel {
|
||||
return userModel.load(session.user_id);
|
||||
}
|
||||
|
||||
public async createUserSession(userId: string): Promise<Session> {
|
||||
return this.save({
|
||||
id: uuidgen(),
|
||||
user_id: userId,
|
||||
}, { isNew: true });
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -1,6 +1,24 @@
|
||||
import { Session } from '../../db';
|
||||
import routeHandler from '../../middleware/routeHandler';
|
||||
import { beforeAllDb, afterAllTests, beforeEachDb, koaAppContext, createUserAndSession, models } from '../../utils/testing/testUtils';
|
||||
import { AppContext } from '../../utils/types';
|
||||
|
||||
async function postSession(email: string, password: string): Promise<AppContext> {
|
||||
const context = await koaAppContext({
|
||||
request: {
|
||||
method: 'POST',
|
||||
url: '/api/sessions',
|
||||
body: {
|
||||
email: email,
|
||||
password: password,
|
||||
},
|
||||
},
|
||||
});
|
||||
|
||||
await routeHandler(context);
|
||||
|
||||
return context;
|
||||
}
|
||||
|
||||
describe('api_sessions', function() {
|
||||
|
||||
@ -19,19 +37,7 @@ describe('api_sessions', function() {
|
||||
test('should login user', async function() {
|
||||
const { user } = await createUserAndSession(1, false);
|
||||
|
||||
const context = await koaAppContext({
|
||||
request: {
|
||||
method: 'POST',
|
||||
url: '/api/sessions',
|
||||
body: {
|
||||
email: user.email,
|
||||
password: '123456',
|
||||
},
|
||||
},
|
||||
});
|
||||
|
||||
await routeHandler(context);
|
||||
|
||||
const context = await postSession(user.email, '123456');
|
||||
expect(context.response.status).toBe(200);
|
||||
expect(!!context.response.body.id).toBe(true);
|
||||
|
||||
@ -42,20 +48,20 @@ describe('api_sessions', function() {
|
||||
test('should not login user with wrong password', async function() {
|
||||
const { user } = await createUserAndSession(1, false);
|
||||
|
||||
const context = await koaAppContext({
|
||||
request: {
|
||||
method: 'POST',
|
||||
url: '/api/sessions',
|
||||
body: {
|
||||
email: user.email,
|
||||
password: 'wrong',
|
||||
},
|
||||
},
|
||||
});
|
||||
{
|
||||
const context = await postSession(user.email, 'wrong');
|
||||
expect(context.response.status).toBe(403);
|
||||
}
|
||||
|
||||
await routeHandler(context);
|
||||
{
|
||||
const context = await postSession('wrong@wrong.com', '123456');
|
||||
expect(context.response.status).toBe(403);
|
||||
}
|
||||
|
||||
expect(context.response.status).toBe(403);
|
||||
{
|
||||
const context = await postSession('', '');
|
||||
expect(context.response.status).toBe(403);
|
||||
}
|
||||
});
|
||||
|
||||
});
|
||||
|
@ -1,18 +1,28 @@
|
||||
import { SubPath, Route } from '../../utils/routeUtils';
|
||||
import { ErrorNotFound } from '../../utils/errors';
|
||||
import { ErrorForbidden, ErrorMethodNotAllowed, ErrorNotFound } from '../../utils/errors';
|
||||
import { AppContext } from '../../utils/types';
|
||||
import { bodyFields } from '../../utils/requestUtils';
|
||||
import { User } from '../../db';
|
||||
|
||||
const route: Route = {
|
||||
|
||||
exec: async function(path: SubPath, ctx: AppContext) {
|
||||
|
||||
// -------------------------------------------
|
||||
// ROUTE api/sessions
|
||||
// -------------------------------------------
|
||||
|
||||
if (!path.link) {
|
||||
if (ctx.method === 'POST') {
|
||||
const user = await bodyFields(ctx.req);
|
||||
const sessionController = ctx.controllers.apiSession();
|
||||
const session = await sessionController.authenticate(user.email, user.password);
|
||||
const fields: User = await bodyFields(ctx.req);
|
||||
const user = await ctx.models.user().login(fields.email, fields.password);
|
||||
if (!user) throw new ErrorForbidden('Invalid username or password');
|
||||
|
||||
const session = await ctx.models.session().createUserSession(user.id);
|
||||
return { id: session.id };
|
||||
}
|
||||
|
||||
throw new ErrorMethodNotAllowed();
|
||||
}
|
||||
|
||||
throw new ErrorNotFound(`Invalid link: ${path.link}`);
|
||||
|
Loading…
Reference in New Issue
Block a user