mirror of
https://github.com/laurent22/joplin.git
synced 2025-01-26 18:58:21 +02:00
Server: Moved session tests to route
This commit is contained in:
Laurent Cozic
parent
fc58db5d1a
commit
247bd9bfd9
@ -1,38 +0,0 @@
|
|||||||
import { createUser, checkThrowAsync, beforeAllDb, afterAllTests, beforeEachDb, controllers } from '../../utils/testing/testUtils';
|
|
||||||
import { ErrorForbidden } from '../../utils/errors';
|
|
||||||
|
|
||||||
describe('SessionController', function() {
|
|
||||||
|
|
||||||
beforeAll(async () => {
|
|
||||||
await beforeAllDb('SessionController');
|
|
||||||
});
|
|
||||||
|
|
||||||
afterAll(async () => {
|
|
||||||
await afterAllTests();
|
|
||||||
});
|
|
||||||
|
|
||||||
beforeEach(async () => {
|
|
||||||
await beforeEachDb();
|
|
||||||
});
|
|
||||||
|
|
||||||
it('should authenticate a user and give back a session', async function() {
|
|
||||||
const user = await createUser(1);
|
|
||||||
const controller = controllers().apiSession();
|
|
||||||
const session = await controller.authenticate(user.email, '123456');
|
|
||||||
expect(!!session).toBe(true);
|
|
||||||
expect(!!session.id).toBe(true);
|
|
||||||
expect(!!session.user_id).toBe(true);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('should not give a session for invalid login', async function() {
|
|
||||||
const user = await createUser(1);
|
|
||||||
const controller = controllers().apiSession();
|
|
||||||
|
|
||||||
let error = await checkThrowAsync(async () => controller.authenticate(user.email, 'wrong'));
|
|
||||||
expect(error instanceof ErrorForbidden).toBe(true);
|
|
||||||
|
|
||||||
error = await checkThrowAsync(async () => controller.authenticate('wrong@wrong.com', '123456'));
|
|
||||||
expect(error instanceof ErrorForbidden).toBe(true);
|
|
||||||
});
|
|
||||||
|
|
||||||
});
|
|
||||||
@ -17,7 +17,7 @@ describe('notificationHandler', function() {
|
|||||||
});
|
});
|
||||||
|
|
||||||
test('should check admin password', async function() {
|
test('should check admin password', async function() {
|
||||||
const { user } = await createUserAndSession(1, true);
|
const { user, session } = await createUserAndSession(1, true);
|
||||||
|
|
||||||
const admin = await models().user({ userId: user.id }).save({
|
const admin = await models().user({ userId: user.id }).save({
|
||||||
email: defaultAdminEmail,
|
email: defaultAdminEmail,
|
||||||
@ -26,7 +26,7 @@ describe('notificationHandler', function() {
|
|||||||
});
|
});
|
||||||
|
|
||||||
{
|
{
|
||||||
const context = await koaAppContext({ owner: user });
|
const context = await koaAppContext({ sessionId: session.id });
|
||||||
await notificationHandler(context, koaNext);
|
await notificationHandler(context, koaNext);
|
||||||
|
|
||||||
const notifications: Notification[] = await models().notification().all();
|
const notifications: Notification[] = await models().notification().all();
|
||||||
@ -43,7 +43,7 @@ describe('notificationHandler', function() {
|
|||||||
password: 'changed!',
|
password: 'changed!',
|
||||||
});
|
});
|
||||||
|
|
||||||
const context = await koaAppContext({ owner: user });
|
const context = await koaAppContext({ sessionId: session.id });
|
||||||
await notificationHandler(context, koaNext);
|
await notificationHandler(context, koaNext);
|
||||||
|
|
||||||
const notifications: Notification[] = await models().notification().all();
|
const notifications: Notification[] = await models().notification().all();
|
||||||
|
|||||||
@ -22,7 +22,7 @@ describe('ownerHandler', function() {
|
|||||||
sessionId: session.id,
|
sessionId: session.id,
|
||||||
});
|
});
|
||||||
|
|
||||||
expect(!!context.owner).toBe(false);
|
context.owner = null;
|
||||||
|
|
||||||
await ownerHandler(context, koaNext);
|
await ownerHandler(context, koaNext);
|
||||||
|
|
||||||
@ -37,7 +37,7 @@ describe('ownerHandler', function() {
|
|||||||
sessionId: 'ihack',
|
sessionId: 'ihack',
|
||||||
});
|
});
|
||||||
|
|
||||||
expect(!!context.owner).toBe(false);
|
context.owner = null;
|
||||||
|
|
||||||
await ownerHandler(context, koaNext);
|
await ownerHandler(context, koaNext);
|
||||||
|
|
||||||
|
|||||||
@ -1,5 +1,6 @@
|
|||||||
import BaseModel from './BaseModel';
|
import BaseModel from './BaseModel';
|
||||||
import { User, Session } from '../db';
|
import { User, Session } from '../db';
|
||||||
|
import uuidgen from '../utils/uuidgen';
|
||||||
|
|
||||||
export default class SessionModel extends BaseModel {
|
export default class SessionModel extends BaseModel {
|
||||||
|
|
||||||
@ -14,4 +15,11 @@ export default class SessionModel extends BaseModel {
|
|||||||
return userModel.load(session.user_id);
|
return userModel.load(session.user_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public async createUserSession(userId: string): Promise<Session> {
|
||||||
|
return this.save({
|
||||||
|
id: uuidgen(),
|
||||||
|
user_id: userId,
|
||||||
|
}, { isNew: true });
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,6 +1,24 @@
|
|||||||
import { Session } from '../../db';
|
import { Session } from '../../db';
|
||||||
import routeHandler from '../../middleware/routeHandler';
|
import routeHandler from '../../middleware/routeHandler';
|
||||||
import { beforeAllDb, afterAllTests, beforeEachDb, koaAppContext, createUserAndSession, models } from '../../utils/testing/testUtils';
|
import { beforeAllDb, afterAllTests, beforeEachDb, koaAppContext, createUserAndSession, models } from '../../utils/testing/testUtils';
|
||||||
|
import { AppContext } from '../../utils/types';
|
||||||
|
|
||||||
|
async function postSession(email: string, password: string): Promise<AppContext> {
|
||||||
|
const context = await koaAppContext({
|
||||||
|
request: {
|
||||||
|
method: 'POST',
|
||||||
|
url: '/api/sessions',
|
||||||
|
body: {
|
||||||
|
email: email,
|
||||||
|
password: password,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
await routeHandler(context);
|
||||||
|
|
||||||
|
return context;
|
||||||
|
}
|
||||||
|
|
||||||
describe('api_sessions', function() {
|
describe('api_sessions', function() {
|
||||||
|
|
||||||
@ -19,19 +37,7 @@ describe('api_sessions', function() {
|
|||||||
test('should login user', async function() {
|
test('should login user', async function() {
|
||||||
const { user } = await createUserAndSession(1, false);
|
const { user } = await createUserAndSession(1, false);
|
||||||
|
|
||||||
const context = await koaAppContext({
|
const context = await postSession(user.email, '123456');
|
||||||
request: {
|
|
||||||
method: 'POST',
|
|
||||||
url: '/api/sessions',
|
|
||||||
body: {
|
|
||||||
email: user.email,
|
|
||||||
password: '123456',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
});
|
|
||||||
|
|
||||||
await routeHandler(context);
|
|
||||||
|
|
||||||
expect(context.response.status).toBe(200);
|
expect(context.response.status).toBe(200);
|
||||||
expect(!!context.response.body.id).toBe(true);
|
expect(!!context.response.body.id).toBe(true);
|
||||||
|
|
||||||
@ -42,20 +48,20 @@ describe('api_sessions', function() {
|
|||||||
test('should not login user with wrong password', async function() {
|
test('should not login user with wrong password', async function() {
|
||||||
const { user } = await createUserAndSession(1, false);
|
const { user } = await createUserAndSession(1, false);
|
||||||
|
|
||||||
const context = await koaAppContext({
|
{
|
||||||
request: {
|
const context = await postSession(user.email, 'wrong');
|
||||||
method: 'POST',
|
|
||||||
url: '/api/sessions',
|
|
||||||
body: {
|
|
||||||
email: user.email,
|
|
||||||
password: 'wrong',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
});
|
|
||||||
|
|
||||||
await routeHandler(context);
|
|
||||||
|
|
||||||
expect(context.response.status).toBe(403);
|
expect(context.response.status).toBe(403);
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
const context = await postSession('wrong@wrong.com', '123456');
|
||||||
|
expect(context.response.status).toBe(403);
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
const context = await postSession('', '');
|
||||||
|
expect(context.response.status).toBe(403);
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|||||||
@ -1,18 +1,28 @@
|
|||||||
import { SubPath, Route } from '../../utils/routeUtils';
|
import { SubPath, Route } from '../../utils/routeUtils';
|
||||||
import { ErrorNotFound } from '../../utils/errors';
|
import { ErrorForbidden, ErrorMethodNotAllowed, ErrorNotFound } from '../../utils/errors';
|
||||||
import { AppContext } from '../../utils/types';
|
import { AppContext } from '../../utils/types';
|
||||||
import { bodyFields } from '../../utils/requestUtils';
|
import { bodyFields } from '../../utils/requestUtils';
|
||||||
|
import { User } from '../../db';
|
||||||
|
|
||||||
const route: Route = {
|
const route: Route = {
|
||||||
|
|
||||||
exec: async function(path: SubPath, ctx: AppContext) {
|
exec: async function(path: SubPath, ctx: AppContext) {
|
||||||
|
|
||||||
|
// -------------------------------------------
|
||||||
|
// ROUTE api/sessions
|
||||||
|
// -------------------------------------------
|
||||||
|
|
||||||
if (!path.link) {
|
if (!path.link) {
|
||||||
if (ctx.method === 'POST') {
|
if (ctx.method === 'POST') {
|
||||||
const user = await bodyFields(ctx.req);
|
const fields: User = await bodyFields(ctx.req);
|
||||||
const sessionController = ctx.controllers.apiSession();
|
const user = await ctx.models.user().login(fields.email, fields.password);
|
||||||
const session = await sessionController.authenticate(user.email, user.password);
|
if (!user) throw new ErrorForbidden('Invalid username or password');
|
||||||
|
|
||||||
|
const session = await ctx.models.session().createUserSession(user.id);
|
||||||
return { id: session.id };
|
return { id: session.id };
|
||||||
}
|
}
|
||||||
|
|
||||||
|
throw new ErrorMethodNotAllowed();
|
||||||
}
|
}
|
||||||
|
|
||||||
throw new ErrorNotFound(`Invalid link: ${path.link}`);
|
throw new ErrorNotFound(`Invalid link: ${path.link}`);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user