Session wrapper around supertest.
References:
$ npm install --save-dev supertest supertest-session
$ npm test
Require supertest-session
and pass in the test application:
var session = require('supertest-session');
var myApp = require('../../path/to/app');
var testSession = null;
beforeEach(function () {
testSession = session(myApp);
});
And set some expectations:
it('should fail accessing a restricted page', function (done) {
testSession.get('/restricted')
.expect(401)
.end(done)
});
it('should sign in', function (done) {
testSession.post('/signin')
.send({ username: 'foo', password: 'password' })
.expect(200)
.end(done);
});
You can set preconditions:
describe('after authenticating session', function () {
var authenticatedSession;
beforeEach(function (done) {
testSession.post('/signin')
.send({ username: 'foo', password: 'password' })
.expect(200)
.end(function (err) {
if (err) return done(err);
authenticatedSession = testSession;
return done();
});
});
it('should get a restricted page', function (done) {
authenticatedSession.get('/restricted')
.expect(200)
.end(done)
});
});
The cookies attached to the session may be retrieved from session.cookies
:
var sessionCookie = testSession.cookies.find(function (cookie) {
return cookie.name === connect.sid;
});
If you're using
By default, supertest-session authenticates using session cookies. If your app
uses a custom strategy to restore sessions, you can provide before
and after
hooks to adjust the request and inspect the response:
var testSession = session(myApp, {
before: function (req) {
req.set('authorization', 'Basic aGVsbG86d29ybGQK');
}
});
By default supertest-session will derive the CookieAccessInfo config of the cookie jar from the agent configuration. There might be cases where you want to override this, e.g. if you're testing a service which is configured to run behind a proxy but which sets secure cookies. To have supertest-session expose these secure cookies you can provide an override config to the internal call to CookieAccessInfo:
var cookieAccess = {
domain: 'example.com',
path: '/testpath',
secure: true,
script: true,
};
var testSession = session(myApp, { cookieAccess: cookieAccess });
By default the underlying supertest
agent will still determine the CookieAccessInfo from the URL.
If you want supertest-session to instead send cookies according to this cookieAccess
config you
can make use of the before
hook:
var cookieAccess = {
domain: 'example.com',
path: '/testpath',
secure: true,
script: true,
};
var testSession = session(myApp, {
cookieAccess: cookieAccess,
before: function (req) {
req.cookies = this.cookies.toValueString();
},
});
MIT