-
-
Notifications
You must be signed in to change notification settings - Fork 137
/
mongoose-db.redis-store.spec.ts
230 lines (186 loc) 路 5.42 KB
/
mongoose-db.redis-store.spec.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
// std
import { strictEqual } from 'assert';
// 3p
import {
Context,
createApp,
dependency,
Get,
hashPassword,
Hook,
HttpResponseForbidden,
HttpResponseNoContent,
HttpResponseOK,
HttpResponseUnauthorized,
logOut,
Post,
Session,
TokenRequired,
ValidateBody,
verifyPassword
} from '@foal/core';
import { RedisStore } from '@foal/redis';
import { connect, disconnect, Document, Model, model, Schema } from 'mongoose';
import { createClient } from 'redis';
import * as request from 'supertest';
// FoalTS
import { fetchUser } from '@foal/mongoose';
describe('[Sample] Mongoose DB & Redis Store', async () => {
let app: any;
let token: string;
let redisClient: any;
const UserSchema: Schema = new Schema({
email: {
required: true,
type: String,
unique: true
},
isAdmin: {
required: true,
type: Boolean,
},
password: {
required: true,
type: String,
},
});
interface IUser extends Document {
email: string;
password: string;
isAdmin: boolean;
}
const UserModel: Model<IUser> = model('User', UserSchema);
function AdminRequired() {
return Hook((ctx: Context<IUser>) => {
if (!ctx.user.isAdmin) {
return new HttpResponseForbidden();
}
});
}
@TokenRequired({ user: fetchUser(UserModel), store: RedisStore })
class MyController {
@Get('/foo')
foo() {
return new HttpResponseOK();
}
@Get('/bar')
@AdminRequired()
bar() {
return new HttpResponseOK();
}
}
class AuthController {
@dependency
store: RedisStore;
@Get('/logout')
async logout(ctx: Context<any, Session>) {
await logOut(ctx, this.store, { cookie: true });
return new HttpResponseNoContent();
}
@Post('/login')
@ValidateBody({
additionalProperties: false,
properties: {
email: { type: 'string', format: 'email' },
password: { type: 'string' }
},
required: ['email', 'password'],
type: 'object',
})
async login(ctx: Context) {
const user = await UserModel.findOne({ email: ctx.request.body.email });
if (!user) {
return new HttpResponseUnauthorized();
}
if (!await verifyPassword(ctx.request.body.password, user.password)) {
return new HttpResponseUnauthorized();
}
const session = await this.store.createAndSaveSessionFromUser({ id: user._id });
return new HttpResponseOK({
token: session.getToken()
});
}
}
class AppController {
subControllers = [
MyController,
AuthController
];
}
before(async () => {
process.env.SETTINGS_SESSION_SECRET = 'session-secret';
await connect('mongodb://localhost:27017/e2e_db', { useNewUrlParser: true, useCreateIndex: true });
redisClient = createClient();
await new Promise((resolve, reject) => {
UserModel.deleteMany({}, err => err ? reject(err) : resolve());
});
await new Promise((resolve, reject) => {
redisClient.flushdb((err, success) => {
if (err) {
return reject(err);
}
resolve(success);
});
});
const user = new UserModel();
user.email = 'john@foalts.org';
user.password = await hashPassword('password');
user.isAdmin = false;
await user.save();
app = createApp(AppController);
});
after(() => {
delete process.env.SETTINGS_SESSION_SECRET;
return Promise.all([
disconnect(),
redisClient.end(true)
]);
});
it('should work.', async () => {
/* Try to access routes that require authentication and a specific permission */
await Promise.all([
request(app).get('/foo').expect(400),
request(app).get('/bar').expect(400),
]);
/* Try to login with a wrong email */
await request(app)
.post('/login')
.send({ email: 'mary@foalts.org', password: 'password' })
.expect(401);
/* Try to login with a wrong password */
await request(app)
.post('/login')
.send({ email: 'john@foalts.org', password: 'wrong-password' })
.expect(401);
/* Log in */
await request(app)
.post('/login')
.send({ email: 'john@foalts.org', password: 'password' })
.expect(200)
.then(response => {
strictEqual(typeof response.body.token, 'string');
token = response.body.token;
});
/* Access and try to access routes that require authentication and a specific permission */
await Promise.all([
request(app).get('/foo').set('Authorization', `Bearer ${token}`).expect(200),
request(app).get('/bar').set('Authorization', `Bearer ${token}`).expect(403),
]);
/* Add the admin group and permission */
const user2 = await UserModel.findOne({ email: 'john@foalts.org' });
if (!user2) {
throw new Error('John was not found in the database.');
}
user2.isAdmin = true;
await user2.save();
/* Access the route that requires a specific permission */
await request(app).get('/bar').set('Authorization', `Bearer ${token}`).expect(200);
/* Log out */
await request(app).get('/logout').set('Authorization', `Bearer ${token}`).expect(204);
/* Try to access routes that require authentication and a specific permission */
await Promise.all([
request(app).get('/foo').set('Authorization', `Bearer ${token}`).expect(401),
request(app).get('/bar').set('Authorization', `Bearer ${token}`).expect(401),
]);
});
});