-
Notifications
You must be signed in to change notification settings - Fork 0
/
decode.js
91 lines (78 loc) · 2.73 KB
/
decode.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
process.env.NODE_ENV = 'test';
const codemaster = require('codemaster');
const Req = codemaster.utils.mocks.express.req;
const { assert } = require('chai');
const jwt = require('jsonwebtoken');
const knex = require('../../../../knex');
const accessToken = require('../../../../models/middleware/accessToken');
const { thewall } = require('../../../../.chainfile');
// eslint-disable-next-line import/no-dynamic-require
const TheWall = require(thewall);
const secret = process.env.JWT_SECRET || 'JWT_CHINCHAY_SECRET_CODE';
const ONE_HOUR = 60 * 60;
const now = new Date().getTime() / 1000;
const YESTERDAY = now - 24 * ONE_HOUR;
const TOMORROW = now + 24 * ONE_HOUR;
describe('Middleware: accessToken: decode', () => { // eslint-disable-line
// eslint-disable-next-line no-undef
before(async () => {
await knex.seed.run();
});
it('req is undefined', (done) => { // eslint-disable-line
accessToken.decode(null, null, () => {
done();
});
});
it('TheWall is not bootstrapped', (done) => { // eslint-disable-line
const req = Req.generate();
const token = jwt.sign({ user: 1, exp: TOMORROW }, secret);
req.headers.Authorization = `Bearer ${token}`;
accessToken.unbootstrap();
accessToken.decode(req, null, () => {
assert.isUndefined(req.user);
done();
});
});
it('req has a user_id', (done) => { // eslint-disable-line
accessToken.bootstrap(TheWall);
const req = Req.generate();
req.user_id = 44;
accessToken.decode(req, null, () => {
assert.isUndefined(req.user);
done();
});
});
it('no token present', (done) => { // eslint-disable-line
const req = Req.generate();
delete req.isAuthenticated;
accessToken.decode(req, null, () => {
assert.isUndefined(req.user);
assert.isFalse(req.isAuthenticatedByToken());
done();
});
});
it('token is present but expired', (done) => { // eslint-disable-line
const req = Req.generate();
const token = jwt.sign({ user: 1, exp: YESTERDAY }, secret);
req.headers.Authorization = `Bearer ${token}`;
delete req.isAuthenticatedByToken;
accessToken.decode(req, null, () => {
assert.isUndefined(req.user);
assert.isFalse(req.isAuthenticatedByToken());
done();
});
});
it('token is valid', (done) => { // eslint-disable-line
const req = Req.generate();
const token = jwt.sign({ user: 1, exp: TOMORROW }, secret);
req.headers.Authorization = `Bearer ${token}`;
delete req.isAuthenticatedByToken;
accessToken.decode(req, null, () => {
assert.equal(req.user.id, 1);
assert.equal(req.user.access.length, 1);
assert.equal(req.user.access[0].role, 'admin');
assert.isTrue(req.isAuthenticatedByToken());
done();
});
});
});