add req.auth test coverage

lib/request.js

@@ -377,18 +377,18 @@ req.__defineGetter__('ips', function(){
  *    req.auth
  *    // => { username: 'tobi', password: 'hello' }
  *
- * @return {Object}
+ * @return {Object} or undefined
  * @api public
  */
 
 req.__defineGetter__('auth', function(){
   // missing
   var auth = this.get('Authorization');
-  if (!auth) return {};
+  if (!auth) return;
 
   // malformed
   auth = auth.split(' ')[1];
-  if (!auth) return {};
+  if (!auth) return;
 
   // credentials
   auth = new Buffer(auth, 'base64').toString().split(':');

test/req.auth.js

@@ -0,0 +1,49 @@
+
+var express = require('../')
+  , request = require('./support/http');
+
+describe('req', function(){
+  describe('.auth', function(){
+    describe('when Authorization is missing', function(){
+      it('should return undefined', function(done){
+        var app = express();
+
+        app.get('/', function(req, res){
+          res.send(req.auth || 'none');
+        });
+
+        request(app)
+        .get('/')
+        .expect('none', done)
+      })
+    })
+
+    describe('when Authorization is malformed', function(){
+      it('should return undefined', function(done){
+        var app = express();
+
+        app.get('/', function(req, res){
+          res.send(req.auth || 'none');
+        });
+
+        request(app)
+        .get('/')
+        .set('Authorization', 'meow')
+        .expect('none', done)
+      })
+    })
+
+    it('should return .username and .password', function(done){
+      var app = express();
+
+      app.get('/', function(req, res){
+        res.send(req.auth || 'none');
+      });
+
+      request(app)
+      .get('/')
+      .set('Authorization', 'Basic dG9iaTpmZXJyZXQ=')
+      .expect('{"username":"tobi","password":"ferret"}', done)
+    })
+  })
+})