Skip to content

Commit

Permalink
add unit tests for basic auth middleware
Browse files Browse the repository at this point in the history
  • Loading branch information
@gesellix
gesellix committed Jan 24, 2016
1 parent 3157c6a commit e86fcf4
Show file tree
Hide file tree
Showing 3 changed files with 86 additions and 3 deletions.
8 changes: 6 additions & 2 deletions lib/basic-auth.js
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
(function () {
"use strict";

var express = require('express');
var _ = require('lodash');
var basicAuth = require('basic-auth');

var createAuth = function (config) {
return function (req, res, next) {
var auth = function (req, res, next) {
function unauthorized(res) {
res.set('WWW-Authenticate', 'Basic realm=Authorization Required');
return res.sendStatus(401);
Expand All @@ -21,10 +22,13 @@
if (!user || !user.name || !user.pass) {
return unauthorized(res);
}
var isValid = user.name === config.basicAuth.username && user.pass === config.basicAuth.password;
var isValid = user.name === config.username && user.pass === config.password;
return isValid ? next() : unauthorized(res);
}
};
var app = express();
app.use(auth);
return app;
};

module.exports = function (config) {
Expand Down
2 changes: 1 addition & 1 deletion server.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
app.use(require("compression")());

if (config.basicAuth && config.basicAuth.enabled) {
app.use(keepassLib.BasicAuth(config));
app.use(keepassLib.BasicAuth(config.basicAuth));
}

if (config.googleDrive && config.googleDrive.enabled) {
Expand Down
79 changes: 79 additions & 0 deletions test/basic-auth-test.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
var request = require('supertest');
var chai = require("chai");
var chaiAsPromised = require("chai-as-promised");
chai.use(chaiAsPromised);
var should = chai.should();
var util = require('./test-util/util');

var config = {
basicAuth: {
"username": 'basic-user',
"password": 'basic-pass'
}
};
var BasicAuth = require('../lib').BasicAuth;

describe('basic-auth', function () {
describe('unauthorized request', function () {
it('should respond with status 401 and WWW-Authenticate Basic auth header', function (done) {

var app = BasicAuth({});
request(app)
.get('/')
.expect(401)
.end(function (err, res) {
res.header['www-authenticate'].should.equal('Basic realm=Authorization Required');
done();
});
});
});
describe('wrong Authorization', function () {
it('should respond with status 401 and WWW-Authenticate Basic auth header', function (done) {

var base64Auth = new Buffer("basic-user:wrong-pass").toString('base64');

var app = BasicAuth(config.basicAuth);
app.use('/test', function (req, res) {
res.status(200).send({msg: "passed"});
});
request(app)
.get('/test')
.set('Authorization', 'Basic ' + base64Auth)
.expect(401)
.end(function (err, res) {
res.header['www-authenticate'].should.equal('Basic realm=Authorization Required');
done();
});
});
});
describe('Basic authorized request', function () {
it('should pass and respond with status 200', function (done) {

var base64Auth = new Buffer("basic-user:basic-pass").toString('base64');

var app = BasicAuth(config.basicAuth);
app.use('/test', function (req, res) {
res.status(200).send({msg: "passed"});
});
request(app)
.get('/test')
.set('Authorization', 'Basic ' + base64Auth)
.expect(200, done);
});
});
describe('Bearer authorized request', function () {
it('should skip Basic auth checks', function (done) {

var base64Auth = new Buffer("j.w.t").toString('base64');

var app = BasicAuth(config.basicAuth);
app.use('/test', function (req, res) {
res.status(200).send({msg: "passed"});
});
request(app)
.get('/test')
.set('Authorization', 'Bearer ' + base64Auth)
.expect(200, done);
});
});
});

0 comments on commit e86fcf4

Please sign in to comment.