forked from remotestorage/armadietto
-
Notifications
You must be signed in to change notification settings - Fork 0
/
signup_spec.js
141 lines (126 loc) · 4.73 KB
/
signup_spec.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
/* eslint-env mocha, chai, node */
/* eslint-disable no-unused-expressions */
const chai = require('chai');
const chaiHttp = require('chai-http');
const spies = require('chai-spies');
const expect = chai.expect;
const Armadietto = require('../../lib/armadietto');
chai.use(chaiHttp);
chai.use(spies);
const store = {
async createUser (params) {
}
};
const port = '4569';
const host = `http://localhost:${port}`;
const req = chai.request(host);
const get = async (path) => {
const ret = await req.get(path).buffer(true);
return ret;
};
describe('Home w/o signup and no base path', () => {
before(async () => {
this._server = new Armadietto({
store,
http: { port },
logging: { log_dir: './test-log', stdout: [], log_files: ['notice'] }
});
await this._server.boot();
});
after(async () => {
await this._server.stop();
});
it('returns a home page', async () => {
const res = await get('/');
expect(res).not.to.redirect;
expect(res).to.have.status(200);
expect(res).to.have.header('Content-Security-Policy', /sandbox.*default-src 'self'/);
expect(res).to.have.header('Referrer-Policy', 'no-referrer');
expect(res).to.have.header('X-Content-Type-Options', 'nosniff');
expect(res).to.be.html;
expect(res.text).to.match(/Welcome.*Armadietto/i);
expect(res.text).not.to.match(/<a .*href="\/signup"/);
expect(res.text).to.match(/<a .*href="https:\/\/remotestorage.io\/"/);
});
it('returns a style sheet', async () => {
const res = await get('/assets/style.css');
expect(res).to.have.status(200);
expect(res).to.have.header('Content-Type', 'text/css; charset=utf8');
expect(res).to.have.header('X-Content-Type-Options', 'nosniff');
});
it('blocks access to the signup page', async () => {
const res = await get('/signup');
expect(res).to.have.status(403);
expect(res).to.have.header('Content-Security-Policy', /sandbox.*default-src 'self'/);
expect(res).to.have.header('Referrer-Policy', 'no-referrer');
expect(res).to.have.header('X-Content-Type-Options', 'nosniff');
expect(res).to.be.html;
expect(res.text).to.match(/Forbidden/);
});
it('blocks signup ', async () => {
const res = await req.post('/signup').type('form').send({
username: '123',
email: 'foo@bar.com',
password: 'iloveyou'
});
expect(res).to.have.status(403);
expect(res).to.have.header('Content-Security-Policy', /sandbox.*default-src 'self'/);
expect(res).to.have.header('Referrer-Policy', 'no-referrer');
expect(res).to.have.header('X-Content-Type-Options', 'nosniff');
expect(res).to.be.html;
expect(res.text).to.match(/Forbidden/);
});
});
describe('Signup w/ base path & signup', () => {
before(async () => {
this._server = new Armadietto({
store,
allow: { signup: true },
http: { port },
logging: { log_dir: './test-log', stdout: [], log_files: ['notice'] },
basePath: '/basic'
});
await this._server.boot();
});
after(async () => {
await this._server.stop();
});
it('redirects to the home page', async () => {
const res = await get('');
expect(res).to.redirect;
expect(res).to.redirectTo('http://localhost:4569/basic');
});
it('returns a home page w/ signup link', async () => {
const res = await get('/basic/');
expect(res).to.have.status(200);
expect(res).to.have.header('Content-Security-Policy', /sandbox.*default-src 'self'/);
expect(res).to.have.header('Referrer-Policy', 'no-referrer');
expect(res).to.have.header('X-Content-Type-Options', 'nosniff');
expect(res).to.be.html;
expect(res.text).to.match(/<a .*href="\/basic\/signup"/);
expect(res.text).to.match(/<a .*href="https:\/\/remotestorage.io\/"/);
});
it('returns a signup page with form', async () => {
const res = await get('/basic/signup');
expect(res).to.have.status(200);
expect(res).to.have.header('Content-Security-Policy', /sandbox.*default-src 'self'/);
expect(res).to.have.header('Referrer-Policy', 'no-referrer');
expect(res).to.have.header('X-Content-Type-Options', 'nosniff');
expect(res).to.be.html;
expect(res.text).to.match(/Sign Up/i);
expect(res.text).to.match(/<form .*action="\/basic\/signup"/);
});
it('allows signup ', async () => {
const res = await req.post('/basic/signup').type('form').send({
username: 'john',
email: 'foo@bar.com',
password: 'iloveyou'
});
expect(res).to.have.status(201);
expect(res).to.have.header('Content-Security-Policy', /sandbox.*default-src 'self'/);
expect(res).to.have.header('Referrer-Policy', 'no-referrer');
expect(res).to.have.header('X-Content-Type-Options', 'nosniff');
expect(res).to.be.html;
expect(res.text).to.match(/signed up/);
});
});