const app = require('../../../server/server'); const routes = require('../routes'); describe('Auth routes', () => { beforeEach(async () => { await app.models.User.destroyById(102); }); afterAll(async () => { await app.models.User.destroyById(102); }); let User = app.models.User; let loginFunction; let logoutFunction; let res; let req; beforeEach(() => { spyOn(app, 'post'); spyOn(app, 'get').and.callThrough(); routes(app); loginFunction = app.post.calls.mostRecent().args[1]; logoutFunction = app.get.calls.argsFor(2)[1]; res = {}; req = {body: {}}; }); describe('when the user doesnt exist but the client does and the password is correct', () => { it('should create the user login and return the token', done => { spyOn(User, 'upsertWithWhere').and.callThrough(); req.body.user = 'PetterParker'; req.body.password = 'nightmare'; res.json = response => { expect(User.upsertWithWhere).toHaveBeenCalledWith(jasmine.any(Object), jasmine.any(Object), jasmine.any(Function)); expect(response.token).toBeDefined(); done(); }; loginFunction(req, res); }); }); describe('when the user exists and the password is correct', () => { it('should login and return the token', done => { req.body.user = 'employee'; req.body.password = 'nightmare'; res.json = response => { expect(response.token).toBeDefined(); done(); }; loginFunction(req, res); }); it('should define the url to continue upon login', done => { req.body.user = 'employee'; req.body.password = 'nightmare'; req.body.location = 'http://localhost:5000/auth/?apiKey=salix&continue="continueURL"'; res.json = response => { expect(response.continue).toBeDefined(); done(); }; loginFunction(req, res); }); it('should define the loginUrl upon login', done => { req.body.user = 'employee'; req.body.password = 'nightmare'; req.body.location = 'http://localhost:5000/auth/?apiKey=salix'; res.json = response => { expect(response.loginUrl).toBeDefined(); done(); }; loginFunction(req, res); }); it('should logout after login', done => { spyOn(User, 'logout').and.callThrough(); req.accessToken = {id: 'testingTokenId'}; logoutFunction(req, res); res.redirect = url => { expect(User.logout).toHaveBeenCalledWith('testingTokenId', jasmine.any(Function)); expect(url).toBe('/'); done(); }; }); }); describe('when the user is incorrect', () => { it('should return a 401 unauthorized', done => { req.body.user = 'IDontExist'; req.body.password = 'TotallyWrongPassword'; res.status = status => { expect(status).toBe(401); }; res.json = response => { expect(response.message).toBe('Login failed'); done(); }; loginFunction(req, res); }); }); });