salix/loopback/server/boot/specs/auth.spec.js

104 lines
3.4 KiB
JavaScript

const app = require('../../../server/server');
const routes = require('../auth');
describe('Auth routes', () => {
beforeEach(async () => {
await app.models.User.destroyById(102);
});
afterAll(async () => {
await app.models.User.destroyById(102);
});
let User = app.models.User;
let loginFunction;
let logoutFunction;
let res;
let req;
beforeEach(() => {
spyOn(app, 'post');
spyOn(app, 'get').and.callThrough();
routes(app);
loginFunction = app.post.calls.mostRecent().args[1];
logoutFunction = app.get.calls.argsFor(2)[1];
res = {};
req = {body: {}};
});
describe('when the user doesnt exist but the client does and the password is correct', () => {
it('should create the user login and return the token', done => {
spyOn(User, 'upsertWithWhere').and.callThrough();
req.body.user = 'PetterParker';
req.body.password = 'nightmare';
res.json = response => {
expect(User.upsertWithWhere).toHaveBeenCalledWith(jasmine.any(Object), jasmine.any(Object), jasmine.any(Function));
expect(response.token).toBeDefined();
done();
};
loginFunction(req, res);
});
});
describe('when the user exists and the password is correct', () => {
it('should login and return the token', done => {
req.body.user = 'employee';
req.body.password = 'nightmare';
res.json = response => {
expect(response.token).toBeDefined();
done();
};
loginFunction(req, res);
});
it('should define the url to continue upon login', done => {
req.body.user = 'employee';
req.body.password = 'nightmare';
req.body.location = 'http://localhost:5000/auth/?apiKey=salix&continue="continueURL"';
res.json = response => {
expect(response.continue).toBeDefined();
done();
};
loginFunction(req, res);
});
it('should define the loginUrl upon login', done => {
req.body.user = 'employee';
req.body.password = 'nightmare';
req.body.location = 'http://localhost:5000/auth/?apiKey=salix';
res.json = response => {
expect(response.loginUrl).toBeDefined();
done();
};
loginFunction(req, res);
});
it('should logout after login', done => {
spyOn(User, 'logout').and.callThrough();
req.accessToken = {id: 'testingTokenId'};
logoutFunction(req, res);
res.redirect = url => {
expect(User.logout).toHaveBeenCalledWith('testingTokenId', jasmine.any(Function));
expect(url).toBe('/');
done();
};
});
});
describe('when the user is incorrect', () => {
it('should return a 401 unauthorized', done => {
req.body.user = 'IDontExist';
req.body.password = 'TotallyWrongPassword';
res.status = status => {
expect(status).toBe(401);
};
res.json = response => {
expect(response.message).toBe('Login failed');
done();
};
loginFunction(req, res);
});
});
});