test: session middleware

packages/system-api/src/core/middlewares/__tests__/sessionMiddleware.test.ts

@@ -0,0 +1,75 @@
+import { faker } from '@faker-js/faker';
+import jwt from 'jsonwebtoken';
+import TipiCache from '../../../config/TipiCache';
+import { getConfig } from '../../config/TipiConfig';
+import getSessionMiddleware from '../sessionMiddleware';
+
+describe('SessionMiddleware', () => {
+  it('Should append session to request object if a valid token is present', async () => {
+    // Arrange
+    const session = faker.random.alphaNumeric(32);
+    const userId = faker.datatype.number();
+    await TipiCache.set(session, userId.toString());
+    const token = jwt.sign({ id: userId, session }, getConfig().jwtSecret);
+    const req = {
+      headers: {
+        authorization: `Bearer ${token}`,
+      },
+    } as any;
+    const next = jest.fn();
+    const res = {} as any;
+
+    // Act
+    await getSessionMiddleware(req, res, next);
+
+    // Assert
+    expect(req).toHaveProperty('session');
+    expect(req.session).toHaveProperty('id');
+    expect(req.session).toHaveProperty('userId');
+    expect(req.session.id).toBe(session);
+    expect(req.session.userId).toBe(userId);
+    expect(next).toHaveBeenCalled();
+  });
+
+  it('Should not append session to request object if a invalid token is present', async () => {
+    // Arrange
+    const session = faker.random.alphaNumeric(32);
+    const userId = faker.datatype.number();
+    await TipiCache.set(session, userId.toString());
+    const token = jwt.sign({ id: userId, session }, 'invalidSecret');
+    const req = {
+      headers: {
+        authorization: `Bearer ${token}`,
+      },
+    } as any;
+    const next = jest.fn();
+    const res = {} as any;
+
+    // Act
+    await getSessionMiddleware(req, res, next);
+
+    // Assert
+    expect(req).toHaveProperty('session');
+    expect(req.session).not.toHaveProperty('id');
+    expect(req.session).not.toHaveProperty('userId');
+    expect(next).toHaveBeenCalled();
+  });
+
+  it('Should not append session to request object if a token is not present', async () => {
+    // Arrange
+    const req = {
+      headers: {},
+    } as any;
+    const next = jest.fn();
+    const res = {} as any;
+
+    // Act
+    await getSessionMiddleware(req, res, next);
+
+    // Assert
+    expect(req).toHaveProperty('session');
+    expect(req.session).not.toHaveProperty('id');
+    expect(req.session).not.toHaveProperty('userId');
+    expect(next).toHaveBeenCalled();
+  });
+});

packages/system-api/src/modules/auth/__tests__/auth.resolver.test.ts

@@ -170,6 +170,7 @@ describe('Test: logout', () => {
     const { data } = await gcall<{ logout: boolean }>({
       source: 'mutation { logout }',
       userId: user1.id,
+      session: 'session',
     });
 
     expect(data?.logout).toBeTruthy();

packages/system-api/src/modules/auth/__tests__/auth.service.test.ts

@@ -129,6 +129,7 @@ describe('Register', () => {
 describe('Test: logout', () => {
   it('Should return true if there is no session to delete', async () => {
     // Act
+    // @ts-ignore
     const result = await AuthService.logout();
 
     // Assert