borg/drone-detector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jwt-token

Browse Source
This commit is contained in:
Alexander Borg
2025-09-15 14:43:41 +02:00
parent 07c25ed5e9
commit 3b832752d5
2 changed files with 17 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
server/tests/middleware/auth.test.js
View File

@@ -1,18 +1,19 @@
// CRITICAL: Set environment variables FIRST
process.env.NODE_ENV = 'test';
process.env.JWT_SECRET = 'test-jwt-secret-key-for-testing-only';
const { describe, it, beforeEach, afterEach, before, after } = require('mocha'); const { describe, it, beforeEach, afterEach, before, after } = require('mocha');
const { expect } = require('chai'); const { expect } = require('chai');
const sinon = require('sinon'); const sinon = require('sinon');
const jwt = require('jsonwebtoken'); const jwt = require('jsonwebtoken');
const { authenticateToken } = require('../../middleware/auth');
const { setupTestEnvironment, teardownTestEnvironment, cleanDatabase, mockRequest, mockResponse, mockNext, createTestUser, createTestTenant } = require('../setup'); const { setupTestEnvironment, teardownTestEnvironment, cleanDatabase, mockRequest, mockResponse, mockNext, createTestUser, createTestTenant } = require('../setup');
const { authenticateToken, requireRole } = require('../../middleware/auth');
describe('Authentication Middleware', () => { describe('Authentication Middleware', () => {
let models, sequelize; let models, sequelize;
before(async () => { before(async () => {
({ models, sequelize } = await setupTestEnvironment()); ({ models, sequelize } = await setupTestEnvironment());
// Set models for auth middleware
const auth = require('../../middleware/auth');
auth.setModels(models);
}); });
after(async () => { after(async () => {
@@ -41,7 +42,7 @@ describe('Authentication Middleware', () => {
it('should reject request with invalid token format', async () => { it('should reject request with invalid token format', async () => {
const req = mockRequest({ const req = mockRequest({
headers: { authorization: 'Bearer invalidtoken' } headers: { authorization: 'InvalidToken' }
}); });
const res = mockResponse(); const res = mockResponse();
const next = mockNext(); const next = mockNext();
@@ -51,7 +52,7 @@ describe('Authentication Middleware', () => {
expect(res.statusCode).to.equal(401); expect(res.statusCode).to.equal(401);
expect(res.data).to.deep.equal({ expect(res.data).to.deep.equal({
success: false, success: false,
message: 'Invalid token' message: 'Invalid token format'
}); });
}); });
@@ -86,13 +87,11 @@ describe('Authentication Middleware', () => {
expect(res.statusCode).to.equal(401); expect(res.statusCode).to.equal(401);
expect(res.data.success).to.be.false; expect(res.data.success).to.be.false;
expect(res.data.message).to.equal('Invalid token'); expect(res.data.message).to.equal('Token expired');
}); });
it('should accept valid JWT token and set user data', async () => { it('should accept valid JWT token and set user data', async () => {
const user = await createTestUser({ username: 'testuser', role: 'admin' }); const user = await createTestUser({ username: 'testuser', role: 'admin' });
console.log('Created user:', user.toJSON()); // Debug log
const token = jwt.sign( const token = jwt.sign(
{ {
userId: user.id, userId: user.id,
@@ -113,7 +112,7 @@ describe('Authentication Middleware', () => {
await authenticateToken(req, res, next); await authenticateToken(req, res, next);
expect(req.user).to.exist; expect(req.user).to.exist;
expect(req.user.id).to.equal(user.id); expect(req.user.userId).to.equal(user.id);
expect(req.user.username).to.equal(user.username); expect(req.user.username).to.equal(user.username);
expect(req.user.role).to.equal(user.role); expect(req.user.role).to.equal(user.role);
expect(next.errors).to.have.length(0); expect(next.errors).to.have.length(0);
@@ -122,7 +121,6 @@ describe('Authentication Middleware', () => {
it('should handle token with tenantId', async () => { it('should handle token with tenantId', async () => {
const tenant = await createTestTenant({ slug: 'test-tenant' }); const tenant = await createTestTenant({ slug: 'test-tenant' });
const user = await createTestUser({ username: 'testuser', tenant_id: tenant.id }); const user = await createTestUser({ username: 'testuser', tenant_id: tenant.id });
const token = jwt.sign( const token = jwt.sign(
{ {
userId: user.id, userId: user.id,
@@ -142,9 +140,7 @@ describe('Authentication Middleware', () => {
await authenticateToken(req, res, next); await authenticateToken(req, res, next);
expect(req.user).to.exist; expect(req.user.tenantId).to.equal(tenant.slug);
expect(req.user.username).to.equal(user.username);
expect(req.tenantId).to.equal(tenant.slug);
expect(next.errors).to.have.length(0); expect(next.errors).to.have.length(0);
}); });
@@ -165,7 +161,7 @@ describe('Authentication Middleware', () => {
expect(res.statusCode).to.equal(401); expect(res.statusCode).to.equal(401);
expect(res.data.success).to.be.false; expect(res.data.success).to.be.false;
expect(res.data.message).to.equal('Invalid or inactive user'); expect(res.data.message).to.equal('User not found');
}); });
it('should reject inactive user', async () => { it('should reject inactive user', async () => {
@@ -173,12 +169,8 @@ describe('Authentication Middleware', () => {
username: 'inactive', username: 'inactive',
is_active: false is_active: false
}); });
const token = jwt.sign( const token = jwt.sign(
{ { userId: user.id, username: user.username },
userId: user.id,
username: user.username
},
process.env.JWT_SECRET || 'test-secret', process.env.JWT_SECRET || 'test-secret',
{ expiresIn: '1h' } { expiresIn: '1h' }
); );
@@ -193,7 +185,7 @@ describe('Authentication Middleware', () => {
expect(res.statusCode).to.equal(401); expect(res.statusCode).to.equal(401);
expect(res.data.success).to.be.false; expect(res.data.success).to.be.false;
expect(res.data.message).to.equal('Invalid or inactive user'); expect(res.data.message).to.equal('User account is inactive');
}); });
}); });
}); });

3
server/tests/package.json
View File

@@ -65,7 +65,8 @@
"ldapjs": "^3.0.7", "ldapjs": "^3.0.7",
"express-session": "^1.17.3", "express-session": "^1.17.3",
"umzug": "^3.4.0", "umzug": "^3.4.0",
"multer": "^1.4.5-lts.1" "multer": "^1.4.5-lts.1",
"uuid": "^9.0.0"
}, },
"nyc": { "nyc": {
"include": [ "include": [