2016-05-25 20:17:42 +02:00
|
|
|
import {expect} from "chai";
|
|
|
|
|
import {AuthenticationMWs} from "../../../../../backend/middlewares/user/AuthenticationMWs";
|
2017-07-15 12:47:11 +02:00
|
|
|
import {ErrorCodes, ErrorDTO} from "../../../../../common/entities/Error";
|
2017-07-03 20:33:10 +02:00
|
|
|
import {UserDTO, UserRoles} from "../../../../../common/entities/UserDTO";
|
2016-05-25 20:17:42 +02:00
|
|
|
import {ObjectManagerRepository} from "../../../../../backend/model/ObjectManagerRepository";
|
|
|
|
|
import {UserManager} from "../../../../../backend/model/memory/UserManager";
|
2017-06-04 15:25:08 +02:00
|
|
|
import {Config} from "../../../../../common/config/private/Config";
|
2017-07-26 19:43:06 +02:00
|
|
|
import {IUserManager} from "../../../../../backend/model/interfaces/IUserManager";
|
2016-05-25 20:17:42 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
describe('Authentication middleware', () => {
|
|
|
|
|
|
2017-07-03 19:17:49 +02:00
|
|
|
beforeEach(() => {
|
|
|
|
|
ObjectManagerRepository.reset();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('authenticate', () => {
|
|
|
|
|
it('should call next on authenticated', (done) => {
|
|
|
|
|
let req: any = {
|
|
|
|
|
session: {
|
|
|
|
|
user: "A user"
|
2017-07-03 20:33:10 +02:00
|
|
|
},
|
2017-07-19 10:37:00 +02:00
|
|
|
sessionOptions: {},
|
2017-07-03 20:33:10 +02:00
|
|
|
query: {},
|
|
|
|
|
params: {}
|
2017-07-03 19:17:49 +02:00
|
|
|
};
|
|
|
|
|
let next: any = (err) => {
|
|
|
|
|
expect(err).to.be.undefined;
|
|
|
|
|
done();
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.authenticate(req, null, next);
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should call next with error on not authenticated', (done) => {
|
|
|
|
|
let req: any = {
|
2017-07-03 20:33:10 +02:00
|
|
|
session: {},
|
2017-07-19 10:37:00 +02:00
|
|
|
sessionOptions: {},
|
2017-07-03 20:33:10 +02:00
|
|
|
query: {},
|
|
|
|
|
params: {}
|
2017-07-03 19:17:49 +02:00
|
|
|
};
|
|
|
|
|
Config.Client.authenticationRequired = true;
|
|
|
|
|
let res: any = {};
|
2017-07-15 12:47:11 +02:00
|
|
|
let next: any = (err: ErrorDTO) => {
|
2017-07-03 19:17:49 +02:00
|
|
|
expect(err).not.to.be.undefined;
|
|
|
|
|
expect(err.code).to.be.eql(ErrorCodes.NOT_AUTHENTICATED);
|
|
|
|
|
done();
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.authenticate(req, null, next);
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('inverseAuthenticate', () => {
|
|
|
|
|
|
|
|
|
|
it('should call next with error on authenticated', (done) => {
|
|
|
|
|
let req: any = {
|
2017-07-19 10:37:00 +02:00
|
|
|
session: {},
|
|
|
|
|
sessionOptions: {},
|
2017-07-03 19:17:49 +02:00
|
|
|
};
|
|
|
|
|
let res: any = {};
|
|
|
|
|
let next: any = (err) => {
|
|
|
|
|
expect(err).to.be.undefined;
|
|
|
|
|
done();
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.inverseAuthenticate(req, null, next);
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
it('should call next error on authenticated', (done) => {
|
|
|
|
|
let req: any = {
|
|
|
|
|
session: {
|
|
|
|
|
user: "A user"
|
2017-07-19 10:37:00 +02:00
|
|
|
},
|
|
|
|
|
sessionOptions: {},
|
2017-07-03 19:17:49 +02:00
|
|
|
};
|
|
|
|
|
let res: any = {};
|
2017-07-15 12:47:11 +02:00
|
|
|
let next: any = (err: ErrorDTO) => {
|
2017-07-03 19:17:49 +02:00
|
|
|
expect(err).not.to.be.undefined;
|
|
|
|
|
expect(err.code).to.be.eql(ErrorCodes.ALREADY_AUTHENTICATED);
|
|
|
|
|
done();
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.inverseAuthenticate(req, null, next);
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('authorise', () => {
|
|
|
|
|
it('should call next on authorised', (done) => {
|
|
|
|
|
let req: any = {
|
|
|
|
|
session: {
|
|
|
|
|
user: {
|
2017-07-09 12:03:17 +02:00
|
|
|
role: UserRoles.LimitedGuest
|
2017-07-03 19:17:49 +02:00
|
|
|
}
|
2017-07-19 10:37:00 +02:00
|
|
|
},
|
|
|
|
|
sessionOptions: {}
|
2017-07-03 19:17:49 +02:00
|
|
|
};
|
|
|
|
|
let next: any = (err) => {
|
|
|
|
|
expect(err).to.be.undefined;
|
|
|
|
|
done();
|
|
|
|
|
};
|
2017-07-09 12:03:17 +02:00
|
|
|
AuthenticationMWs.authorise(UserRoles.LimitedGuest)(req, null, next);
|
2017-07-03 19:17:49 +02:00
|
|
|
|
2016-05-25 20:17:42 +02:00
|
|
|
});
|
|
|
|
|
|
2017-07-03 19:17:49 +02:00
|
|
|
it('should call next with error on not authorised', (done) => {
|
|
|
|
|
let req: any = {
|
|
|
|
|
session: {
|
|
|
|
|
user: {
|
2017-07-09 12:03:17 +02:00
|
|
|
role: UserRoles.LimitedGuest
|
2017-07-03 19:17:49 +02:00
|
|
|
}
|
2017-07-19 10:37:00 +02:00
|
|
|
},
|
|
|
|
|
sessionOptions: {}
|
2017-07-03 19:17:49 +02:00
|
|
|
};
|
2017-07-15 12:47:11 +02:00
|
|
|
let next: any = (err: ErrorDTO) => {
|
2017-07-03 19:17:49 +02:00
|
|
|
expect(err).not.to.be.undefined;
|
|
|
|
|
expect(err.code).to.be.eql(ErrorCodes.NOT_AUTHORISED);
|
|
|
|
|
done();
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.authorise(UserRoles.Developer)(req, null, next);
|
|
|
|
|
|
2016-05-25 20:17:42 +02:00
|
|
|
});
|
2017-07-03 19:17:49 +02:00
|
|
|
});
|
2016-05-25 20:17:42 +02:00
|
|
|
|
2017-07-03 19:17:49 +02:00
|
|
|
describe('login', () => {
|
|
|
|
|
beforeEach(() => {
|
|
|
|
|
ObjectManagerRepository.reset();
|
2016-05-25 20:17:42 +02:00
|
|
|
});
|
|
|
|
|
|
2017-07-15 12:47:11 +02:00
|
|
|
describe('should call input ErrorDTO next on missing...', () => {
|
2017-07-03 19:17:49 +02:00
|
|
|
it('body', (done) => {
|
2017-07-03 20:33:10 +02:00
|
|
|
let req: any = {
|
|
|
|
|
query: {},
|
|
|
|
|
params: {}
|
|
|
|
|
};
|
2017-07-15 12:47:11 +02:00
|
|
|
let next: any = (err: ErrorDTO) => {
|
2017-07-03 20:33:10 +02:00
|
|
|
expect(err).not.to.be.undefined;
|
|
|
|
|
expect(err.code).to.be.eql(ErrorCodes.INPUT_ERROR);
|
2017-07-03 19:17:49 +02:00
|
|
|
done();
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.login(req, null, next);
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('loginCredential', (done) => {
|
|
|
|
|
let req: any = {
|
2017-07-03 20:33:10 +02:00
|
|
|
body: {},
|
|
|
|
|
query: {},
|
|
|
|
|
params: {}
|
2017-07-03 19:17:49 +02:00
|
|
|
};
|
2017-07-15 12:47:11 +02:00
|
|
|
let next: any = (err: ErrorDTO) => {
|
2017-07-03 20:33:10 +02:00
|
|
|
expect(err).not.to.be.undefined;
|
|
|
|
|
expect(err.code).to.be.eql(ErrorCodes.INPUT_ERROR);
|
2017-07-03 19:17:49 +02:00
|
|
|
done();
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.login(req, null, next);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
it('loginCredential content', (done) => {
|
|
|
|
|
let req: any = {
|
2017-07-03 20:33:10 +02:00
|
|
|
body: {loginCredential: {}},
|
|
|
|
|
query: {},
|
|
|
|
|
params: {}
|
2017-07-03 19:17:49 +02:00
|
|
|
};
|
2017-07-15 12:47:11 +02:00
|
|
|
let next: any = (err: ErrorDTO) => {
|
2017-07-03 20:33:10 +02:00
|
|
|
expect(err).not.to.be.undefined;
|
|
|
|
|
expect(err.code).to.be.eql(ErrorCodes.INPUT_ERROR);
|
2017-07-03 19:17:49 +02:00
|
|
|
done();
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.login(req, null, next);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2016-05-25 20:17:42 +02:00
|
|
|
});
|
2017-07-03 19:17:49 +02:00
|
|
|
it('should call next with error on not finding user', (done) => {
|
|
|
|
|
let req: any = {
|
|
|
|
|
body: {
|
|
|
|
|
loginCredential: {
|
|
|
|
|
username: "aa",
|
|
|
|
|
password: "bb"
|
|
|
|
|
}
|
2017-07-03 20:33:10 +02:00
|
|
|
},
|
|
|
|
|
query: {},
|
|
|
|
|
params: {}
|
2017-07-03 19:17:49 +02:00
|
|
|
};
|
2017-07-15 12:47:11 +02:00
|
|
|
let next: any = (err: ErrorDTO) => {
|
2017-07-03 19:17:49 +02:00
|
|
|
expect(err).not.to.be.undefined;
|
|
|
|
|
expect(err.code).to.be.eql(ErrorCodes.CREDENTIAL_NOT_FOUND);
|
|
|
|
|
done();
|
|
|
|
|
};
|
|
|
|
|
ObjectManagerRepository.getInstance().UserManager = <UserManager>{
|
2017-07-03 20:33:10 +02:00
|
|
|
findOne: (filter): Promise<UserDTO> => {
|
|
|
|
|
return Promise.reject(null);
|
2017-07-03 19:17:49 +02:00
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.login(req, null, next);
|
|
|
|
|
|
2016-05-25 20:17:42 +02:00
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2017-07-03 19:17:49 +02:00
|
|
|
it('should call next with user on the session on finding user', (done) => {
|
|
|
|
|
let req: any = {
|
|
|
|
|
session: {},
|
|
|
|
|
body: {
|
|
|
|
|
loginCredential: {
|
|
|
|
|
username: "aa",
|
|
|
|
|
password: "bb"
|
|
|
|
|
}
|
2017-07-03 20:33:10 +02:00
|
|
|
},
|
|
|
|
|
query: {},
|
|
|
|
|
params: {}
|
2017-07-03 19:17:49 +02:00
|
|
|
};
|
2017-07-15 12:47:11 +02:00
|
|
|
let next: any = (err: ErrorDTO) => {
|
2017-07-03 19:17:49 +02:00
|
|
|
expect(err).to.be.undefined;
|
|
|
|
|
expect(req.session.user).to.be.eql("test user");
|
|
|
|
|
done();
|
|
|
|
|
};
|
2017-07-26 19:43:06 +02:00
|
|
|
ObjectManagerRepository.getInstance().UserManager = <IUserManager>{
|
2017-07-03 20:33:10 +02:00
|
|
|
findOne: (filter) => {
|
2017-07-26 19:43:06 +02:00
|
|
|
return Promise.resolve(<any>"test user");
|
2017-07-03 19:17:49 +02:00
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.login(req, null, next);
|
2016-05-25 20:17:42 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
});
|
2017-07-03 19:17:49 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
describe('logout', () => {
|
|
|
|
|
it('should call next on logout', (done) => {
|
|
|
|
|
let req: any = {
|
|
|
|
|
session: {
|
|
|
|
|
user: {
|
2017-07-09 12:03:17 +02:00
|
|
|
role: UserRoles.LimitedGuest
|
2017-07-03 19:17:49 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
let next: any = (err) => {
|
|
|
|
|
expect(err).to.be.undefined;
|
|
|
|
|
expect(req.session.user).to.be.undefined;
|
|
|
|
|
done();
|
|
|
|
|
};
|
|
|
|
|
AuthenticationMWs.logout(req, null, next);
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
2016-05-25 20:17:42 +02:00
|
|
|
|
|
|
|
|
});
|
