126 lines
3.1 KiB
TypeScript
126 lines
3.1 KiB
TypeScript
import { api, API_CLIENT } from '../utils/api.ts';
|
|
import * as asserts from '@std/assert';
|
|
import { USER } from '../models/user.ts';
|
|
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, random_username } from './helpers.ts';
|
|
import { Cookie, getSetCookies } from '@std/http/cookie';
|
|
import { encodeBase64 } from '@std/encoding';
|
|
import { generateTotp } from '../utils/totp.ts';
|
|
|
|
Deno.test({
|
|
name: 'API - USERS - Login (password)',
|
|
permissions: {
|
|
env: true,
|
|
read: true,
|
|
write: true,
|
|
net: true
|
|
},
|
|
fn: async () => {
|
|
let test_server_info: EPHEMERAL_SERVER | null = null;
|
|
try {
|
|
test_server_info = await get_ephemeral_listen_server();
|
|
const client: API_CLIENT = api({
|
|
prefix: '/api',
|
|
hostname: test_server_info.hostname,
|
|
port: test_server_info.port
|
|
});
|
|
|
|
const info = await get_new_user(client, {
|
|
password: 'password'
|
|
});
|
|
asserts.assert(info);
|
|
|
|
const user = info.user;
|
|
asserts.assert(user);
|
|
|
|
let cookies: Cookie[] = [];
|
|
const auth_response: any = await client.fetch('/auth', {
|
|
method: 'POST',
|
|
json: {
|
|
username: user.username,
|
|
password: 'password'
|
|
},
|
|
done: (response) => {
|
|
cookies = getSetCookies(response.headers);
|
|
}
|
|
});
|
|
|
|
const authed_user: USER | undefined = auth_response.user;
|
|
const authed_session: Record<string, any> | undefined = auth_response.session;
|
|
|
|
cookies.push({
|
|
name: 'totp',
|
|
value: await generateTotp(authed_session?.secret ?? ''),
|
|
maxAge: 30,
|
|
expires: Date.now() + 30_000,
|
|
path: '/'
|
|
});
|
|
|
|
const headers_for_get = new Headers();
|
|
for (const cookie of cookies) {
|
|
headers_for_get.append(`x-${cookie.name}`, cookie.value);
|
|
}
|
|
headers_for_get.append(
|
|
'cookie',
|
|
cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join('; ')
|
|
);
|
|
|
|
const retrieved_user: USER = await client.fetch(`/users/${user?.id}`, {
|
|
headers: headers_for_get
|
|
}) as USER;
|
|
|
|
asserts.assertObjectMatch(retrieved_user, user);
|
|
|
|
await delete_user(client, info);
|
|
} finally {
|
|
if (test_server_info) {
|
|
await test_server_info?.server?.stop();
|
|
}
|
|
}
|
|
}
|
|
});
|
|
|
|
Deno.test({
|
|
name: 'API - USERS - Login (password_hash)',
|
|
permissions: {
|
|
env: true,
|
|
read: true,
|
|
write: true,
|
|
net: true
|
|
},
|
|
fn: async () => {
|
|
let test_server_info: EPHEMERAL_SERVER | null = null;
|
|
try {
|
|
test_server_info = await get_ephemeral_listen_server();
|
|
const client: API_CLIENT = api({
|
|
prefix: '/api',
|
|
hostname: test_server_info.hostname,
|
|
port: test_server_info.port
|
|
});
|
|
|
|
const password = 'hashed password!!!';
|
|
const password_hash = encodeBase64(
|
|
await crypto.subtle.digest('SHA-256', new TextEncoder().encode(password))
|
|
);
|
|
|
|
const info = await get_new_user(client, {
|
|
password_hash
|
|
});
|
|
asserts.assert(info);
|
|
|
|
const user = info.user;
|
|
asserts.assert(user);
|
|
|
|
const retrieved_user: USER = await client.fetch(`/users/${user?.id}`, {
|
|
headers: info.headers
|
|
}) as USER;
|
|
|
|
asserts.assertObjectMatch(retrieved_user, user ?? {});
|
|
|
|
await delete_user(client, info);
|
|
} finally {
|
|
if (test_server_info) {
|
|
await test_server_info?.server?.stop();
|
|
}
|
|
}
|
|
}
|
|
});
|