From 3cc2de4e598ba6dc59226390b0575003292243ee Mon Sep 17 00:00:00 2001
From: Daniel Fott <daniel.fott@senacor.com>
Date: Wed, 8 Sep 2021 14:48:48 +0200
Subject: [PATCH] Create tests for the authentication middleware

---
 app/server/src/middlewares/auth.test.js | 59 +++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 app/server/src/middlewares/auth.test.js

diff --git a/app/server/src/middlewares/auth.test.js b/app/server/src/middlewares/auth.test.js
new file mode 100644
index 0000000..fd4d41f
--- /dev/null
+++ b/app/server/src/middlewares/auth.test.js
@@ -0,0 +1,59 @@
+const auth = require('../middlewares/auth');
+const jwt = require('jsonwebtoken');
+const { model: Users } = require('../models/Users');
+
+describe('Testing the authorization middleware', () => {
+    let mockRequest;
+    let mockResponse;
+    let nextFunction = jest.fn();
+
+    const token = 'mytoken';
+
+    beforeEach(() => {
+        mockRequest = {
+            cookies: {
+                'todo-jt': token,
+            }
+        };
+        mockResponse = {
+            redirect: jest.fn(),
+            status: jest.fn(() => {
+                return {
+                    send: jest.fn()
+                }
+            })
+        };
+    });
+
+    test('should redirect, if the value of the todo-jt cookie is an empty string', async () => {
+        mockRequest.cookies['todo-jt'] = '';
+        auth(mockRequest, mockResponse, nextFunction);
+
+        expect(mockResponse.redirect).toHaveBeenCalledWith(401, '/login');
+    });
+
+    test('should save the found user and token in the request', async () => {
+        const mockUser = {
+            username: 'testname',
+            password: 'testpw'
+        };
+
+        jest.spyOn(jwt, 'verify').mockReturnValue(token);
+        jest.spyOn(Users, 'findOne').mockResolvedValue(mockUser);
+
+        await auth(mockRequest, mockResponse, nextFunction);
+
+        expect(mockRequest.token).toEqual(token)
+        expect(mockRequest.user).toEqual(mockUser);
+    });
+
+    test('should sent a 401 status code, if the user could not be found', async () => {
+        spyOn(jwt, 'verify').mockReturnValue(token);
+        spyOn(Users, 'findOne').mockResolvedValue(undefined);
+
+        await auth(mockRequest, mockResponse, nextFunction);
+
+        expect(mockRequest.user).toBeUndefined;
+        expect(mockResponse.status).toHaveBeenCalledWith(401);
+    });
+});
-- 
GitLab