Add user and auth tests

2025-12-27 13:02:02 +01:00 · 2025-12-27 13:02:02 +01:00 · 4bc3be87b4
commit 4bc3be87b4
parent 72d7b22891
15 changed files with 288 additions and 26 deletions
--- a/tests/api.js
+++ b/tests/api.js
@ -0,0 +1,56 @@
+import config from "../src/config.json" with { type: "json" };
+
+const url = `http://localhost:${config.port}/api/v1`;
+
+const apiGet = async (endpoint, token) => {
+    const response = await fetch(`${url}/${endpoint}`, {
+        method: "GET",
+        headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${token}`,
+        },
+    });
+
+    return await response.json();
+};
+
+const apiPost = async (endpoint, request, token) => {
+    const response = await fetch(`${url}/${endpoint}`, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${token}`,
+        },
+        body: JSON.stringify(request),
+    });
+
+    return await response.json();
+};
+
+const apiPatch = async (endpoint, request, token) => {
+    const response = await fetch(`${url}/${endpoint}`, {
+        method: "PATCH",
+        headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${token}`,
+        },
+        body: JSON.stringify(request),
+    });
+
+    return await response.json();
+};
+
+const apiDelete = async (endpoint, request, token) => {
+    const response = await fetch(`${url}/${endpoint}`, {
+        method: "DELETE",
+        headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${token}`,
+        },
+        body: JSON.stringify(request),
+    });
+
+    return await response.json();
+};
+
+export { apiGet, apiPost, apiPatch, apiDelete };
--- a/tests/community.test.js
+++ b/tests/community.test.js
@ -0,0 +1,33 @@
+import assert from "node:assert";
+import { test } from "node:test";
+import { validate } from "uuid";
+import { apiGet, apiPost, apiPatch, apiDelete } from "./api.js";
+
+const state = {};
+
+test("can create community", async () => {
+    state.communityName = "testCommunity";
+
+    state.username1 = "testuser1";
+    state.password1 = "8556";
+    state.email1 = "testuser1@test.test";
+    state.username2 = "testuser2";
+    state.password2 = "8556";
+    state.email2 = "testuser2@test.test";
+
+    const response1 = await apiPost(`auth/login`, {
+        username: state.username1,
+        password: state.password1,
+    });
+    state.sessionId1 = response1.id;
+    state.token1 = response1.token;
+
+    const response2 = await apiPost(`auth/login`, {
+        username: state.username2,
+        password: state.password2,
+    });
+    state.sessionId2 = response2.id;
+    state.token2 = response2.token;
+});
+
+// TO-DO: Create community test and code
--- a/tests/user.test.js
+++ b/tests/user.test.js
@ -0,0 +1,136 @@
+import assert from "node:assert";
+import { test } from "node:test";
+import { validate } from "uuid";
+import { apiGet, apiPost, apiPatch, apiDelete } from "./api.js";
+
+const state = {};
+
+test("can register", async () => {
+    state.username = "testuser";
+    state.password = "8556";
+    state.email = "testuser@test.test";
+
+    const response = await apiPost(`auth/register`, {
+        username: state.username,
+        password: state.password,
+        email: state.email,
+    });
+
+    assert.equal(validate(response.id), true);
+    assert.equal(response.username, state.username);
+    assert.equal(response.registerDate > 0, true);
+
+    state.userId = response.id;
+});
+
+test("shouldn't be able to login", async () => {
+    const response = await apiPost(`auth/login`, {
+        username: state.username,
+        password: "wrong password",
+    });
+
+    assert.equal(response.username, state.username);
+    assert.equal(response.error, "ACCESS_DENIED");
+});
+
+test("can login", async () => {
+    const response = await apiPost(`auth/login`, {
+        username: state.username,
+        password: state.password,
+    });
+
+    assert.equal(validate(response.id), true);
+    assert.equal(validate(response.ownerId), true);
+    assert.equal(response.token.length > 0, true);
+    assert.equal(response.ownerId, state.userId);
+
+    state.sessionId = response.id;
+    state.token = response.token;
+});
+
+test("shouldn't be authorized to get user", async () => {
+    const response1 = await apiGet(`user/${state.userId}`);
+    assert.equal(response1.error, "ACCESS_DENIED");
+    const response2 = await apiGet(`user/ac5b5aa7-3bee-4038-90c5-1007e83de1a8`);
+    assert.equal(response2.error, "ACCESS_DENIED");
+});
+
+test("can get user", async () => {
+    const response = await apiGet(`user/${state.userId}`, state.token);
+
+    assert.equal(response.id, state.userId);
+    assert.equal(response.username, state.username);
+    assert.equal(response.email, state.email);
+});
+
+test("can modify user", async () => {
+    state.email = "testusermod@test.test";
+    state.description = "this is a test user";
+
+    const responsePatch = await apiPatch(
+        `user/${state.userId}`,
+        {
+            email: state.email,
+            description: state.description,
+        },
+        state.token,
+    );
+    assert.equal(responsePatch.id, state.userId);
+    assert.equal(responsePatch.email, state.email);
+    assert.equal(responsePatch.description, state.description);
+
+    const responseGet = await apiGet(`user/${state.userId}`, state.token);
+    assert.equal(responseGet.id, state.userId);
+    assert.equal(responseGet.email, state.email);
+    assert.equal(responseGet.description, state.description);
+});
+
+test("can get user sessions", async () => {
+    const response = await apiGet(`user/${state.userId}/sessions`, state.token);
+
+    assert.equal(response.id, state.userId);
+    assert.equal(response.sessions.length, 1);
+    assert.equal(response.sessions[0].id, state.sessionId);
+    assert.equal(response.sessions[0].userId, state.userId);
+});
+
+test("can get session", async () => {
+    const response = await apiGet(`session/${state.sessionId}`, state.token);
+
+    assert.equal(response.id, state.sessionId);
+    assert.equal(response.userId, state.userId);
+    assert.equal(response.creationDate > 0, true);
+});
+
+test("can delete session", async () => {
+    const responseLogin = await apiPost(`auth/login`, {
+        username: state.username,
+        password: state.password,
+    });
+    const sessionToDelete = responseLogin.id;
+
+    const responseSessions1 = await apiGet(
+        `user/${state.userId}/sessions`,
+        state.token,
+    );
+    assert.equal(responseSessions1.id, state.userId);
+    assert.equal(responseSessions1.sessions.length, 2);
+
+    const responseDelete = await apiDelete(
+        `session/${sessionToDelete}`,
+        {},
+        state.token,
+    );
+    assert.equal(responseDelete.id, sessionToDelete);
+    assert.equal(responseDelete.userId, state.userId);
+
+    const responseGet = await apiGet(`session/${sessionToDelete}`, state.token);
+    assert.equal(responseGet.error, "ACCESS_DENIED");
+
+    const responseSessions2 = await apiGet(
+        `user/${state.userId}/sessions`,
+        state.token,
+    );
+    assert.equal(responseSessions2.id, state.userId);
+    assert.equal(responseSessions2.sessions.length, 1);
+});