aslan/tether
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add user and auth tests

Browse source
This commit is contained in:
Aslan 2025-12-27 13:02:02 +01:00
parent 72d7b22891
commit 4bc3be87b4
15 changed files with 288 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

20
package-lock.json generated
View file

@ -1,12 +1,12 @@
{ {
"name": "tether", "name": "tether",
"version": "0.1.0", "version": "0.2.0",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "tether", "name": "tether",
"version": "0.1.0", "version": "0.2.0",
"license": "GPL-3.0-only", "license": "GPL-3.0-only",
"dependencies": { "dependencies": {
"@prisma/adapter-pg": "^7.2.0", "@prisma/adapter-pg": "^7.2.0",
@ -14,7 +14,8 @@
"argon2": "^0.44.0", "argon2": "^0.44.0",
"fastify": "^5.6.2", "fastify": "^5.6.2",
"jsonwebtoken": "^9.0.3", "jsonwebtoken": "^9.0.3",
"pg": "^8.16.3" "pg": "^8.16.3",
"uuid": "^13.0.0"
}, },
"devDependencies": { "devDependencies": {
"@types/jsonwebtoken": "^9.0.10", "@types/jsonwebtoken": "^9.0.10",
@ -2230,6 +2231,19 @@
"dev": true, "dev": true,
"license": "MIT" "license": "MIT"
}, },
"node_modules/uuid": {
"version": "13.0.0",
"resolved": "https://registry.npmjs.org/uuid/-/uuid-13.0.0.tgz",
"integrity": "sha512-XQegIaBTVUjSHliKqcnFqYypAd4S+WCYt5NIeRs6w/UAry7z8Y9j5ZwRRL4kzq9U3sD6v+85er9FvkEaBpji2w==",
"funding": [
"https://github.com/sponsors/broofa",
"https://github.com/sponsors/ctavan"
],
"license": "MIT",
"bin": {
"uuid": "dist-node/bin/uuid"
}
},
"node_modules/v8-compile-cache-lib": { "node_modules/v8-compile-cache-lib": {
"version": "3.0.1", "version": "3.0.1",
"resolved": "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz", "resolved": "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz",

6
package.json
View file

@ -12,7 +12,8 @@
"main": "index.js", "main": "index.js",
"scripts": { "scripts": {
"build": "npx tsc", "build": "npx tsc",
"start": "npx tsc && node --env-file=.env dist/index.js" "start": "npx tsc && node --env-file=.env dist/index.js",
"test": "node --test tests/**/*.test.js"
}, },
"devDependencies": { "devDependencies": {
"@types/jsonwebtoken": "^9.0.10", "@types/jsonwebtoken": "^9.0.10",
@ -29,6 +30,7 @@
"argon2": "^0.44.0", "argon2": "^0.44.0",
"fastify": "^5.6.2", "fastify": "^5.6.2",
"jsonwebtoken": "^9.0.3", "jsonwebtoken": "^9.0.3",
"pg": "^8.16.3" "pg": "^8.16.3",
"uuid": "^13.0.0"
} }
} }

3
src/config.json
View file

@ -1,4 +1,3 @@
{ {
"port": 3012, "port": 3012
"db": "db.json"
} }

5
src/controllers/auth/auth.ts
View file

@ -8,6 +8,7 @@ import type {
ILoginResponseSuccess, ILoginResponseSuccess,
} from "./types.js"; } from "./types.js";
import { loginUser, registerUser } from "../../services/auth/auth.js"; import { loginUser, registerUser } from "../../services/auth/auth.js";
import { API_ERROR } from "../errors.js";
const postRegister = async (request: FastifyRequest, _reply: FastifyReply) => { const postRegister = async (request: FastifyRequest, _reply: FastifyReply) => {
const { username, password, email } = request.body as IRegisterRequest; const { username, password, email } = request.body as IRegisterRequest;
@ -20,7 +21,7 @@ const postRegister = async (request: FastifyRequest, _reply: FastifyReply) => {
if (!newUser) { if (!newUser) {
return { return {
error: "user already exists", error: API_ERROR.USER_ALREADY_EXISTS,
} as IRegisterResponseError; } as IRegisterResponseError;
} }
@ -42,7 +43,7 @@ const postLogin = async (request: FastifyRequest, _reply: FastifyReply) => {
if (!session) { if (!session) {
return { return {
username: username, username: username,
error: "incorrect credentials", error: API_ERROR.ACCESS_DENIED,
} as ILoginResponseError; } as ILoginResponseError;
} }

6
src/controllers/auth/types.ts
View file

@ -1,3 +1,5 @@
import type { API_ERROR } from "../errors.js";
interface IRegisterRequest { interface IRegisterRequest {
username: string; username: string;
password: string; password: string;
@ -11,7 +13,7 @@ interface IRegisterResponseSuccess {
} }
interface IRegisterResponseError { interface IRegisterResponseError {
error: string; error: API_ERROR;
} }
interface ILoginRequest { interface ILoginRequest {
@ -27,7 +29,7 @@ interface ILoginResponseSuccess {
interface ILoginResponseError { interface ILoginResponseError {
username: string; username: string;
error: string; error: API_ERROR;
} }
export { export {

4
src/controllers/channel/types.ts
View file

@ -1,10 +1,12 @@
import type { API_ERROR } from "../errors.js";
interface IGetChannelParams { interface IGetChannelParams {
id: string; id: string;
} }
interface IGetChannelResponseError { interface IGetChannelResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IGetChannelResponseSuccess { interface IGetChannelResponseSuccess {

14
src/controllers/community/types.ts
View file

@ -1,10 +1,12 @@
import type { API_ERROR } from "../errors.js";
interface IGetCommunityParams { interface IGetCommunityParams {
id: string; id: string;
} }
interface IGetCommunityResponseError { interface IGetCommunityResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IGetCommunityResponseSuccess { interface IGetCommunityResponseSuccess {
@ -25,7 +27,7 @@ interface IPatchCommunityRequest {
interface IPatchCommunityResponseError { interface IPatchCommunityResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IPatchCommunityResponseSuccess { interface IPatchCommunityResponseSuccess {
@ -40,7 +42,7 @@ interface IGetMembersParams {
interface IGetMembersResponseError { interface IGetMembersResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IGetMembersResponseSuccess { interface IGetMembersResponseSuccess {
@ -60,7 +62,7 @@ interface IGetChannelsParams {
interface IGetChannelsResponseError { interface IGetChannelsResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IGetChannelsResponseSuccess { interface IGetChannelsResponseSuccess {
@ -80,7 +82,7 @@ interface IGetRolesParams {
interface IGetRolesResponseError { interface IGetRolesResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IGetRolesResponseSuccess { interface IGetRolesResponseSuccess {
@ -106,7 +108,7 @@ interface IPostCreateInviteRequest {
interface IPostCreateInviteResponseError { interface IPostCreateInviteResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IPostCreateInviteResponseSuccess { interface IPostCreateInviteResponseSuccess {

1
src/controllers/errors.ts
View file

@ -1,4 +1,5 @@
enum API_ERROR { enum API_ERROR {
USER_ALREADY_EXISTS = "USER_ALREADY_EXISTS",
NOT_FOUND = "NOT_FOUND", NOT_FOUND = "NOT_FOUND",
ACCESS_DENIED = "ACCESS_DENIED", ACCESS_DENIED = "ACCESS_DENIED",
} }

4
src/controllers/role/types.ts
View file

@ -1,10 +1,12 @@
import type { API_ERROR } from "../errors.js";
interface IGetRoleParams { interface IGetRoleParams {
id: string; id: string;
} }
interface IGetRoleResponseError { interface IGetRoleResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IGetRoleResponseSuccess { interface IGetRoleResponseSuccess {

6
src/controllers/session/types.ts
View file

@ -1,10 +1,12 @@
import type { API_ERROR } from "../errors.js";
interface IGetSessionParams { interface IGetSessionParams {
id: string; id: string;
} }
interface IGetSessionResponseError { interface IGetSessionResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IGetSessionResponseSuccess { interface IGetSessionResponseSuccess {
@ -19,7 +21,7 @@ interface IDeleteSessionParams {
interface IDeleteSessionResponseError { interface IDeleteSessionResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IDeleteSessionResponseSuccess { interface IDeleteSessionResponseSuccess {

8
src/controllers/user/types.ts
View file

@ -1,10 +1,12 @@
import type { API_ERROR } from "../errors.js";
interface IGetUserParams { interface IGetUserParams {
id: string; id: string;
} }
interface IGetUserResponseError { interface IGetUserResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IGetUserResponseSuccess { interface IGetUserResponseSuccess {
@ -28,7 +30,7 @@ interface IPatchUserRequest {
interface IPatchUserResponseError { interface IPatchUserResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IPatchUserResponseSuccess { interface IPatchUserResponseSuccess {
@ -43,7 +45,7 @@ interface IGetSessionsParams {
interface IGetSessionsResponseError { interface IGetSessionsResponseError {
id: string; id: string;
error: string; error: API_ERROR;
} }
interface IGetSessionsResponseSuccess { interface IGetSessionsResponseSuccess {

12
src/services/auth/auth.ts
View file

@ -9,12 +9,20 @@ import { getJwtSecret } from "./helpers.js";
const registerUser = async ( const registerUser = async (
registration: IUserRegistration, registration: IUserRegistration,
): Promise<User | null> => { ): Promise<User | null> => {
const existingUser = await getDB().user.findUnique({ const existingUserUsername = await getDB().user.findUnique({
where: { username: registration.username }, where: { username: registration.username },
}); });
if (existingUser) { if (existingUserUsername) {
return null; return null;
} }
if (registration.email) {
const existingUserEmail = await getDB().user.findUnique({
where: { email: registration.email },
});
if (existingUserEmail) {
return null;
}
}
const passwordHash = await hashPassword(registration.password); const passwordHash = await hashPassword(registration.password);

56
tests/api.js Normal file
View file

@ -0,0 +1,56 @@
import config from "../src/config.json" with { type: "json" };
const url = `http://localhost:${config.port}/api/v1`;
const apiGet = async (endpoint, token) => {
const response = await fetch(`${url}/${endpoint}`, {
method: "GET",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
});
return await response.json();
};
const apiPost = async (endpoint, request, token) => {
const response = await fetch(`${url}/${endpoint}`, {
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
body: JSON.stringify(request),
});
return await response.json();
};
const apiPatch = async (endpoint, request, token) => {
const response = await fetch(`${url}/${endpoint}`, {
method: "PATCH",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
body: JSON.stringify(request),
});
return await response.json();
};
const apiDelete = async (endpoint, request, token) => {
const response = await fetch(`${url}/${endpoint}`, {
method: "DELETE",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
body: JSON.stringify(request),
});
return await response.json();
};
export { apiGet, apiPost, apiPatch, apiDelete };

33
tests/community.test.js Normal file
View file

@ -0,0 +1,33 @@
import assert from "node:assert";
import { test } from "node:test";
import { validate } from "uuid";
import { apiGet, apiPost, apiPatch, apiDelete } from "./api.js";
const state = {};
test("can create community", async () => {
state.communityName = "testCommunity";
state.username1 = "testuser1";
state.password1 = "8556";
state.email1 = "testuser1@test.test";
state.username2 = "testuser2";
state.password2 = "8556";
state.email2 = "testuser2@test.test";
const response1 = await apiPost(`auth/login`, {
username: state.username1,
password: state.password1,
});
state.sessionId1 = response1.id;
state.token1 = response1.token;
const response2 = await apiPost(`auth/login`, {
username: state.username2,
password: state.password2,
});
state.sessionId2 = response2.id;
state.token2 = response2.token;
});
// TO-DO: Create community test and code

136
tests/user.test.js Normal file
View file

@ -0,0 +1,136 @@
import assert from "node:assert";
import { test } from "node:test";
import { validate } from "uuid";
import { apiGet, apiPost, apiPatch, apiDelete } from "./api.js";
const state = {};
test("can register", async () => {
state.username = "testuser";
state.password = "8556";
state.email = "testuser@test.test";
const response = await apiPost(`auth/register`, {
username: state.username,
password: state.password,
email: state.email,
});
assert.equal(validate(response.id), true);
assert.equal(response.username, state.username);
assert.equal(response.registerDate > 0, true);
state.userId = response.id;
});
test("shouldn't be able to login", async () => {
const response = await apiPost(`auth/login`, {
username: state.username,
password: "wrong password",
});
assert.equal(response.username, state.username);
assert.equal(response.error, "ACCESS_DENIED");
});
test("can login", async () => {
const response = await apiPost(`auth/login`, {
username: state.username,
password: state.password,
});
assert.equal(validate(response.id), true);
assert.equal(validate(response.ownerId), true);
assert.equal(response.token.length > 0, true);
assert.equal(response.ownerId, state.userId);
state.sessionId = response.id;
state.token = response.token;
});
test("shouldn't be authorized to get user", async () => {
const response1 = await apiGet(`user/${state.userId}`);
assert.equal(response1.error, "ACCESS_DENIED");
const response2 = await apiGet(`user/ac5b5aa7-3bee-4038-90c5-1007e83de1a8`);
assert.equal(response2.error, "ACCESS_DENIED");
});
test("can get user", async () => {
const response = await apiGet(`user/${state.userId}`, state.token);
assert.equal(response.id, state.userId);
assert.equal(response.username, state.username);
assert.equal(response.email, state.email);
});
test("can modify user", async () => {
state.email = "testusermod@test.test";
state.description = "this is a test user";
const responsePatch = await apiPatch(
`user/${state.userId}`,
{
email: state.email,
description: state.description,
},
state.token,
);
assert.equal(responsePatch.id, state.userId);
assert.equal(responsePatch.email, state.email);
assert.equal(responsePatch.description, state.description);
const responseGet = await apiGet(`user/${state.userId}`, state.token);
assert.equal(responseGet.id, state.userId);
assert.equal(responseGet.email, state.email);
assert.equal(responseGet.description, state.description);
});
test("can get user sessions", async () => {
const response = await apiGet(`user/${state.userId}/sessions`, state.token);
assert.equal(response.id, state.userId);
assert.equal(response.sessions.length, 1);
assert.equal(response.sessions[0].id, state.sessionId);
assert.equal(response.sessions[0].userId, state.userId);
});
test("can get session", async () => {
const response = await apiGet(`session/${state.sessionId}`, state.token);
assert.equal(response.id, state.sessionId);
assert.equal(response.userId, state.userId);
assert.equal(response.creationDate > 0, true);
});
test("can delete session", async () => {
const responseLogin = await apiPost(`auth/login`, {
username: state.username,
password: state.password,
});
const sessionToDelete = responseLogin.id;
const responseSessions1 = await apiGet(
`user/${state.userId}/sessions`,
state.token,
);
assert.equal(responseSessions1.id, state.userId);
assert.equal(responseSessions1.sessions.length, 2);
const responseDelete = await apiDelete(
`session/${sessionToDelete}`,
{},
state.token,
);
assert.equal(responseDelete.id, sessionToDelete);
assert.equal(responseDelete.userId, state.userId);
const responseGet = await apiGet(`session/${sessionToDelete}`, state.token);
assert.equal(responseGet.error, "ACCESS_DENIED");
const responseSessions2 = await apiGet(
`user/${state.userId}/sessions`,
state.token,
);
assert.equal(responseSessions2.id, state.userId);
assert.equal(responseSessions2.sessions.length, 1);
});