Rework authentication

tests/1.user.test.js

@@ -1,7 +1,14 @@
 import assert from "node:assert";
 import { test } from "node:test";
 import { validate } from "uuid";
-import { apiGet, apiPost, apiPatch, apiDelete } from "./api.js";
+import {
+    apiCookie,
+    apiToken,
+    apiGet,
+    apiPost,
+    apiPatch,
+    apiDelete,
+} from "./api.js";
 
 const state = {};
 
@@ -40,14 +47,25 @@ test("shouldn't be able to login", async () => {
 });
 
 test("can login", async () => {
-    const response = await apiPost(`auth/login`, {
+    const responseArray = await apiCookie(`auth/login`, {
         username: state.username,
         password: state.password,
     });
+    const response = responseArray[0];
+    state.cookie = responseArray[1];
+
+    assert.equal(validate(response.id), true);
+    assert.equal(validate(response.ownerId), true);
+    assert.equal(response.ownerId, state.userId);
+
+    state.sessionId = response.id;
+});
+
+test("can get access token", async () => {
+    const response = await apiToken(`auth/refresh`, state.cookie);
 
     assert.equal(validate(response.id), true);
     assert.equal(validate(response.ownerId), true);
-    assert.equal(response.token.length > 0, true);
     assert.equal(response.ownerId, state.userId);
 
     state.sessionId = response.id;