188 lines
5.7 KiB
JavaScript
188 lines
5.7 KiB
JavaScript
import assert from "node:assert";
|
|
import { test } from "node:test";
|
|
import { validate } from "uuid";
|
|
import { apiGet, apiPost, apiPatch, apiDelete } from "./api.js";
|
|
|
|
const state = {};
|
|
|
|
test("can register", async () => {
|
|
state.username = "testuser";
|
|
state.password = "8556";
|
|
state.email = "testuser@test.test";
|
|
|
|
const response = await apiPost(`auth/register`, {
|
|
username: state.username,
|
|
password: state.password,
|
|
email: state.email,
|
|
});
|
|
|
|
assert.equal(validate(response.id), true);
|
|
assert.equal(response.username, state.username);
|
|
assert.equal(response.registerDate > 0, true);
|
|
|
|
state.userId = response.id;
|
|
});
|
|
|
|
test("shouldn't be authorized to get logged user", async () => {
|
|
const response = await apiGet(`user/logged`);
|
|
|
|
assert.equal(response.error, "ACCESS_DENIED");
|
|
});
|
|
|
|
test("shouldn't be able to login", async () => {
|
|
const response = await apiPost(`auth/login`, {
|
|
username: state.username,
|
|
password: "wrong password",
|
|
});
|
|
|
|
assert.equal(response.username, state.username);
|
|
assert.equal(response.error, "ACCESS_DENIED");
|
|
});
|
|
|
|
test("can login", async () => {
|
|
const response = await apiPost(`auth/login`, {
|
|
username: state.username,
|
|
password: state.password,
|
|
});
|
|
|
|
assert.equal(validate(response.id), true);
|
|
assert.equal(validate(response.ownerId), true);
|
|
assert.equal(response.token.length > 0, true);
|
|
assert.equal(response.ownerId, state.userId);
|
|
|
|
state.sessionId = response.id;
|
|
state.token = response.token;
|
|
});
|
|
|
|
test("can get logged user", async () => {
|
|
const response = await apiGet(`user/logged`, state.token);
|
|
|
|
assert.equal(response.id, state.userId);
|
|
});
|
|
|
|
test("shouldn't be authorized to get user", async () => {
|
|
const response1 = await apiGet(`user/${state.userId}`);
|
|
assert.equal(response1.error, "ACCESS_DENIED");
|
|
const response2 = await apiGet(`user/ac5b5aa7-3bee-4038-90c5-1007e83de1a8`);
|
|
assert.equal(response2.error, "ACCESS_DENIED");
|
|
});
|
|
|
|
test("can get user", async () => {
|
|
const response = await apiGet(`user/${state.userId}`, state.token);
|
|
|
|
assert.equal(response.id, state.userId);
|
|
assert.equal(response.username, state.username);
|
|
assert.equal(response.email, state.email);
|
|
});
|
|
|
|
test("can modify user", async () => {
|
|
state.email = "testusermod@test.test";
|
|
state.description = "this is a test user";
|
|
|
|
const responsePatch = await apiPatch(
|
|
`user/${state.userId}`,
|
|
{
|
|
email: state.email,
|
|
description: state.description,
|
|
},
|
|
state.token,
|
|
);
|
|
assert.equal(responsePatch.id, state.userId);
|
|
assert.equal(responsePatch.email, state.email);
|
|
assert.equal(responsePatch.description, state.description);
|
|
|
|
const responseGet = await apiGet(`user/${state.userId}`, state.token);
|
|
assert.equal(responseGet.id, state.userId);
|
|
assert.equal(responseGet.email, state.email);
|
|
assert.equal(responseGet.description, state.description);
|
|
});
|
|
|
|
test("can get user sessions", async () => {
|
|
const response = await apiGet(`user/${state.userId}/sessions`, state.token);
|
|
|
|
assert.equal(response.id, state.userId);
|
|
assert.equal(response.sessions.length, 1);
|
|
assert.equal(response.sessions[0].id, state.sessionId);
|
|
assert.equal(response.sessions[0].userId, state.userId);
|
|
});
|
|
|
|
test("can get session", async () => {
|
|
const response = await apiGet(`session/${state.sessionId}`, state.token);
|
|
|
|
assert.equal(response.id, state.sessionId);
|
|
assert.equal(response.userId, state.userId);
|
|
assert.equal(response.creationDate > 0, true);
|
|
});
|
|
|
|
test("can delete session", async () => {
|
|
const responseLogin = await apiPost(`auth/login`, {
|
|
username: state.username,
|
|
password: state.password,
|
|
});
|
|
const sessionToDelete = responseLogin.id;
|
|
|
|
const responseSessions1 = await apiGet(
|
|
`user/${state.userId}/sessions`,
|
|
state.token,
|
|
);
|
|
assert.equal(responseSessions1.id, state.userId);
|
|
assert.equal(responseSessions1.sessions.length, 2);
|
|
|
|
const responseDelete = await apiDelete(
|
|
`session/${sessionToDelete}`,
|
|
{},
|
|
state.token,
|
|
);
|
|
assert.equal(responseDelete.id, sessionToDelete);
|
|
assert.equal(responseDelete.userId, state.userId);
|
|
|
|
const responseGet = await apiGet(`session/${sessionToDelete}`, state.token);
|
|
assert.equal(responseGet.error, "ACCESS_DENIED");
|
|
|
|
const responseSessions2 = await apiGet(
|
|
`user/${state.userId}/sessions`,
|
|
state.token,
|
|
);
|
|
assert.equal(responseSessions2.id, state.userId);
|
|
assert.equal(responseSessions2.sessions.length, 1);
|
|
});
|
|
|
|
/*
|
|
test("can create user", async () => {
|
|
state.newUserName = "New User";
|
|
state.newUserPassword = "2142";
|
|
state.newUserDescription = "This is a New User";
|
|
|
|
const response = await apiPost(
|
|
`user`,
|
|
{
|
|
username: state.newUserName,
|
|
password: state.newUserPassword,
|
|
description: state.newUserDescription,
|
|
},
|
|
state.token,
|
|
);
|
|
|
|
assert.equal(validate(response.id), true);
|
|
assert.equal(response.username, state.newUserName);
|
|
assert.equal(response.description, state.newUserDescription);
|
|
assert.equal(response.admin, false);
|
|
|
|
state.newUserId = response.id;
|
|
|
|
const responseGet = await apiGet(`user/${state.newUserId}`, state.token);
|
|
assert.equal(responseGet.username, state.newUserName);
|
|
});
|
|
|
|
test("can delete user", async () => {
|
|
const responseDelete = await apiDelete(
|
|
`user/${state.newUserId}`,
|
|
{},
|
|
state.token,
|
|
);
|
|
assert.equal(responseDelete.id, state.newUserId);
|
|
|
|
const responseGet = await apiGet(`user/${state.newUserId}`, state.token);
|
|
assert.equal(responseGet.error, "NOT_FOUND");
|
|
});
|
|
*/
|