Add e2e test for server-with-auth

stanlemon · stanlemon · commit affa8456e867 · 2025-04-03T19:19:38.000-04:00
diff --git a/apps/template/app.test.js b/apps/template/app.test.js
@@ -3,6 +3,17 @@
  */
 import request from "supertest";
 import { app, db } from "./app.js";
+import { test__signupAndLogin } from "@stanlemon/server-with-auth";
+
+async function signupAndLogin() {
+  const { token } = await test__signupAndLogin(
+    app,
+    "test" + Math.random(),
+    "p@$$w0rd!",
+    { name: "Test User", email: "test@test.com" }
+  );
+  return token;
+}
 
 describe("/app", () => {
   afterEach(() => {
@@ -11,40 +22,46 @@ describe("/app", () => {
   });
 
   it("lists items", async () => {
+    const token = await signupAndLogin();
     const response = await request(app)
       .get("/api/items")
-      .set("Accept", "application/json");
+      .set("Accept", "application/json")
+      .set("Authorization", "Bearer " + token);
 
-    expect(response.headers["content-type"]).toMatch(/json/);
     expect(response.status).toEqual(200);
+    expect(response.headers["content-type"]).toMatch(/json/);
     expect(response.body).toEqual([]);
   });
 
   it("add item", async () => {
+    const token = await signupAndLogin();
     const response = await request(app)
       .post("/api/items")
       .set("Accept", "application/json")
-      .send({ item: "hello world" });
+      .send({ item: "hello world" })
+      .set("Authorization", "Bearer " + token);
 
-    expect(response.headers["content-type"]).toMatch(/json/);
     expect(response.status).toEqual(200);
+    expect(response.headers["content-type"]).toMatch(/json/);
     expect(response.body).toMatchObject([{ item: "hello world" }]);
   });
 
   it("delete item", async () => {
+    const token = await signupAndLogin();
     const response1 = await request(app)
       .post("/api/items")
       .set("Accept", "application/json")
+      .set("Authorization", "Bearer " + token)
       .send({ item: "hello world" });
-
     const items = response1.body;
 
     const response2 = await request(app)
       .delete(`/api/items/${items[0].id}`)
-      .set("Accept", "application/json");
+      .set("Accept", "application/json")
+      .set("Authorization", "Bearer " + token);
 
-    expect(response2.headers["content-type"]).toMatch(/json/);
     expect(response2.status).toEqual(200);
+    expect(response2.headers["content-type"]).toMatch(/json/);
     expect(response2.body).toMatchObject([]);
   });
 });
diff --git a/packages/server-with-auth/app.js b/packages/server-with-auth/app.js
@@ -29,7 +29,7 @@ const schemas = createSchemas({
   email: Joi.string().email().required().label("Email"),
 });
 
-const app = createAppServer({
+export const app = createAppServer({
   port: 3003,
   secure: ["/api/"],
   schemas,
@@ -43,12 +43,6 @@ app.get(
   handler(() => ({ hello: "world" }))
 );
 
-// Insecure endpoint
-app.get(
-  "/hello/:name",
-  handler(({ name = "world" }) => ({ hello: name }))
-);
-
 // Secure endpoint
 app.get(
   "/api/users",
diff --git a/packages/server-with-auth/app.test.js b/packages/server-with-auth/app.test.js
@@ -0,0 +1,53 @@
+/**
+ * @jest-environment node
+ */
+import request from "supertest";
+import { app } from "./app.js";
+import { signupAndLogin } from "./src/utilities/testUtils.js";
+
+const username = "test" + Math.random();
+const password = "p@$$w0rd!";
+
+describe("/app", () => {
+  it("Insecure endpoint", async () => {
+    // Insecure endpoint
+    const response = await request(app)
+      .get("/")
+      .set("Accept", "application/json");
+
+    expect(response.headers["content-type"]).toMatch(/json/);
+    expect(response.status).toEqual(200);
+    expect(response.body).toEqual({ hello: "world" });
+  });
+
+  it("Secure endpoint with no auth", async () => {
+    const response = await request(app)
+      .get("/api/users")
+      .set("Accept", "application/json");
+
+    expect(response.status).toEqual(401);
+  });
+
+  it("Secure endpoint with auth", async () => {
+    const session = await signupAndLogin(app, username, password, {
+      email: "test@test.com",
+      fullName: "Test User",
+    });
+
+    const token = session.token;
+
+    const response = await request(app)
+      .get("/api/users")
+      .set("Accept", "application/json")
+      .set("Authorization", "Bearer " + token);
+
+    expect(response.status).toEqual(200);
+    expect(response.headers["content-type"]).toMatch(/json/);
+    expect(response.body.users[0]).toEqual(
+      expect.objectContaining({
+        id: session.id,
+        username,
+      })
+    );
+  });
+});
diff --git a/packages/server-with-auth/src/createAppServer.js b/packages/server-with-auth/src/createAppServer.js
@@ -58,10 +58,6 @@ export default function createAppServer(options) {
 
   const app = createBaseAppServer({ port, webpack, start });
 
-  if (process.env.NODE_ENV === "test") {
-    return app;
-  }
-
   if (!process.env.COOKIE_SECRET) {
     console.warn("You need to specify a cookie secret!");
   }
diff --git a/packages/server-with-auth/src/index.js b/packages/server-with-auth/src/index.js
@@ -20,3 +20,4 @@ export {
   createInMemoryLowDb,
   createJsonFileLowDb,
 } from "./data/lowdb-user-dao.js";
+export { signupAndLogin as test__signupAndLogin } from "./utilities/testUtils.js";
diff --git a/packages/server-with-auth/src/utilities/testUtils.js b/packages/server-with-auth/src/utilities/testUtils.js
@@ -0,0 +1,45 @@
+import request from "supertest";
+import { v4 as uuidv4 } from "uuid";
+
+/**
+ * Utility function to create a user and login for testing purposes.
+ * @param {Express.Application} app express application server
+ * @param {string} username username to sign up and login with
+ * @param {string} password password to sign up and login with
+ * @returns {Promise<{ id: string, token: string, username: string }>} user session information
+ */
+export async function signupAndLogin(
+  app,
+  username = "test" + uuidv4(),
+  password = "p@$$w0rd!",
+  extra = {}
+) {
+  const signup = await request(app)
+    .post("/auth/signup")
+    .set("Content-Type", "application/json")
+    .set("Accept", "application/json")
+    .send({
+      username,
+      password,
+      ...extra,
+    })
+    .expect(200);
+
+  const session = await request(app)
+    .post("/auth/login")
+    .set("Content-Type", "application/json")
+    .set("Accept", "application/json")
+    .send({
+      username,
+      password,
+    })
+    .expect(200);
+
+  expect(signup.body.user.id).toEqual(session.body.user.id);
+
+  return {
+    id: session.body.user.id,
+    token: session.body.token,
+    username,
+  };
+}

Original file line number	Diff line number	Diff line change
`@@ -58,10 +58,6 @@ export default function createAppServer(options) {`
`58`	`58`
`59`	`59`	`const app = createBaseAppServer({ port, webpack, start });`
`60`	`60`
`61`		`- if (process.env.NODE_ENV === "test") {`
`62`		`- return app;`
`63`		`- }`
`64`		`-`
`65`	`61`	`if (!process.env.COOKIE_SECRET) {`
`66`	`62`	`console.warn("You need to specify a cookie secret!");`
`67`	`63`	`}`