Merge branch 'worktree-agent-a7f7c229' into Develop
# Conflicts: # .planning/REQUIREMENTS.md # .planning/ROADMAP.md # .planning/STATE.md # tests/routes/auth.test.ts # tests/services/auth.service.test.ts
This commit is contained in:
@@ -1,120 +1,17 @@
|
||||
import { beforeEach, describe, expect, it } from "bun:test";
|
||||
import {
|
||||
changePassword,
|
||||
createApiKey,
|
||||
createSession,
|
||||
createUser,
|
||||
deleteApiKey,
|
||||
deleteSession,
|
||||
getSession,
|
||||
getUserCount,
|
||||
listApiKeys,
|
||||
verifyApiKey,
|
||||
verifyPassword,
|
||||
} from "../../src/server/services/auth.service.ts";
|
||||
import { createTestDb } from "../helpers/db.ts";
|
||||
|
||||
describe("Auth Service", () => {
|
||||
let db: any;
|
||||
let db: ReturnType<typeof createTestDb>;
|
||||
|
||||
beforeEach(async () => {
|
||||
db = await createTestDb();
|
||||
});
|
||||
|
||||
describe("User Management", () => {
|
||||
it("creates a user with hashed password (hash !== plaintext)", async () => {
|
||||
const user = await createUser(db, "admin", "secret123");
|
||||
|
||||
expect(user).toBeDefined();
|
||||
expect(user.id).toBeGreaterThan(0);
|
||||
expect(user.username).toBe("admin");
|
||||
expect(user.passwordHash).not.toBe("secret123");
|
||||
expect(user.passwordHash.length).toBeGreaterThan(0);
|
||||
});
|
||||
|
||||
it("verifies correct password returns user", async () => {
|
||||
await createUser(db, "admin", "secret123");
|
||||
const user = await verifyPassword(db, "admin", "secret123");
|
||||
|
||||
expect(user).not.toBeNull();
|
||||
expect(user!.username).toBe("admin");
|
||||
});
|
||||
|
||||
it("rejects incorrect password returns null", async () => {
|
||||
await createUser(db, "admin", "secret123");
|
||||
const user = await verifyPassword(db, "admin", "wrongpassword");
|
||||
|
||||
expect(user).toBeNull();
|
||||
});
|
||||
|
||||
it("getUserCount returns 0 then 1", async () => {
|
||||
const countBefore = await getUserCount(db);
|
||||
expect(countBefore).toBe(0);
|
||||
|
||||
await createUser(db, "admin", "secret123");
|
||||
|
||||
const countAfter = await getUserCount(db);
|
||||
expect(countAfter).toBe(1);
|
||||
});
|
||||
|
||||
it("changes password successfully", async () => {
|
||||
await createUser(db, "admin", "oldpass");
|
||||
const changed = await changePassword(db, "admin", "oldpass", "newpass");
|
||||
expect(changed).toBe(true);
|
||||
|
||||
// Verify new password works
|
||||
const user = await verifyPassword(db, "admin", "newpass");
|
||||
expect(user).not.toBeNull();
|
||||
|
||||
// Verify old password no longer works
|
||||
const oldAttempt = await verifyPassword(db, "admin", "oldpass");
|
||||
expect(oldAttempt).toBeNull();
|
||||
});
|
||||
|
||||
it("rejects password change with wrong current password", async () => {
|
||||
await createUser(db, "admin", "secret123");
|
||||
const changed = await changePassword(
|
||||
db,
|
||||
"admin",
|
||||
"wrongcurrent",
|
||||
"newpass",
|
||||
);
|
||||
expect(changed).toBe(false);
|
||||
});
|
||||
});
|
||||
|
||||
describe("Session Management", () => {
|
||||
it("creates and retrieves a session (id length is 64 hex chars)", async () => {
|
||||
const user = await createUser(db, "admin", "secret123");
|
||||
const session = await createSession(db, user.id);
|
||||
|
||||
expect(session).toBeDefined();
|
||||
expect(session.id).toHaveLength(64);
|
||||
expect(session.userId).toBe(user.id);
|
||||
expect(session.expiresAt).toBeInstanceOf(Date);
|
||||
|
||||
const retrieved = await getSession(db, session.id);
|
||||
expect(retrieved).not.toBeNull();
|
||||
expect(retrieved!.id).toBe(session.id);
|
||||
});
|
||||
|
||||
it("returns null for expired session (expiryDays = -1)", async () => {
|
||||
const user = await createUser(db, "admin", "secret123");
|
||||
const session = await createSession(db, user.id, -1);
|
||||
|
||||
const retrieved = await getSession(db, session.id);
|
||||
expect(retrieved).toBeNull();
|
||||
});
|
||||
|
||||
it("deletes a session", async () => {
|
||||
const user = await createUser(db, "admin", "secret123");
|
||||
const session = await createSession(db, user.id);
|
||||
|
||||
await deleteSession(db, session.id);
|
||||
|
||||
const retrieved = await getSession(db, session.id);
|
||||
expect(retrieved).toBeNull();
|
||||
});
|
||||
beforeEach(() => {
|
||||
db = createTestDb();
|
||||
});
|
||||
|
||||
describe("API Key Management", () => {
|
||||
@@ -144,7 +41,7 @@ describe("Auth Service", () => {
|
||||
|
||||
it("deletes key so it is no longer valid", async () => {
|
||||
const result = await createApiKey(db, "test-key");
|
||||
await deleteApiKey(db, result.id);
|
||||
deleteApiKey(db, result.id);
|
||||
|
||||
const isValid = await verifyApiKey(db, result.rawKey);
|
||||
expect(isValid).toBe(false);
|
||||
@@ -154,7 +51,7 @@ describe("Auth Service", () => {
|
||||
await createApiKey(db, "key-one");
|
||||
await createApiKey(db, "key-two");
|
||||
|
||||
const keys = await listApiKeys(db);
|
||||
const keys = listApiKeys(db);
|
||||
expect(keys).toHaveLength(2);
|
||||
expect(keys[0].name).toBe("key-one");
|
||||
expect(keys[1].name).toBe("key-two");
|
||||
|
||||
Reference in New Issue
Block a user