- E2E seed creates API key instead of user for authentication - Auth service tests cover only API key CRUD (removed user/session tests) - Auth middleware tests validate three-way auth: API key, Bearer token, OIDC session - Auth route tests mock getAuth for OIDC session, test /me and /keys endpoints - Remove all references to createUser, verifyPassword, createSession in auth tests
69 lines
2.0 KiB
TypeScript
69 lines
2.0 KiB
TypeScript
import { beforeEach, describe, expect, it } from "bun:test";
|
|
import {
|
|
createApiKey,
|
|
deleteApiKey,
|
|
listApiKeys,
|
|
verifyApiKey,
|
|
} from "../../src/server/services/auth.service.ts";
|
|
import { createTestDb } from "../helpers/db.ts";
|
|
|
|
describe("Auth Service", () => {
|
|
let db: ReturnType<typeof createTestDb>;
|
|
|
|
beforeEach(() => {
|
|
db = createTestDb();
|
|
});
|
|
|
|
describe("API Key Management", () => {
|
|
it("creates key and returns raw key once (length > 16, prefix matches first 8 chars)", async () => {
|
|
const result = await createApiKey(db, "test-key");
|
|
|
|
expect(result).toBeDefined();
|
|
expect(result.rawKey).toBeDefined();
|
|
expect(result.rawKey.length).toBeGreaterThan(16);
|
|
expect(result.keyPrefix).toBe(result.rawKey.slice(0, 8));
|
|
expect(result.name).toBe("test-key");
|
|
});
|
|
|
|
it("verifies valid key returns true", async () => {
|
|
const result = await createApiKey(db, "test-key");
|
|
const isValid = await verifyApiKey(db, result.rawKey);
|
|
|
|
expect(isValid).toBe(true);
|
|
});
|
|
|
|
it("rejects invalid key returns false", async () => {
|
|
await createApiKey(db, "test-key");
|
|
const isValid = await verifyApiKey(db, "invalidkey12345678");
|
|
|
|
expect(isValid).toBe(false);
|
|
});
|
|
|
|
it("deletes key so it is no longer valid", async () => {
|
|
const result = await createApiKey(db, "test-key");
|
|
deleteApiKey(db, result.id);
|
|
|
|
const isValid = await verifyApiKey(db, result.rawKey);
|
|
expect(isValid).toBe(false);
|
|
});
|
|
|
|
it("listApiKeys returns keys without hashes", async () => {
|
|
await createApiKey(db, "key-one");
|
|
await createApiKey(db, "key-two");
|
|
|
|
const keys = listApiKeys(db);
|
|
expect(keys).toHaveLength(2);
|
|
expect(keys[0].name).toBe("key-one");
|
|
expect(keys[1].name).toBe("key-two");
|
|
// Ensure no hash is exposed
|
|
for (const key of keys) {
|
|
expect(key).toHaveProperty("id");
|
|
expect(key).toHaveProperty("name");
|
|
expect(key).toHaveProperty("keyPrefix");
|
|
expect(key).toHaveProperty("createdAt");
|
|
expect(key).not.toHaveProperty("keyHash");
|
|
}
|
|
});
|
|
});
|
|
});
|