Merge branch 'master' into cucumber-script

2025-12-13 07:46:06 +00:00 · 2023-11-28 17:11:45 +01:00 · 2023-11-28 17:11:45 +01:00 · bc18417d36
commit bc18417d36
parent 08b6a47e4d 963f4adee8
1 changed files with 15 additions and 35 deletions
--- a/backend/src/jwt/decode.spec.ts
+++ b/backend/src/jwt/decode.spec.ts
@ -1,35 +1,11 @@
 import Factory, { cleanDatabase } from '../db/factories'
 import { getDriver, getNeode } from '../db/neo4j'
 import decode from './decode'
+import encode from './encode'

 const driver = getDriver()
 const neode = getNeode()

-// here is the decoded JWT token:
-// {
-//   role: 'user',
-//   locationName: null,
-//   name: 'Jenny Rostock',
-//   about: null,
-//   avatar: 'https://s3.amazonaws.com/uifaces/faces/twitter/sasha_shestakov/128.jpg',
-//   id: 'u3',
-//   email: 'user@example.org',
-//   slug: 'jenny-rostock',
-//   iat: 1550846680,
-//   exp: 1637246680,
-//   aud: 'http://localhost:3000',
-//   iss: 'http://localhost:4000',
-//   sub: 'u3'
-// }
-// !!! if the token expires go into the GraphQL Playground in the browser at 'http://localhost:4000' with a running backend and a seeded Neo4j database
-//     now do the login mutation:
-//       mutation {
-//         login(email:"user@example.org", password:"1234")
-//       }
-//     replace this token here with the one you received as the result
-export const validAuthorizationHeader =
-  'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InUzIiwibmFtZSI6Ikplbm55IFJvc3RvY2siLCJzbHVnIjoiamVubnktcm9zdG9jayIsImlhdCI6MTYzNzY0NDMwMCwiZXhwIjoxNzAwNzU5NTAwLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjQwMDAiLCJzdWIiOiJ1MyJ9.ispIfRfgkXuYoIhKx7x2jPxgvHDJVv1ogMycLmfUnsk'
-
 beforeAll(async () => {
  await cleanDatabase()
 })
@ -75,14 +51,8 @@ describe('decode', () => {
  })

  describe('given valid JWT Bearer token', () => {
-    beforeEach(() => {
-      authorizationHeader = validAuthorizationHeader
-    })
-
-    it('returns null', returnsNull)
-
    describe('and corresponding user in the database', () => {
-      let user
+      let user, validAuthorizationHeader
      beforeEach(async () => {
        user = await Factory.build(
          'user',
@ -99,10 +69,11 @@ describe('decode', () => {
            email: 'user@example.org',
          },
        )
+        validAuthorizationHeader = encode(await user.toJson())
      })

      it('returns user object without email', async () => {
-        await expect(decode(driver, authorizationHeader)).resolves.toMatchObject({
+        await expect(decode(driver, validAuthorizationHeader)).resolves.toMatchObject({
          role: 'user',
          name: 'Jenny Rostock',
          id: 'u3',
@ -113,7 +84,7 @@ describe('decode', () => {
      it('sets `lastActiveAt`', async () => {
        let user = await neode.first('User', { id: 'u3' })
        await expect(user.toJson()).resolves.not.toHaveProperty('lastActiveAt')
-        await decode(driver, authorizationHeader)
+        await decode(driver, validAuthorizationHeader)
        user = await neode.first('User', { id: 'u3' })
        await expect(user.toJson()).resolves.toMatchObject({
          lastActiveAt: expect.any(String),
@ -129,7 +100,7 @@ describe('decode', () => {
        await expect(user.toJson()).resolves.toMatchObject({
          lastActiveAt: '2019-10-03T23:33:08.598Z',
        })
-        await decode(driver, authorizationHeader)
+        await decode(driver, validAuthorizationHeader)
        user = await neode.first('User', { id: 'u3' })
        await expect(user.toJson()).resolves.toMatchObject({
          // should be a different time by now ;)
@ -152,6 +123,15 @@ describe('decode', () => {

        it('returns null', returnsNull)
      })
+
+      describe('and NO corresponding user in the database', () => {
+        beforeEach(async () => {
+          await cleanDatabase()
+          authorizationHeader = validAuthorizationHeader
+        })
+
+        it('returns null', returnsNull)
+      })
    })
  })
 })