diff --git a/backend/src/jwt/decode.spec.ts b/backend/src/jwt/decode.spec.ts index 84caba736..ca27ef624 100644 --- a/backend/src/jwt/decode.spec.ts +++ b/backend/src/jwt/decode.spec.ts @@ -1,35 +1,11 @@ import Factory, { cleanDatabase } from '../db/factories' import { getDriver, getNeode } from '../db/neo4j' import decode from './decode' +import encode from './encode' const driver = getDriver() const neode = getNeode() -// here is the decoded JWT token: -// { -// role: 'user', -// locationName: null, -// name: 'Jenny Rostock', -// about: null, -// avatar: 'https://s3.amazonaws.com/uifaces/faces/twitter/sasha_shestakov/128.jpg', -// id: 'u3', -// email: 'user@example.org', -// slug: 'jenny-rostock', -// iat: 1550846680, -// exp: 1637246680, -// aud: 'http://localhost:3000', -// iss: 'http://localhost:4000', -// sub: 'u3' -// } -// !!! if the token expires go into the GraphQL Playground in the browser at 'http://localhost:4000' with a running backend and a seeded Neo4j database -// now do the login mutation: -// mutation { -// login(email:"user@example.org", password:"1234") -// } -// replace this token here with the one you received as the result -export const validAuthorizationHeader = - 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InUzIiwibmFtZSI6Ikplbm55IFJvc3RvY2siLCJzbHVnIjoiamVubnktcm9zdG9jayIsImlhdCI6MTYzNzY0NDMwMCwiZXhwIjoxNzAwNzU5NTAwLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjQwMDAiLCJzdWIiOiJ1MyJ9.ispIfRfgkXuYoIhKx7x2jPxgvHDJVv1ogMycLmfUnsk' - beforeAll(async () => { await cleanDatabase() }) @@ -75,14 +51,8 @@ describe('decode', () => { }) describe('given valid JWT Bearer token', () => { - beforeEach(() => { - authorizationHeader = validAuthorizationHeader - }) - - it('returns null', returnsNull) - describe('and corresponding user in the database', () => { - let user + let user, validAuthorizationHeader beforeEach(async () => { user = await Factory.build( 'user', @@ -99,10 +69,11 @@ describe('decode', () => { email: 'user@example.org', }, ) + validAuthorizationHeader = encode(await user.toJson()) }) it('returns user object without email', async () => { - await expect(decode(driver, authorizationHeader)).resolves.toMatchObject({ + await expect(decode(driver, validAuthorizationHeader)).resolves.toMatchObject({ role: 'user', name: 'Jenny Rostock', id: 'u3', @@ -113,7 +84,7 @@ describe('decode', () => { it('sets `lastActiveAt`', async () => { let user = await neode.first('User', { id: 'u3' }) await expect(user.toJson()).resolves.not.toHaveProperty('lastActiveAt') - await decode(driver, authorizationHeader) + await decode(driver, validAuthorizationHeader) user = await neode.first('User', { id: 'u3' }) await expect(user.toJson()).resolves.toMatchObject({ lastActiveAt: expect.any(String), @@ -129,7 +100,7 @@ describe('decode', () => { await expect(user.toJson()).resolves.toMatchObject({ lastActiveAt: '2019-10-03T23:33:08.598Z', }) - await decode(driver, authorizationHeader) + await decode(driver, validAuthorizationHeader) user = await neode.first('User', { id: 'u3' }) await expect(user.toJson()).resolves.toMatchObject({ // should be a different time by now ;) @@ -152,6 +123,15 @@ describe('decode', () => { it('returns null', returnsNull) }) + + describe('and NO corresponding user in the database', () => { + beforeEach(async () => { + await cleanDatabase() + authorizationHeader = validAuthorizationHeader + }) + + it('returns null', returnsNull) + }) }) }) })