asyavee/medusa-store
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
d6372246ee47e01d16d3858824986d970e035e2c
medusa-store/integration-tests/api/__tests__/store/auth.js
David Preininger 2caff2efc7 feat(medusa): Authentication overhaul (#4064) 
* implemented bearer auth

* changed naming strat

* changed session auth to not use jwt

* typo

* changed auth header prefix for admin api token auth

* fixed supporting functions to work with new session type

* removed database calls for bearer auth improving performance

* removed unused deps

* changed auth in tests

* added integration tests

* Accepted suggested change

Co-authored-by: Carlos R. L. Rodrigues <37986729+carlos-r-l-rodrigues@users.noreply.github.com>

* Typo

Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com>

* more typos

Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com>

* proper formatting

Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com>

* removed endregion

Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com>

* removed startregion

Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com>

* fixed admin JWT integration test

* added more fixes to integration tests

* Update OAS

* Create fluffy-donkeys-hope.md

* created API reference for new auth

* implemented getToken in medusa-js

* Apply suggestions from code review

Co-authored-by: Shahed Nasser <shahednasser@gmail.com>

* Apply suggestions from code review

Co-authored-by: Shahed Nasser <shahednasser@gmail.com>

* deleted files which should be autogenerated

* Update fluffy-donkeys-hope.md

* JSDoc update

Co-authored-by: Oli Juhl <59018053+olivermrbl@users.noreply.github.com>

* added missing route exports

* implemented runtime domain safety in jwt token manager

* fixed jwt manager

* lint get-token files

* Update fluffy-donkeys-hope.md

* Revert "deleted files which should be autogenerated"

This reverts commit cd5e86623b822e6a6ac37322b952143ccc493df9.

* Revert "Apply suggestions from code review"

This reverts commit f02f07ce58fd9fcc2dfc80cadbb9df2665108d65.

* Revert "created API reference for new auth"

This reverts commit c9eafbb36453f5cf8047c79e94f470cb2d023c7d.

* renamed header for sending api access tokens

* medusa-js - changed apiKey header

---------

Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com>
Co-authored-by: Carlos R. L. Rodrigues <37986729+carlos-r-l-rodrigues@users.noreply.github.com>
Co-authored-by: olivermrbl <oliver@mrbltech.com>
Co-authored-by: Shahed Nasser <shahednasser@gmail.com>
2023-09-25 13:57:44 -04:00

156 lines
3.9 KiB
JavaScript
Raw Blame History

const path = require("path")
const setupServer = require("../../../environment-helpers/setup-server")
const { useApi } = require("../../../environment-helpers/use-api")
const { initDb, useDb } = require("../../../environment-helpers/use-db")
const { Customer } = require("@medusajs/medusa")
jest.setTimeout(30000)
describe("/store/auth", () => {
let medusaProcess
let dbConnection
beforeAll(async () => {
const cwd = path.resolve(path.join(__dirname, "..", ".."))
dbConnection = await initDb({ cwd })
medusaProcess = await setupServer({ cwd })
})
afterAll(async () => {
const db = useDb()
await db.shutdown()
medusaProcess.kill()
})
it("creates store session correctly", async () => {
const api = useApi()
await api
.post("/store/customers", {
email: "test@testesen.dk",
password: "secret_password",
first_name: "test",
last_name: "testesen",
})
.catch((err) => {
console.log(err)
})
const response = await api
.post("/store/auth", {
email: "test@testesen.dk",
password: "secret_password",
})
.catch((err) => {
console.log(err)
})
expect(response.status).toEqual(200)
expect(response.data.customer.password_hash).toEqual(undefined)
expect(response.data.customer).toEqual(
expect.objectContaining({
id: expect.any(String),
created_at: expect.any(String),
updated_at: expect.any(String),
first_name: "test",
last_name: "testesen",
phone: null,
email: "test@testesen.dk",
shipping_addresses: expect.arrayContaining([]),
})
)
})
describe("Store session management", () => {
beforeEach(async () => {
await dbConnection.manager.insert(Customer, {
id: "test_customer",
first_name: "oli",
last_name: "test",
email: "oli@test.dk",
password_hash:
"c2NyeXB0AAEAAAABAAAAAVMdaddoGjwU1TafDLLlBKnOTQga7P2dbrfgf3fB+rCD/cJOMuGzAvRdKutbYkVpuJWTU39P7OpuWNkUVoEETOVLMJafbI8qs8Qx/7jMQXkN", // password matching "test"
has_account: true,
})
await dbConnection.manager.insert(Customer, {
id: "test_customer_no_account",
first_name: "oli",
last_name: "test",
email: "oli+1@test.dk",
has_account: false,
})
})
afterEach(async () => {
const db = useDb()
await db.teardown()
})
it("successfully gets session", async () => {
const api = useApi()
const authResponse = await api.post("/store/auth", {
email: "oli@test.dk",
password: "test",
})
const [authCookie] = authResponse.headers["set-cookie"][0].split(";")
const me = await api.get("/store/auth", {
headers: {
Cookie: authCookie,
},
})
expect(me.status).toEqual(200)
})
it("throws 401 on customer without account", async () => {
expect.assertions(1)
const api = useApi()
try {
const authResponse = await api.post("/store/auth", {
email: "oli+1@test.dk",
password: "test",
})
const [authCookie] = authResponse.headers["set-cookie"][0].split(";")
await api.get("/store/auth", {
headers: {
Cookie: authCookie,
},
})
} catch (err) {
expect(err.response.status).toEqual(401)
}
})
it("creates customer JWT token correctly", async () => {
const api = useApi()
const authResponse = await api.post("/store/auth/token", {
email: "oli@test.dk",
password: "test",
})
const token = authResponse.data.access_token;
expect(token).toEqual(expect.any(String))
const me = await api.get("/store/auth", {
headers: {
Authorization: `Bearer ${token}`,
},
})
expect(me.status).toEqual(200)
})
})
})
Reference in New Issue View Git Blame Copy Permalink