905c7d460b
* add test suite, mostly covers integration testing, tests are only backend side * workflow runs the correct script * workflow runs the correct script * workflow runs the correct script * unit tests incoming * Fix multer silent rejections and error handler info leak - Revert cb(null, false) to cb(new Error(...)) in auth.ts, collab.ts, and files.ts so invalid uploads return an error instead of silently dropping the file - Error handler in app.ts now always returns 500 / "Internal server error" instead of forwarding err.message to the client * Use statusCode consistently for multer errors and error handler - Error handler in app.ts reads err.statusCode to forward the correct HTTP status while keeping the response body generic
35 lines
1.0 KiB
TypeScript
35 lines
1.0 KiB
TypeScript
/**
|
|
* Auth helpers for integration tests.
|
|
*
|
|
* Provides utilities to generate JWTs and authenticate supertest requests
|
|
* using the fixed test JWT_SECRET from TEST_CONFIG.
|
|
*/
|
|
|
|
import jwt from 'jsonwebtoken';
|
|
import { TEST_CONFIG } from './test-db';
|
|
|
|
/** Signs a JWT for the given user ID using the test secret. */
|
|
export function generateToken(userId: number, extraClaims: Record<string, unknown> = {}): string {
|
|
return jwt.sign(
|
|
{ id: userId, ...extraClaims },
|
|
TEST_CONFIG.JWT_SECRET,
|
|
{ algorithm: 'HS256', expiresIn: '1h' }
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Returns a cookie string suitable for supertest:
|
|
* request(app).get('/api/...').set('Cookie', authCookie(userId))
|
|
*/
|
|
export function authCookie(userId: number): string {
|
|
return `trek_session=${generateToken(userId)}`;
|
|
}
|
|
|
|
/**
|
|
* Returns an Authorization header object suitable for supertest:
|
|
* request(app).get('/api/...').set(authHeader(userId))
|
|
*/
|
|
export function authHeader(userId: number): Record<string, string> {
|
|
return { Authorization: `Bearer ${generateToken(userId)}` };
|
|
}
|