UNPKG

@tsmx/express-jwt-validator

Version:

Simple express middleware for validating JWT bearer tokens.

github.com/tsmx/express-jwt-validator

tsmx/express-jwt-validator

90 lines (78 loc) 3.89 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
const testApp = require('./test-app'); const supertest = require('supertest'); const winston = require('winston'); const MemoryStream = require('memorystream'); const { tokenSecret, generateTestTokens } = require('./test-utils'); describe('express-jwt-validator test suite for logging with winston', () => { const testSecret = tokenSecret; const { testToken, expiredTestToken } = generateTestTokens(); let winstonLogger, memStream; let format = winston.format; const myFormat = format.printf((info) => { return `${info.level.toUpperCase()} ${info.message}`; }); beforeEach(() => { jest.resetModules(); memStream = new MemoryStream(null, { readable: false, end: false }); winstonLogger = winston.createLogger({ format: myFormat, transports: [new winston.transports.Stream({ stream: memStream })] }); }); it('tests a failed access to a secret route without bearer token and a winston logger defined', async () => { const app = testApp({ secret: testSecret, logger: winstonLogger }); const request = supertest(app); const response = await request .get('/secret'); expect(response.status).toBe(401); expect(memStream.toString()).toMatch(/^WARN?/); }); it('tests a failed access to a secret route with an invalid auth header (\'Bearer \' prefix missing) and a winston logger defined', async () => { const app = testApp({ secret: testSecret, logger: winstonLogger }); const request = supertest(app); const response = await request .get('/secret') .set('Authorization', testToken); expect(response.status).toBe(401); expect(memStream.toString()).toMatch(/^WARN?/); }); it('tests a failed access to a secret route with an invalid bearer token and a winston logger defined', async () => { const app = testApp({ secret: testSecret, logger: winstonLogger }); const request = supertest(app); const response = await request .get('/secret') .set('Authorization', 'Bearer xyz'); expect(response.status).toBe(401); expect(memStream.toString()).toMatch(/^ERROR?/); }); it('tests a failed access to a secret route with strict validation and an invalid bearer syntax and a winston logger defined', async () => { const app = testApp({ secret: testSecret, logger: winstonLogger, strictBearerValidation: true }); const request = supertest(app); const response = await request .get('/secret') .set('Authorization', 'BearerX ' + testToken); expect(response.status).toBe(401); expect(memStream.toString()).toMatch(/^WARN?/); }); it('tests a failed access to a secret route with an expired token and a winston logger defined', async () => { const app = testApp({ secret: testSecret, logger: winstonLogger }); const request = supertest(app); const response = await request .get('/secret') .set('Authorization', 'Bearer ' + expiredTestToken); expect(response.status).toBe(401); expect(response.body.error).toBeDefined(); expect(memStream.toString()).toMatch(/^WARN?/); }); it('tests a successful access to a secret route with a winston logger defined', async () => { const app = testApp({ secret: testSecret, logger: winstonLogger }); const request = supertest(app); const response = await request .get('/secret') .set('Authorization', 'Bearer ' + testToken); expect(response.status).toBe(200); expect(response.body.authData.user).toBe('TestUser123'); expect(response.body.authData.info).toBe('test test'); expect(memStream.toString()).toMatch(/^INFO?/); }); });