UNPKG

express-access-token

Version:

ExpressJS middleware that detects access token and attaches to request context (as: req.accessToken)

github.com/num8er/express-access-token

num8er/express-access-token

121 lines (96 loc) 3.04 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
const accessTokenMiddleware = require('../../lib/accessToken'); const crypto = require("crypto"); const next = jest.fn(); const res = Object.freeze({}); describe('lib/accessToken', () => { it('calls next function', () => { const req = {}; accessTokenMiddleware(req, res, next); expect(next).toHaveBeenCalled(); }); if('does not create accessToken in req context if token is empty', () => { const token = ''; const req = { headers: { authorization: `Bearer ${token}`, }, query: {accessToken: token}, cookies: {accessToken: token}, }; expect(req.accessToken).toBeUndefined(); expect(next).toHaveBeenCalled(); }); it('extracts token from "Authorization: TOKEN" header', () => { const token = crypto.randomBytes(32).toString('hex'); const req = { headers: { authorization: token, }, query: {}, cookies: {}, }; accessTokenMiddleware(req, res, next); expect(req.accessToken).toEqual(token); expect(next).toHaveBeenCalled(); }); it('extracts token from "Authorization: Bearer TOKEN" header', () => { const token = crypto.randomBytes(32).toString('hex'); const req = { headers: { authorization: `Bearer ${token}`, }, query: {}, cookies: {}, }; accessTokenMiddleware(req, res, next); expect(req.accessToken).toEqual(token); expect(next).toHaveBeenCalled(); }); it('extracts token from "Authorization: bearer TOKEN" header', () => { const token = crypto.randomBytes(32).toString('hex'); const req = { headers: { authorization: `bearer ${token}`, }, query: {}, cookies: {}, }; accessTokenMiddleware(req, res, next); expect(req.accessToken).toEqual(token); expect(next).toHaveBeenCalled(); }); it('extracts token from cookies', () => { const accessToken = crypto.randomBytes(32).toString('hex'); const req = { headers: {}, query: {}, cookies: {accessToken}, }; accessTokenMiddleware(req, res, next); expect(req.accessToken).toEqual(accessToken); expect(next).toHaveBeenCalled(); }); it('extracts token from query string', () => { const accessToken = crypto.randomBytes(32).toString('hex'); const req = { headers: {}, query: {accessToken}, cookies: {}, }; accessTokenMiddleware(req, res, next); expect(req.accessToken).toEqual(accessToken); expect(next).toHaveBeenCalled(); }); it('extracts token from cookies prior to query string', () => { const accessTokenInQuery = crypto.randomBytes(32).toString('hex'); const accessTokenInCookies = crypto.randomBytes(32).toString('hex'); const req = { headers: {}, query: {accessToken: accessTokenInQuery}, cookies: {accessToken: accessTokenInCookies}, }; accessTokenMiddleware(req, res, next); expect(req.accessToken).toEqual(accessTokenInCookies); expect(next).toHaveBeenCalled(); }); });