UNPKG

hapi-auth-jwt2

Version:

Hapi.js Authentication Plugin/Scheme using JSON Web Tokens (JWT)

github.com/dwyl/hapi-auth-jwt2

dwyl/hapi-auth-jwt2

94 lines (82 loc) 2.66 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
const test = require('tape'); const JWT = require('jsonwebtoken'); const secret = 'NeverShareYourSecret'; const server = require('./validate_func_server.cjs'); // test server which in turn loads our module test('Should respond with 500 when validate function throws an error', async function (t) { let options = { method: 'POST', url: '/privado', headers: { Authorization: JWT.sign({ id: 138, name: 'Test' }, secret) }, }; let response = await server.inject(options); t.equal(response.statusCode, 500, 'Server returned 500 for validate error'); t.end(); }); test('Should redirect when validate function returns a response object with redirect', async function (t) { let options = { method: 'POST', url: '/privado', headers: { Authorization: JWT.sign({ id: 200, name: 'Test' }, secret) }, }; let response = await server.inject(options); t.equal(response.statusCode, 302, 'Server redirected successfully'); t.equal( response.headers.location, 'https://dwyl.com', 'Server redirected to correct URL' ); t.end(); }); test('Should respond with 401 when validate function returns isValid false', async function (t) { let options = { method: 'POST', url: '/privado', headers: { Authorization: JWT.sign({ id: 139, name: 'Test' }, secret) }, }; let response = await server.inject(options); t.equal( response.statusCode, 401, 'Server returned 401 for invalid credentials' ); t.equal( response.result.message, 'Invalid credentials', 'Default error message for invalid credentials' ); t.end(); }); test('Should respond with custom error message when validate function returns custom errorMessage', async function (t) { let options = { method: 'POST', url: '/privado', headers: { Authorization: JWT.sign({ id: 140, name: 'Test' }, secret) }, }; let response = await server.inject(options); t.equal(response.statusCode, 401, 'Server returned 401 for custom error'); t.equal( response.result.message, 'Bad ID', 'Custom error message for invalid credentials' ); t.end(); }); test('Should respond with non-generic error message when validate function throws a non-server error', async function (t) { let options = { method: 'POST', url: '/privado', headers: { Authorization: JWT.sign({ id: 141, name: 'Test' }, secret) }, }; let response = await server.inject(options); t.equal( response.statusCode, 404, 'Server returned 404 for resource not found' ); t.equal( response.result.message, 'Resource not found', 'Error message for resource not found' ); t.end(); });