UNPKG

protected-cookie

Version:

Middleware for Express.js for setting HttpOnly cookie and get access to existance of this cookie

github.com/yankouskia/protected-cookie

yankouskia/protected-cookie

129 lines (99 loc) 4.47 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
var assert = require('assert'); var protectedCookie = require('..'); var sinon = require('sinon'); describe('protectedCookieMiddleware', function() { var req, res, next, protectedCookieMiddleware, protectedCookieMiddlewareWithFlag, protectedCookieMiddlewareWithFlagDelimiter, token, flag, tokenExistance, delimiter, options, tokenValue; beforeEach(() => { req = {}; res = {}; next = sinon.spy(); flag = 'check'; delimiter = '|'; protectedCookieMiddleware = protectedCookie(); protectedCookieMiddlewareWithFlag = protectedCookie(flag); protectedCookieMiddlewareWithFlagDelimiter = protectedCookie(flag, delimiter); token = 'token'; tokenValue = 'ok'; tokenExistance = 'token_exists'; options = { foo: 'bar' }; }); describe('should initialize methods', function() { it('should add protectedCookie and clearProtectedCookie methods and call next()', function() { protectedCookieMiddleware(req, res, next); assert(typeof res.protectedCookie, 'function'); assert(typeof res.clearProtectedCookie, 'function'); assert(next.calledOnce, true); }); }); describe('protectedCookie()', function() { it('should set cookie and existance flag on protectedCookie()', function() { res.cookie = sinon.spy(); protectedCookieMiddleware(req, res, next); res.protectedCookie(token, tokenValue); assert(res.cookie.calledTwice, true); assert(res.cookie.calledWithMatch(token, tokenValue, { httpOnly: true })); assert(res.cookie.calledWithMatch(tokenExistance, true, { httpOnly: false })); }); it('should set cookie and existance flag on protectedCookie() with custom flag', function() { res.cookie = sinon.spy(); protectedCookieMiddlewareWithFlag(req, res, next); res.protectedCookie(token, tokenValue); assert(res.cookie.calledTwice, true); assert(res.cookie.calledWithMatch(token, tokenValue, { httpOnly: true })); assert(res.cookie.calledWithMatch(token + '_' + flag, true, { httpOnly: false })); }); it('should set cookie and existance flag on protectedCookie() with custom flag and delimiter', function() { res.cookie = sinon.spy(); protectedCookieMiddlewareWithFlagDelimiter(req, res, next); res.protectedCookie(token, tokenValue); assert(res.cookie.calledTwice, true); assert(res.cookie.calledWithMatch(token, tokenValue, { httpOnly: true })); assert(res.cookie.calledWithMatch(token + delimiter + flag, true, { httpOnly: false })); }); it('should throw error if res.cookie is not defined', function() { protectedCookieMiddleware(req, res, next); assert.throws(res.protectedCookie.bind(null, token, tokenValue), Error); }); }); describe('clearProtectedCookie()', function() { it('should clear cookie and existance flag on clearProtectedCookie()', function() { res.clearCookie = sinon.spy(); protectedCookieMiddleware(req, res, next); res.clearProtectedCookie(token, options); assert(res.clearCookie.calledTwice, true); assert(res.clearCookie.calledWithMatch(token, options), true); assert(res.clearCookie.calledWithMatch(tokenExistance, options), true); }); it('should clear cookie and existance flag on clearProtectedCookie() with custom flag', function() { res.clearCookie = sinon.spy(); protectedCookieMiddlewareWithFlag(req, res, next); res.clearProtectedCookie(token, options); assert(res.clearCookie.calledTwice, true); assert(res.clearCookie.calledWithMatch(token, options), true); assert(res.clearCookie.calledWithMatch(token + '_' + flag, options), true); }); it('should clear cookie and existance flag on clearProtectedCookie() with custom flag and delimiter', function() { res.clearCookie = sinon.spy(); protectedCookieMiddlewareWithFlagDelimiter(req, res, next); res.clearProtectedCookie(token, options); assert(res.clearCookie.calledTwice, true); assert(res.clearCookie.calledWithMatch(token, options), true); assert(res.clearCookie.calledWithMatch(token + delimiter + flag, options), true); }); it('should throw error if res.clearCookie is not defined', function() { protectedCookieMiddleware(req, res, next); assert.throws(res.clearProtectedCookie.bind(null, token, tokenValue), Error); }); }); });