UNPKG

set-link-transfer

Version:

Create JWT-protected download links for text or files, with zip & TTL support

52 lines (51 loc) • 2.16 kB

JavaScript

// test/index.test.ts import { test } from 'node:test'; import assert from 'node:assert'; import { mkdir, rm } from 'node:fs/promises'; import { join } from 'node:path'; import { tmpdir } from 'node:os'; import request from 'supertest'; import express from 'express'; import { createTransferRouter, MemoryRepo } from '../src/index.js'; import jwt from 'jsonwebtoken'; const tmp = join(tmpdir(), 'slt-' + Math.random().toString(36).slice(2)); await mkdir(tmp, { recursive: true }); test('MemoryRepo text TTL', async () => { const repo = new MemoryRepo(); repo.putText('a', 'hi', { ttl: 1 }); assert.ok(repo.get('a')); await new Promise(r => setTimeout(r, 1100)); assert.ok(!repo.get('a')); }); test('POST /upload text', async () => { const app = express(); app.use(express.json()); app.use(createTransferRouter({ jwtSecret: 'a'.repeat(32) })); const res = await request(app).post('/upload').send({ type: 'text', payload: 'hello' }); assert.strictEqual(res.status, 200); assert.ok(res.body.token); }); test('POST /upload file path traversal', async () => { const app = express(); app.use(express.json()); app.use(createTransferRouter({ jwtSecret: 'a'.repeat(32) })); const res = await request(app).post('/upload').send({ type: 'file', payload: ['../../../etc/passwd'] }); assert.strictEqual(res.status, 400); }); test('GET /download text', async () => { const app = express(); app.use(express.json()); app.use(createTransferRouter({ jwtSecret: 'a'.repeat(32) })); const up = await request(app).post('/upload').send({ type: 'text', payload: 'download' }); const res = await request(app).get(`/download/${up.body.token}`); assert.strictEqual(res.text, 'download'); }); test('GET /download expired token', async () => { const app = express(); app.use(express.json()); app.use(createTransferRouter({ jwtSecret: 'a'.repeat(32) })); const expired = jwt.sign({ id: 'x' }, 'a'.repeat(32), { expiresIn: -1 }); const res = await request(app).get(`/download/${expired}`); assert.strictEqual(res.status, 410); }); await rm(tmp, { recursive: true, force: true });