-
Notifications
You must be signed in to change notification settings - Fork 455
Expand file tree
/
Copy pathrequireAuth.test.ts
More file actions
124 lines (103 loc) · 4.11 KB
/
requireAuth.test.ts
File metadata and controls
124 lines (103 loc) · 4.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
import type { RequestHandler } from 'express';
import type { Mock } from 'vitest';
import { beforeEach, describe, expect, it, vi } from 'vitest';
import { clerkMiddleware } from '../clerkMiddleware';
import { requireAuth } from '../requireAuth';
import type { ExpressRequestWithAuth } from '../types';
import { mockRequestWithAuth, runMiddleware } from './helpers';
let mockAuthenticateAndDecorateRequest: Mock;
let mockAuthenticateRequest: Mock;
vi.mock('../authenticateRequest', () => ({
authenticateAndDecorateRequest: (options = {}) => mockAuthenticateAndDecorateRequest(options),
authenticateRequest: (options = {}) => mockAuthenticateRequest(options),
}));
const { mockDeprecated } = vi.hoisted(() => ({
mockDeprecated: vi.fn(),
}));
vi.mock('@clerk/shared/deprecated', () => ({
deprecated: mockDeprecated,
}));
describe('requireAuth', () => {
beforeEach(() => {
vi.clearAllMocks();
mockAuthenticateAndDecorateRequest = vi.fn();
mockAuthenticateRequest = vi.fn();
mockDeprecated.mockClear();
});
it('should redirect to sign-in page when user is not authenticated', async () => {
process.env.CLERK_SIGN_IN_URL = '/sign-in';
mockAuthenticateAndDecorateRequest.mockImplementation((): RequestHandler => {
return (req, _res, next) => {
Object.assign(req, mockRequestWithAuth());
next();
};
});
const response = await runMiddleware(requireAuth());
expect(mockAuthenticateAndDecorateRequest).toHaveBeenCalled();
expect(response.status).toBe(302);
expect(response.headers.location).toBe('/sign-in');
});
it('should call next() when user is authenticated', async () => {
mockAuthenticateAndDecorateRequest.mockImplementation((): RequestHandler => {
return (req, _res, next) => {
Object.assign(req, mockRequestWithAuth({ userId: 'user_123' }));
next();
};
});
const response = await runMiddleware(requireAuth());
expect(mockAuthenticateAndDecorateRequest).toHaveBeenCalled();
expect(response.status).toBe(200);
expect(response.text).toBe('Hello world!');
});
it('should redirect to custom sign-in path when specified', async () => {
mockAuthenticateAndDecorateRequest.mockImplementation((): RequestHandler => {
return (req, _res, next) => {
Object.assign(req, mockRequestWithAuth({ userId: null }));
next();
};
});
const response = await runMiddleware(
requireAuth({
signInUrl: '/custom-sign-in',
}),
);
expect(mockAuthenticateAndDecorateRequest).toHaveBeenCalled();
expect(response.status).toBe(302);
expect(response.headers.location).toBe('/custom-sign-in');
});
it('should pass through if req.auth already exists', async () => {
mockAuthenticateRequest.mockReturnValue({
toAuth: () => ({ userId: null }),
});
mockAuthenticateAndDecorateRequest.mockImplementation((): RequestHandler => {
return (req, _res, next) => {
if ((req as ExpressRequestWithAuth).auth) {
return next();
}
const requestState = mockAuthenticateRequest({ request: req });
Object.assign(req, { auth: () => requestState.toAuth() });
next();
};
});
const response = await runMiddleware([clerkMiddleware(), requireAuth({ signInUrl: '/sign-in' })]);
expect(mockAuthenticateAndDecorateRequest).toHaveBeenCalledTimes(2);
// `authenticateRequest` should be called only once
expect(mockAuthenticateRequest).toHaveBeenCalledTimes(1);
// Redirect should still happen
expect(response.status).toBe(302);
expect(response.headers.location).toBe('/sign-in');
});
it('should emit a deprecation warning when called', async () => {
mockAuthenticateAndDecorateRequest.mockImplementation((): RequestHandler => {
return (req, _res, next) => {
Object.assign(req, mockRequestWithAuth({ userId: 'user_123' }));
next();
};
});
await runMiddleware(requireAuth());
expect(mockDeprecated).toHaveBeenCalledWith(
'requireAuth',
'Use `clerkMiddleware()` with `getAuth()` instead. `requireAuth` will be removed in the next major version.',
);
});
});