-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Expand file tree
/
Copy pathServerAuthPolicy.test.ts
More file actions
114 lines (102 loc) · 3.45 KB
/
ServerAuthPolicy.test.ts
File metadata and controls
114 lines (102 loc) · 3.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
import * as NodeServices from "@effect/platform-node/NodeServices";
import { expect, it } from "@effect/vitest";
import { Effect, Layer } from "effect";
import type { ServerConfigShape } from "../../config.ts";
import { ServerConfig } from "../../config.ts";
import { ServerAuthPolicy } from "../Services/ServerAuthPolicy.ts";
import { ServerAuthPolicyLive } from "./ServerAuthPolicy.ts";
const makeServerAuthPolicyLayer = (overrides?: Partial<ServerConfigShape>) =>
ServerAuthPolicyLive.pipe(
Layer.provide(
Layer.effect(
ServerConfig,
Effect.gen(function* () {
const config = yield* ServerConfig;
return {
...config,
...overrides,
} satisfies ServerConfigShape;
}),
).pipe(
Layer.provide(ServerConfig.layerTest(process.cwd(), { prefix: "t3-auth-policy-test-" })),
),
),
);
it.layer(NodeServices.layer)("ServerAuthPolicyLive", (it) => {
it.effect("uses desktop-managed-local policy for desktop mode", () =>
Effect.gen(function* () {
const policy = yield* ServerAuthPolicy;
const descriptor = yield* policy.getDescriptor();
expect(descriptor.policy).toBe("desktop-managed-local");
expect(descriptor.bootstrapMethods).toEqual(["desktop-bootstrap"]);
expect(descriptor.sessionCookieName).toBe("t3_session_3773");
}).pipe(
Effect.provide(
makeServerAuthPolicyLayer({
mode: "desktop",
port: 3773,
}),
),
),
);
it.effect("uses remote-reachable policy for desktop mode when bound beyond loopback", () =>
Effect.gen(function* () {
const policy = yield* ServerAuthPolicy;
const descriptor = yield* policy.getDescriptor();
expect(descriptor.policy).toBe("remote-reachable");
expect(descriptor.bootstrapMethods).toEqual(["desktop-bootstrap", "one-time-token"]);
}).pipe(
Effect.provide(
makeServerAuthPolicyLayer({
mode: "desktop",
host: "0.0.0.0",
}),
),
),
);
it.effect("uses loopback-browser policy for loopback web hosts", () =>
Effect.gen(function* () {
const policy = yield* ServerAuthPolicy;
const descriptor = yield* policy.getDescriptor();
expect(descriptor.policy).toBe("loopback-browser");
expect(descriptor.bootstrapMethods).toEqual(["one-time-token"]);
expect(descriptor.sessionCookieName).toBe("t3_session");
}).pipe(
Effect.provide(
makeServerAuthPolicyLayer({
mode: "web",
host: "127.0.0.1",
}),
),
),
);
it.effect("uses remote-reachable policy for wildcard web hosts", () =>
Effect.gen(function* () {
const policy = yield* ServerAuthPolicy;
const descriptor = yield* policy.getDescriptor();
expect(descriptor.policy).toBe("remote-reachable");
expect(descriptor.bootstrapMethods).toEqual(["one-time-token"]);
}).pipe(
Effect.provide(
makeServerAuthPolicyLayer({
mode: "web",
host: "0.0.0.0",
}),
),
),
);
it.effect("uses remote-reachable policy for non-loopback web hosts", () =>
Effect.gen(function* () {
const policy = yield* ServerAuthPolicy;
const descriptor = yield* policy.getDescriptor();
expect(descriptor.policy).toBe("remote-reachable");
}).pipe(
Effect.provide(
makeServerAuthPolicyLayer({
mode: "web",
host: "192.168.1.50",
}),
),
),
);
});