@fastify/cookie 11.0.1 → 11.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/ci.yml +1 -1
- package/README.md +31 -28
- package/benchmark/cookie-multi.js +1 -1
- package/benchmark/cookie.js +1 -1
- package/eslint.config.js +6 -0
- package/package.json +30 -8
- package/plugin.js +2 -2
- package/signer.js +1 -1
- package/test/cookie.test.js +504 -536
- package/test/signer.test.js +51 -64
- package/types/plugin.d.ts +21 -26
- package/types/plugin.test-d.ts +120 -120
- package/.taprc +0 -2
package/test/cookie.test.js
CHANGED
|
@@ -1,71 +1,71 @@
|
|
|
1
1
|
'use strict'
|
|
2
2
|
|
|
3
|
-
const { test } = require('
|
|
3
|
+
const { describe, test } = require('node:test')
|
|
4
4
|
const Fastify = require('fastify')
|
|
5
5
|
const sinon = require('sinon')
|
|
6
6
|
const { sign, unsign } = require('../signer')
|
|
7
7
|
const plugin = require('../')
|
|
8
8
|
|
|
9
|
-
test('cookies get set correctly', (t) => {
|
|
10
|
-
t.plan(
|
|
9
|
+
test('cookies get set correctly', async (t) => {
|
|
10
|
+
t.plan(6)
|
|
11
|
+
|
|
11
12
|
const fastify = Fastify()
|
|
12
13
|
fastify.register(plugin)
|
|
13
14
|
|
|
14
|
-
fastify.get('/test1', (
|
|
15
|
+
fastify.get('/test1', (_req, reply) => {
|
|
15
16
|
reply
|
|
16
17
|
.setCookie('foo', 'foo', { path: '/' })
|
|
17
18
|
.send({ hello: 'world' })
|
|
18
19
|
})
|
|
19
20
|
|
|
20
|
-
fastify.inject({
|
|
21
|
+
const res = await fastify.inject({
|
|
21
22
|
method: 'GET',
|
|
22
23
|
url: '/test1'
|
|
23
|
-
}, (err, res) => {
|
|
24
|
-
t.error(err)
|
|
25
|
-
t.equal(res.statusCode, 200)
|
|
26
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
27
|
-
|
|
28
|
-
const cookies = res.cookies
|
|
29
|
-
t.equal(cookies.length, 1)
|
|
30
|
-
t.equal(cookies[0].name, 'foo')
|
|
31
|
-
t.equal(cookies[0].value, 'foo')
|
|
32
|
-
t.equal(cookies[0].path, '/')
|
|
33
24
|
})
|
|
25
|
+
|
|
26
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
27
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
28
|
+
|
|
29
|
+
const cookies = res.cookies
|
|
30
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
31
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
32
|
+
t.assert.strictEqual(cookies[0].value, 'foo')
|
|
33
|
+
t.assert.strictEqual(cookies[0].path, '/')
|
|
34
34
|
})
|
|
35
35
|
|
|
36
|
-
test('express cookie compatibility', (t) => {
|
|
37
|
-
t.plan(
|
|
36
|
+
test('express cookie compatibility', async (t) => {
|
|
37
|
+
t.plan(6)
|
|
38
|
+
|
|
38
39
|
const fastify = Fastify()
|
|
39
40
|
fastify.register(plugin)
|
|
40
41
|
|
|
41
|
-
fastify.get('/espresso', (
|
|
42
|
+
fastify.get('/espresso', (_req, reply) => {
|
|
42
43
|
reply
|
|
43
44
|
.cookie('foo', 'foo', { path: '/' })
|
|
44
45
|
.send({ hello: 'world' })
|
|
45
46
|
})
|
|
46
47
|
|
|
47
|
-
fastify.inject({
|
|
48
|
+
const res = await fastify.inject({
|
|
48
49
|
method: 'GET',
|
|
49
50
|
url: '/espresso'
|
|
50
|
-
}, (err, res) => {
|
|
51
|
-
t.error(err)
|
|
52
|
-
t.equal(res.statusCode, 200)
|
|
53
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
54
|
-
|
|
55
|
-
const cookies = res.cookies
|
|
56
|
-
t.equal(cookies.length, 1)
|
|
57
|
-
t.equal(cookies[0].name, 'foo')
|
|
58
|
-
t.equal(cookies[0].value, 'foo')
|
|
59
|
-
t.equal(cookies[0].path, '/')
|
|
60
51
|
})
|
|
52
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
53
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
54
|
+
|
|
55
|
+
const cookies = res.cookies
|
|
56
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
57
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
58
|
+
t.assert.strictEqual(cookies[0].value, 'foo')
|
|
59
|
+
t.assert.strictEqual(cookies[0].path, '/')
|
|
61
60
|
})
|
|
62
61
|
|
|
63
|
-
test('should set multiple cookies', (t) => {
|
|
64
|
-
t.plan(
|
|
62
|
+
test('should set multiple cookies', async (t) => {
|
|
63
|
+
t.plan(9)
|
|
64
|
+
|
|
65
65
|
const fastify = Fastify()
|
|
66
66
|
fastify.register(plugin)
|
|
67
67
|
|
|
68
|
-
fastify.get('/', (
|
|
68
|
+
fastify.get('/', (_req, reply) => {
|
|
69
69
|
reply
|
|
70
70
|
.setCookie('foo', 'foo')
|
|
71
71
|
.cookie('bar', 'test')
|
|
@@ -73,31 +73,30 @@ test('should set multiple cookies', (t) => {
|
|
|
73
73
|
.send({ hello: 'world' })
|
|
74
74
|
})
|
|
75
75
|
|
|
76
|
-
fastify.inject({
|
|
76
|
+
const res = await fastify.inject({
|
|
77
77
|
method: 'GET',
|
|
78
78
|
url: '/'
|
|
79
|
-
}, (err, res) => {
|
|
80
|
-
t.error(err)
|
|
81
|
-
t.equal(res.statusCode, 200)
|
|
82
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
83
|
-
|
|
84
|
-
const cookies = res.cookies
|
|
85
|
-
t.equal(cookies.length, 3)
|
|
86
|
-
t.equal(cookies[0].name, 'foo')
|
|
87
|
-
t.equal(cookies[0].value, 'foo')
|
|
88
|
-
t.equal(cookies[1].name, 'bar')
|
|
89
|
-
t.equal(cookies[1].value, 'test')
|
|
90
|
-
t.equal(cookies[2].name, 'wee')
|
|
91
|
-
t.equal(cookies[2].value, 'woo')
|
|
92
79
|
})
|
|
80
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
81
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
82
|
+
|
|
83
|
+
const cookies = res.cookies
|
|
84
|
+
t.assert.strictEqual(cookies.length, 3)
|
|
85
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
86
|
+
t.assert.strictEqual(cookies[0].value, 'foo')
|
|
87
|
+
t.assert.strictEqual(cookies[1].name, 'bar')
|
|
88
|
+
t.assert.strictEqual(cookies[1].value, 'test')
|
|
89
|
+
t.assert.strictEqual(cookies[2].name, 'wee')
|
|
90
|
+
t.assert.strictEqual(cookies[2].value, 'woo')
|
|
93
91
|
})
|
|
94
92
|
|
|
95
|
-
test('should set multiple cookies', (t) => {
|
|
96
|
-
t.plan(
|
|
93
|
+
test('should set multiple cookies', async (t) => {
|
|
94
|
+
t.plan(11)
|
|
95
|
+
|
|
97
96
|
const fastify = Fastify()
|
|
98
97
|
fastify.register(plugin)
|
|
99
98
|
|
|
100
|
-
fastify.get('/', (
|
|
99
|
+
fastify.get('/', (_req, reply) => {
|
|
101
100
|
reply
|
|
102
101
|
.setCookie('foo', 'foo')
|
|
103
102
|
.cookie('bar', 'test', {
|
|
@@ -110,34 +109,33 @@ test('should set multiple cookies', (t) => {
|
|
|
110
109
|
.send({ hello: 'world' })
|
|
111
110
|
})
|
|
112
111
|
|
|
113
|
-
fastify.inject({
|
|
112
|
+
const res = await fastify.inject({
|
|
114
113
|
method: 'GET',
|
|
115
114
|
url: '/'
|
|
116
|
-
}, (err, res) => {
|
|
117
|
-
t.error(err)
|
|
118
|
-
t.equal(res.statusCode, 200)
|
|
119
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
120
|
-
|
|
121
|
-
const cookies = res.cookies
|
|
122
|
-
t.equal(cookies.length, 3)
|
|
123
|
-
t.equal(cookies[0].name, 'foo')
|
|
124
|
-
t.equal(cookies[0].value, 'foo')
|
|
125
|
-
t.equal(cookies[1].name, 'bar')
|
|
126
|
-
t.equal(cookies[1].value, 'test')
|
|
127
|
-
t.equal(cookies[2].name, 'wee')
|
|
128
|
-
t.equal(cookies[2].value, 'woo')
|
|
129
|
-
|
|
130
|
-
t.equal(res.headers['set-cookie'][1], 'bar=test; Partitioned; SameSite=Lax')
|
|
131
|
-
t.equal(res.headers['set-cookie'][2], 'wee=woo; Secure; Partitioned; SameSite=Lax')
|
|
132
115
|
})
|
|
116
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
117
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
118
|
+
|
|
119
|
+
const cookies = res.cookies
|
|
120
|
+
t.assert.strictEqual(cookies.length, 3)
|
|
121
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
122
|
+
t.assert.strictEqual(cookies[0].value, 'foo')
|
|
123
|
+
t.assert.strictEqual(cookies[1].name, 'bar')
|
|
124
|
+
t.assert.strictEqual(cookies[1].value, 'test')
|
|
125
|
+
t.assert.strictEqual(cookies[2].name, 'wee')
|
|
126
|
+
t.assert.strictEqual(cookies[2].value, 'woo')
|
|
127
|
+
|
|
128
|
+
t.assert.strictEqual(res.headers['set-cookie'][1], 'bar=test; Partitioned; SameSite=Lax')
|
|
129
|
+
t.assert.strictEqual(res.headers['set-cookie'][2], 'wee=woo; Secure; Partitioned; SameSite=Lax')
|
|
133
130
|
})
|
|
134
131
|
|
|
135
|
-
test('should set multiple cookies (an array already exists)', (t) => {
|
|
136
|
-
t.plan(
|
|
132
|
+
test('should set multiple cookies (an array already exists)', async (t) => {
|
|
133
|
+
t.plan(9)
|
|
134
|
+
|
|
137
135
|
const fastify = Fastify()
|
|
138
136
|
fastify.register(plugin)
|
|
139
137
|
|
|
140
|
-
fastify.get('/test1', (
|
|
138
|
+
fastify.get('/test1', (_req, reply) => {
|
|
141
139
|
reply
|
|
142
140
|
.header('Set-Cookie', ['bar=bar'])
|
|
143
141
|
.setCookie('foo', 'foo', { path: '/' })
|
|
@@ -145,57 +143,55 @@ test('should set multiple cookies (an array already exists)', (t) => {
|
|
|
145
143
|
.send({ hello: 'world' })
|
|
146
144
|
})
|
|
147
145
|
|
|
148
|
-
fastify.inject({
|
|
146
|
+
const res = await fastify.inject({
|
|
149
147
|
method: 'GET',
|
|
150
148
|
url: '/test1'
|
|
151
|
-
}, (err, res) => {
|
|
152
|
-
t.error(err)
|
|
153
|
-
t.equal(res.statusCode, 200)
|
|
154
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
155
|
-
|
|
156
|
-
const cookies = res.cookies
|
|
157
|
-
t.equal(cookies.length, 3)
|
|
158
|
-
t.equal(cookies[0].name, 'bar')
|
|
159
|
-
t.equal(cookies[0].value, 'bar')
|
|
160
|
-
t.equal(cookies[0].path, undefined)
|
|
161
|
-
|
|
162
|
-
t.equal(cookies[1].name, 'foo')
|
|
163
|
-
t.equal(cookies[1].value, 'foo')
|
|
164
|
-
t.equal(cookies[2].path, '/path')
|
|
165
149
|
})
|
|
150
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
151
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
152
|
+
|
|
153
|
+
const cookies = res.cookies
|
|
154
|
+
t.assert.strictEqual(cookies.length, 3)
|
|
155
|
+
t.assert.strictEqual(cookies[0].name, 'bar')
|
|
156
|
+
t.assert.strictEqual(cookies[0].value, 'bar')
|
|
157
|
+
t.assert.strictEqual(cookies[0].path, undefined)
|
|
158
|
+
|
|
159
|
+
t.assert.strictEqual(cookies[1].name, 'foo')
|
|
160
|
+
t.assert.strictEqual(cookies[1].value, 'foo')
|
|
161
|
+
t.assert.strictEqual(cookies[2].path, '/path')
|
|
166
162
|
})
|
|
167
163
|
|
|
168
|
-
test('cookies get set correctly with millisecond dates', (t) => {
|
|
169
|
-
t.plan(
|
|
164
|
+
test('cookies get set correctly with millisecond dates', async (t) => {
|
|
165
|
+
t.plan(7)
|
|
166
|
+
|
|
170
167
|
const fastify = Fastify()
|
|
171
168
|
fastify.register(plugin)
|
|
172
169
|
|
|
173
|
-
fastify.get('/test1', (
|
|
170
|
+
fastify.get('/test1', (_req, reply) => {
|
|
174
171
|
reply
|
|
175
172
|
.setCookie('foo', 'foo', { path: '/', expires: Date.now() + 1000 })
|
|
176
173
|
.send({ hello: 'world' })
|
|
177
174
|
})
|
|
178
175
|
|
|
179
|
-
fastify.inject({
|
|
176
|
+
const res = await fastify.inject({
|
|
180
177
|
method: 'GET',
|
|
181
178
|
url: '/test1'
|
|
182
|
-
}, (err, res) => {
|
|
183
|
-
t.error(err)
|
|
184
|
-
t.equal(res.statusCode, 200)
|
|
185
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
186
|
-
|
|
187
|
-
const cookies = res.cookies
|
|
188
|
-
t.equal(cookies.length, 1)
|
|
189
|
-
t.equal(cookies[0].name, 'foo')
|
|
190
|
-
t.equal(cookies[0].value, 'foo')
|
|
191
|
-
t.equal(cookies[0].path, '/')
|
|
192
|
-
const expires = new Date(cookies[0].expires)
|
|
193
|
-
t.ok(expires < new Date(Date.now() + 5000))
|
|
194
179
|
})
|
|
180
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
181
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
182
|
+
|
|
183
|
+
const cookies = res.cookies
|
|
184
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
185
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
186
|
+
t.assert.strictEqual(cookies[0].value, 'foo')
|
|
187
|
+
t.assert.strictEqual(cookies[0].path, '/')
|
|
188
|
+
const expires = new Date(cookies[0].expires)
|
|
189
|
+
t.assert.ok(expires < new Date(Date.now() + 5000))
|
|
195
190
|
})
|
|
196
191
|
|
|
197
|
-
test('share options for setCookie and clearCookie', (t) => {
|
|
198
|
-
t.plan(
|
|
192
|
+
test('share options for setCookie and clearCookie', async (t) => {
|
|
193
|
+
t.plan(7)
|
|
194
|
+
|
|
199
195
|
const fastify = Fastify()
|
|
200
196
|
const secret = 'testsecret'
|
|
201
197
|
fastify.register(plugin, { secret })
|
|
@@ -205,33 +201,32 @@ test('share options for setCookie and clearCookie', (t) => {
|
|
|
205
201
|
maxAge: 36000
|
|
206
202
|
}
|
|
207
203
|
|
|
208
|
-
fastify.get('/test1', (
|
|
204
|
+
fastify.get('/test1', (_req, reply) => {
|
|
209
205
|
reply
|
|
210
206
|
.setCookie('foo', 'foo', cookieOptions)
|
|
211
207
|
.clearCookie('foo', cookieOptions)
|
|
212
208
|
.send({ hello: 'world' })
|
|
213
209
|
})
|
|
214
210
|
|
|
215
|
-
fastify.inject({
|
|
211
|
+
const res = await fastify.inject({
|
|
216
212
|
method: 'GET',
|
|
217
213
|
url: '/test1'
|
|
218
|
-
}
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
214
|
+
})
|
|
215
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
216
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
222
217
|
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
218
|
+
const cookies = res.cookies
|
|
219
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
220
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
221
|
+
t.assert.strictEqual(cookies[0].value, '')
|
|
222
|
+
t.assert.strictEqual(cookies[0].maxAge, 0)
|
|
228
223
|
|
|
229
|
-
|
|
230
|
-
})
|
|
224
|
+
t.assert.ok(new Date(cookies[0].expires) < new Date())
|
|
231
225
|
})
|
|
232
226
|
|
|
233
|
-
test('expires should not be overridden in clearCookie', (t) => {
|
|
234
|
-
t.plan(
|
|
227
|
+
test('expires should not be overridden in clearCookie', async (t) => {
|
|
228
|
+
t.plan(6)
|
|
229
|
+
|
|
235
230
|
const fastify = Fastify()
|
|
236
231
|
const secret = 'testsecret'
|
|
237
232
|
fastify.register(plugin, { secret })
|
|
@@ -241,129 +236,127 @@ test('expires should not be overridden in clearCookie', (t) => {
|
|
|
241
236
|
expires: Date.now() + 1000
|
|
242
237
|
}
|
|
243
238
|
|
|
244
|
-
fastify.get('/test1', (
|
|
239
|
+
fastify.get('/test1', (_req, reply) => {
|
|
245
240
|
reply
|
|
246
241
|
.setCookie('foo', 'foo', cookieOptions)
|
|
247
242
|
.clearCookie('foo', cookieOptions)
|
|
248
243
|
.send({ hello: 'world' })
|
|
249
244
|
})
|
|
250
245
|
|
|
251
|
-
fastify.inject({
|
|
246
|
+
const res = await fastify.inject({
|
|
252
247
|
method: 'GET',
|
|
253
248
|
url: '/test1'
|
|
254
|
-
}, (err, res) => {
|
|
255
|
-
t.error(err)
|
|
256
|
-
t.equal(res.statusCode, 200)
|
|
257
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
258
|
-
|
|
259
|
-
const cookies = res.cookies
|
|
260
|
-
t.equal(cookies.length, 1)
|
|
261
|
-
t.equal(cookies[0].name, 'foo')
|
|
262
|
-
t.equal(cookies[0].value, '')
|
|
263
|
-
const expires = new Date(cookies[0].expires)
|
|
264
|
-
t.ok(expires < new Date(Date.now() + 5000))
|
|
265
249
|
})
|
|
250
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
251
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
252
|
+
|
|
253
|
+
const cookies = res.cookies
|
|
254
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
255
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
256
|
+
t.assert.strictEqual(cookies[0].value, '')
|
|
257
|
+
const expires = new Date(cookies[0].expires)
|
|
258
|
+
t.assert.ok(expires < new Date(Date.now() + 5000))
|
|
266
259
|
})
|
|
267
260
|
|
|
268
|
-
test('parses incoming cookies', (t) => {
|
|
269
|
-
t.plan(
|
|
261
|
+
test('parses incoming cookies', async (t) => {
|
|
262
|
+
t.plan(14)
|
|
263
|
+
|
|
270
264
|
const fastify = Fastify()
|
|
271
265
|
fastify.register(plugin)
|
|
272
266
|
|
|
273
267
|
// check that it parses the cookies in the onRequest hook
|
|
274
268
|
for (const hook of ['preValidation', 'preHandler']) {
|
|
275
|
-
fastify.addHook(hook, (req,
|
|
276
|
-
t.ok(req.cookies)
|
|
277
|
-
t.ok(req.cookies.bar)
|
|
278
|
-
t.
|
|
269
|
+
fastify.addHook(hook, (req, _reply, done) => {
|
|
270
|
+
t.assert.ok(req.cookies)
|
|
271
|
+
t.assert.ok(req.cookies.bar)
|
|
272
|
+
t.assert.strictEqual(req.cookies.bar, 'bar')
|
|
279
273
|
done()
|
|
280
274
|
})
|
|
281
275
|
}
|
|
282
276
|
|
|
283
|
-
fastify.addHook('preParsing', (req,
|
|
284
|
-
t.ok(req.cookies)
|
|
285
|
-
t.ok(req.cookies.bar)
|
|
286
|
-
t.
|
|
277
|
+
fastify.addHook('preParsing', (req, _reply, _payload, done) => {
|
|
278
|
+
t.assert.ok(req.cookies)
|
|
279
|
+
t.assert.ok(req.cookies.bar)
|
|
280
|
+
t.assert.strictEqual(req.cookies.bar, 'bar')
|
|
287
281
|
done()
|
|
288
282
|
})
|
|
289
283
|
|
|
290
284
|
fastify.get('/test2', (req, reply) => {
|
|
291
|
-
t.ok(req.cookies)
|
|
292
|
-
t.ok(req.cookies.bar)
|
|
293
|
-
t.
|
|
285
|
+
t.assert.ok(req.cookies)
|
|
286
|
+
t.assert.ok(req.cookies.bar)
|
|
287
|
+
t.assert.strictEqual(req.cookies.bar, 'bar')
|
|
294
288
|
reply.send({ hello: 'world' })
|
|
295
289
|
})
|
|
296
290
|
|
|
297
|
-
fastify.inject({
|
|
291
|
+
const res = await fastify.inject({
|
|
298
292
|
method: 'GET',
|
|
299
293
|
url: '/test2',
|
|
300
294
|
headers: {
|
|
301
295
|
cookie: 'bar=bar'
|
|
302
296
|
}
|
|
303
|
-
}, (err, res) => {
|
|
304
|
-
t.error(err)
|
|
305
|
-
t.equal(res.statusCode, 200)
|
|
306
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
307
297
|
})
|
|
298
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
299
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
308
300
|
})
|
|
309
301
|
|
|
310
|
-
test('defined and undefined cookies', (t) => {
|
|
311
|
-
t.plan(
|
|
302
|
+
test('defined and undefined cookies', async (t) => {
|
|
303
|
+
t.plan(22)
|
|
304
|
+
|
|
312
305
|
const fastify = Fastify()
|
|
313
306
|
fastify.register(plugin)
|
|
314
307
|
|
|
315
308
|
// check that it parses the cookies in the onRequest hook
|
|
316
309
|
for (const hook of ['preValidation', 'preHandler']) {
|
|
317
|
-
fastify.addHook(hook, (req,
|
|
318
|
-
t.ok(req.cookies)
|
|
310
|
+
fastify.addHook(hook, (req, _reply, done) => {
|
|
311
|
+
t.assert.ok(req.cookies)
|
|
319
312
|
|
|
320
|
-
t.ok(req.cookies.bar)
|
|
321
|
-
t.
|
|
313
|
+
t.assert.ok(req.cookies.bar)
|
|
314
|
+
t.assert.ok(!req.cookies.baz)
|
|
322
315
|
|
|
323
|
-
t.
|
|
324
|
-
t.
|
|
316
|
+
t.assert.strictEqual(req.cookies.bar, 'bar')
|
|
317
|
+
t.assert.strictEqual(req.cookies.baz, undefined)
|
|
325
318
|
done()
|
|
326
319
|
})
|
|
327
320
|
}
|
|
328
321
|
|
|
329
|
-
fastify.addHook('preParsing', (req,
|
|
330
|
-
t.ok(req.cookies)
|
|
322
|
+
fastify.addHook('preParsing', (req, _reply, _payload, done) => {
|
|
323
|
+
t.assert.ok(req.cookies)
|
|
324
|
+
|
|
325
|
+
t.assert.ok(req.cookies.bar)
|
|
326
|
+
t.assert.ok(!req.cookies.baz)
|
|
331
327
|
|
|
332
|
-
t.
|
|
333
|
-
t.
|
|
328
|
+
t.assert.strictEqual(req.cookies.bar, 'bar')
|
|
329
|
+
t.assert.strictEqual(req.cookies.baz, undefined)
|
|
334
330
|
|
|
335
|
-
t.equal(req.cookies.bar, 'bar')
|
|
336
|
-
t.equal(req.cookies.baz, undefined)
|
|
337
331
|
done()
|
|
338
332
|
})
|
|
339
333
|
|
|
340
334
|
fastify.get('/test2', (req, reply) => {
|
|
341
|
-
t.ok(req.cookies)
|
|
335
|
+
t.assert.ok(req.cookies)
|
|
342
336
|
|
|
343
|
-
t.ok(req.cookies.bar)
|
|
344
|
-
t.
|
|
337
|
+
t.assert.ok(req.cookies.bar)
|
|
338
|
+
t.assert.ok(!req.cookies.baz)
|
|
345
339
|
|
|
346
|
-
t.
|
|
347
|
-
t.
|
|
340
|
+
t.assert.strictEqual(req.cookies.bar, 'bar')
|
|
341
|
+
t.assert.strictEqual(req.cookies.baz, undefined)
|
|
348
342
|
|
|
349
343
|
reply.send({ hello: 'world' })
|
|
350
344
|
})
|
|
351
345
|
|
|
352
|
-
fastify.inject({
|
|
346
|
+
const res = await fastify.inject({
|
|
353
347
|
method: 'GET',
|
|
354
348
|
url: '/test2',
|
|
355
349
|
headers: {
|
|
356
350
|
cookie: 'bar=bar'
|
|
357
351
|
}
|
|
358
|
-
}, (err, res) => {
|
|
359
|
-
t.error(err)
|
|
360
|
-
t.equal(res.statusCode, 200)
|
|
361
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
362
352
|
})
|
|
353
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
354
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
363
355
|
})
|
|
364
356
|
|
|
365
|
-
test('does not modify supplied cookie options object', (t) => {
|
|
366
|
-
t.plan(
|
|
357
|
+
test('does not modify supplied cookie options object', async (t) => {
|
|
358
|
+
t.plan(2)
|
|
359
|
+
|
|
367
360
|
const expireDate = Date.now() + 1000
|
|
368
361
|
const cookieOptions = {
|
|
369
362
|
path: '/',
|
|
@@ -372,110 +365,104 @@ test('does not modify supplied cookie options object', (t) => {
|
|
|
372
365
|
const fastify = Fastify()
|
|
373
366
|
fastify.register(plugin)
|
|
374
367
|
|
|
375
|
-
fastify.get('/test1', (
|
|
368
|
+
fastify.get('/test1', (_req, reply) => {
|
|
376
369
|
reply
|
|
377
370
|
.setCookie('foo', 'foo', cookieOptions)
|
|
378
371
|
.send({ hello: 'world' })
|
|
379
372
|
})
|
|
380
373
|
|
|
381
|
-
fastify.inject({
|
|
374
|
+
const res = await fastify.inject({
|
|
382
375
|
method: 'GET',
|
|
383
376
|
url: '/test1'
|
|
384
|
-
}
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
expires: expireDate
|
|
390
|
-
})
|
|
377
|
+
})
|
|
378
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
379
|
+
t.assert.deepStrictEqual(cookieOptions, {
|
|
380
|
+
path: '/',
|
|
381
|
+
expires: expireDate
|
|
391
382
|
})
|
|
392
383
|
})
|
|
393
384
|
|
|
394
|
-
test('cookies gets cleared correctly', (t) => {
|
|
395
|
-
t.plan(
|
|
385
|
+
test('cookies gets cleared correctly', async (t) => {
|
|
386
|
+
t.plan(4)
|
|
387
|
+
|
|
396
388
|
const fastify = Fastify()
|
|
397
389
|
fastify.register(plugin)
|
|
398
390
|
|
|
399
|
-
fastify.get('/test1', (
|
|
391
|
+
fastify.get('/test1', (_req, reply) => {
|
|
400
392
|
reply
|
|
401
393
|
.clearCookie('foo')
|
|
402
394
|
.send({ hello: 'world' })
|
|
403
395
|
})
|
|
404
396
|
|
|
405
|
-
fastify.inject({
|
|
397
|
+
const res = await fastify.inject({
|
|
406
398
|
method: 'GET',
|
|
407
399
|
url: '/test1'
|
|
408
|
-
}, (err, res) => {
|
|
409
|
-
t.error(err)
|
|
410
|
-
t.equal(res.statusCode, 200)
|
|
411
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
412
|
-
|
|
413
|
-
const cookies = res.cookies
|
|
414
|
-
t.equal(cookies.length, 1)
|
|
415
|
-
t.equal(new Date(cookies[0].expires) < new Date(), true)
|
|
416
400
|
})
|
|
401
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
402
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
403
|
+
|
|
404
|
+
const cookies = res.cookies
|
|
405
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
406
|
+
t.assert.strictEqual(new Date(cookies[0].expires) < new Date(), true)
|
|
417
407
|
})
|
|
418
408
|
|
|
419
|
-
|
|
420
|
-
t
|
|
409
|
+
describe('cookies signature', () => {
|
|
410
|
+
test('unsign', async (t) => {
|
|
411
|
+
t.plan(5)
|
|
421
412
|
|
|
422
|
-
t.test('unsign', t => {
|
|
423
|
-
t.plan(6)
|
|
424
413
|
const fastify = Fastify()
|
|
425
414
|
const secret = 'bar'
|
|
426
415
|
fastify.register(plugin, { secret })
|
|
427
416
|
|
|
428
|
-
fastify.get('/test1', (
|
|
417
|
+
fastify.get('/test1', (_req, reply) => {
|
|
429
418
|
reply
|
|
430
419
|
.setCookie('foo', 'foo', { signed: true })
|
|
431
420
|
.send({ hello: 'world' })
|
|
432
421
|
})
|
|
433
422
|
|
|
434
|
-
fastify.inject({
|
|
423
|
+
const res = await fastify.inject({
|
|
435
424
|
method: 'GET',
|
|
436
425
|
url: '/test1'
|
|
437
|
-
}, (err, res) => {
|
|
438
|
-
t.error(err)
|
|
439
|
-
t.equal(res.statusCode, 200)
|
|
440
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
441
|
-
|
|
442
|
-
const cookies = res.cookies
|
|
443
|
-
t.equal(cookies.length, 1)
|
|
444
|
-
t.equal(cookies[0].name, 'foo')
|
|
445
|
-
t.same(unsign(cookies[0].value, secret), { valid: true, renew: false, value: 'foo' })
|
|
446
426
|
})
|
|
427
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
428
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
429
|
+
|
|
430
|
+
const cookies = res.cookies
|
|
431
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
432
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
433
|
+
t.assert.deepStrictEqual(unsign(cookies[0].value, secret), { valid: true, renew: false, value: 'foo' })
|
|
447
434
|
})
|
|
448
435
|
|
|
449
|
-
|
|
450
|
-
t.plan(
|
|
436
|
+
test('key rotation uses first key to sign', async (t) => {
|
|
437
|
+
t.plan(5)
|
|
438
|
+
|
|
451
439
|
const fastify = Fastify()
|
|
452
440
|
const secret1 = 'secret-1'
|
|
453
441
|
const secret2 = 'secret-2'
|
|
454
442
|
fastify.register(plugin, { secret: [secret1, secret2] })
|
|
455
443
|
|
|
456
|
-
fastify.get('/test1', (
|
|
444
|
+
fastify.get('/test1', (_req, reply) => {
|
|
457
445
|
reply
|
|
458
446
|
.setCookie('foo', 'cookieVal', { signed: true })
|
|
459
447
|
.send({ hello: 'world' })
|
|
460
448
|
})
|
|
461
449
|
|
|
462
|
-
fastify.inject({
|
|
450
|
+
const res = await fastify.inject({
|
|
463
451
|
method: 'GET',
|
|
464
452
|
url: '/test1'
|
|
465
|
-
}, (err, res) => {
|
|
466
|
-
t.error(err)
|
|
467
|
-
t.equal(res.statusCode, 200)
|
|
468
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
469
|
-
|
|
470
|
-
const cookies = res.cookies
|
|
471
|
-
t.equal(cookies.length, 1)
|
|
472
|
-
t.equal(cookies[0].name, 'foo')
|
|
473
|
-
t.same(unsign(cookies[0].value, secret1), { valid: true, renew: false, value: 'cookieVal' }) // decode using first key
|
|
474
453
|
})
|
|
454
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
455
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
456
|
+
|
|
457
|
+
const cookies = res.cookies
|
|
458
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
459
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
460
|
+
t.assert.deepStrictEqual(unsign(cookies[0].value, secret1), { valid: true, renew: false, value: 'cookieVal' }) // decode using first key
|
|
475
461
|
})
|
|
476
462
|
|
|
477
|
-
|
|
478
|
-
t.plan(
|
|
463
|
+
test('unsginCookie via fastify instance', async (t) => {
|
|
464
|
+
t.plan(2)
|
|
465
|
+
|
|
479
466
|
const fastify = Fastify()
|
|
480
467
|
const secret = 'bar'
|
|
481
468
|
|
|
@@ -487,21 +474,20 @@ test('cookies signature', (t) => {
|
|
|
487
474
|
})
|
|
488
475
|
})
|
|
489
476
|
|
|
490
|
-
fastify.inject({
|
|
477
|
+
const res = await fastify.inject({
|
|
491
478
|
method: 'GET',
|
|
492
479
|
url: '/test1',
|
|
493
480
|
headers: {
|
|
494
481
|
cookie: `foo=${sign('foo', secret)}`
|
|
495
482
|
}
|
|
496
|
-
}, (err, res) => {
|
|
497
|
-
t.error(err)
|
|
498
|
-
t.equal(res.statusCode, 200)
|
|
499
|
-
t.same(JSON.parse(res.body), { unsigned: { value: 'foo', renew: false, valid: true } })
|
|
500
483
|
})
|
|
484
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
485
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { unsigned: { value: 'foo', renew: false, valid: true } })
|
|
501
486
|
})
|
|
502
487
|
|
|
503
|
-
|
|
504
|
-
t.plan(
|
|
488
|
+
test('unsignCookie via request decorator', async (t) => {
|
|
489
|
+
t.plan(2)
|
|
490
|
+
|
|
505
491
|
const fastify = Fastify()
|
|
506
492
|
const secret = 'bar'
|
|
507
493
|
fastify.register(plugin, { secret })
|
|
@@ -512,21 +498,20 @@ test('cookies signature', (t) => {
|
|
|
512
498
|
})
|
|
513
499
|
})
|
|
514
500
|
|
|
515
|
-
fastify.inject({
|
|
501
|
+
const res = await fastify.inject({
|
|
516
502
|
method: 'GET',
|
|
517
503
|
url: '/test1',
|
|
518
504
|
headers: {
|
|
519
505
|
cookie: `foo=${sign('foo', secret)}`
|
|
520
506
|
}
|
|
521
|
-
}, (err, res) => {
|
|
522
|
-
t.error(err)
|
|
523
|
-
t.equal(res.statusCode, 200)
|
|
524
|
-
t.same(JSON.parse(res.body), { unsigned: { value: 'foo', renew: false, valid: true } })
|
|
525
507
|
})
|
|
508
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
509
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { unsigned: { value: 'foo', renew: false, valid: true } })
|
|
526
510
|
})
|
|
527
511
|
|
|
528
|
-
|
|
529
|
-
t.plan(
|
|
512
|
+
test('unsignCookie via reply decorator', async (t) => {
|
|
513
|
+
t.plan(2)
|
|
514
|
+
|
|
530
515
|
const fastify = Fastify()
|
|
531
516
|
const secret = 'bar'
|
|
532
517
|
fastify.register(plugin, { secret })
|
|
@@ -537,21 +522,20 @@ test('cookies signature', (t) => {
|
|
|
537
522
|
})
|
|
538
523
|
})
|
|
539
524
|
|
|
540
|
-
fastify.inject({
|
|
525
|
+
const res = await fastify.inject({
|
|
541
526
|
method: 'GET',
|
|
542
527
|
url: '/test1',
|
|
543
528
|
headers: {
|
|
544
529
|
cookie: `foo=${sign('foo', secret)}`
|
|
545
530
|
}
|
|
546
|
-
}, (err, res) => {
|
|
547
|
-
t.error(err)
|
|
548
|
-
t.equal(res.statusCode, 200)
|
|
549
|
-
t.same(JSON.parse(res.body), { unsigned: { value: 'foo', renew: false, valid: true } })
|
|
550
531
|
})
|
|
532
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
533
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { unsigned: { value: 'foo', renew: false, valid: true } })
|
|
551
534
|
})
|
|
552
535
|
|
|
553
|
-
|
|
554
|
-
t.plan(
|
|
536
|
+
test('unsignCookie via request decorator after rotation', async (t) => {
|
|
537
|
+
t.plan(2)
|
|
538
|
+
|
|
555
539
|
const fastify = Fastify()
|
|
556
540
|
const secret1 = 'sec-1'
|
|
557
541
|
const secret2 = 'sec-2'
|
|
@@ -563,21 +547,20 @@ test('cookies signature', (t) => {
|
|
|
563
547
|
})
|
|
564
548
|
})
|
|
565
549
|
|
|
566
|
-
fastify.inject({
|
|
550
|
+
const res = await fastify.inject({
|
|
567
551
|
method: 'GET',
|
|
568
552
|
url: '/test1',
|
|
569
553
|
headers: {
|
|
570
554
|
cookie: `foo=${sign('foo', secret2)}`
|
|
571
555
|
}
|
|
572
|
-
}, (err, res) => {
|
|
573
|
-
t.error(err)
|
|
574
|
-
t.equal(res.statusCode, 200)
|
|
575
|
-
t.same(JSON.parse(res.body), { unsigned: { value: 'foo', renew: true, valid: true } })
|
|
576
556
|
})
|
|
557
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
558
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { unsigned: { value: 'foo', renew: true, valid: true } })
|
|
577
559
|
})
|
|
578
560
|
|
|
579
|
-
|
|
580
|
-
t.plan(
|
|
561
|
+
test('unsignCookie via reply decorator after rotation', async (t) => {
|
|
562
|
+
t.plan(2)
|
|
563
|
+
|
|
581
564
|
const fastify = Fastify()
|
|
582
565
|
const secret1 = 'sec-1'
|
|
583
566
|
const secret2 = 'sec-2'
|
|
@@ -589,21 +572,20 @@ test('cookies signature', (t) => {
|
|
|
589
572
|
})
|
|
590
573
|
})
|
|
591
574
|
|
|
592
|
-
fastify.inject({
|
|
575
|
+
const res = await fastify.inject({
|
|
593
576
|
method: 'GET',
|
|
594
577
|
url: '/test1',
|
|
595
578
|
headers: {
|
|
596
579
|
cookie: `foo=${sign('foo', secret2)}`
|
|
597
580
|
}
|
|
598
|
-
}, (err, res) => {
|
|
599
|
-
t.error(err)
|
|
600
|
-
t.equal(res.statusCode, 200)
|
|
601
|
-
t.same(JSON.parse(res.body), { unsigned: { value: 'foo', renew: true, valid: true } })
|
|
602
581
|
})
|
|
582
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
583
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { unsigned: { value: 'foo', renew: true, valid: true } })
|
|
603
584
|
})
|
|
604
585
|
|
|
605
|
-
|
|
606
|
-
t.plan(
|
|
586
|
+
test('unsignCookie via request decorator failure response', async (t) => {
|
|
587
|
+
t.plan(2)
|
|
588
|
+
|
|
607
589
|
const fastify = Fastify()
|
|
608
590
|
const secret1 = 'sec-1'
|
|
609
591
|
const secret2 = 'sec-2'
|
|
@@ -615,21 +597,20 @@ test('cookies signature', (t) => {
|
|
|
615
597
|
})
|
|
616
598
|
})
|
|
617
599
|
|
|
618
|
-
fastify.inject({
|
|
600
|
+
const res = await fastify.inject({
|
|
619
601
|
method: 'GET',
|
|
620
602
|
url: '/test1',
|
|
621
603
|
headers: {
|
|
622
604
|
cookie: `foo=${sign('foo', 'invalid-secret')}`
|
|
623
605
|
}
|
|
624
|
-
}, (err, res) => {
|
|
625
|
-
t.error(err)
|
|
626
|
-
t.equal(res.statusCode, 200)
|
|
627
|
-
t.same(JSON.parse(res.body), { unsigned: { value: null, renew: false, valid: false } })
|
|
628
606
|
})
|
|
607
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
608
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { unsigned: { value: null, renew: false, valid: false } })
|
|
629
609
|
})
|
|
630
610
|
|
|
631
|
-
|
|
632
|
-
t.plan(
|
|
611
|
+
test('unsignCookie reply decorator failure response', async (t) => {
|
|
612
|
+
t.plan(2)
|
|
613
|
+
|
|
633
614
|
const fastify = Fastify()
|
|
634
615
|
const secret1 = 'sec-1'
|
|
635
616
|
const secret2 = 'sec-2'
|
|
@@ -641,52 +622,50 @@ test('cookies signature', (t) => {
|
|
|
641
622
|
})
|
|
642
623
|
})
|
|
643
624
|
|
|
644
|
-
fastify.inject({
|
|
625
|
+
const res = await fastify.inject({
|
|
645
626
|
method: 'GET',
|
|
646
627
|
url: '/test1',
|
|
647
628
|
headers: {
|
|
648
629
|
cookie: `foo=${sign('foo', 'invalid-secret')}`
|
|
649
630
|
}
|
|
650
|
-
}, (err, res) => {
|
|
651
|
-
t.error(err)
|
|
652
|
-
t.equal(res.statusCode, 200)
|
|
653
|
-
t.same(JSON.parse(res.body), { unsigned: { value: null, renew: false, valid: false } })
|
|
654
631
|
})
|
|
632
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
633
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { unsigned: { value: null, renew: false, valid: false } })
|
|
655
634
|
})
|
|
656
635
|
})
|
|
657
636
|
|
|
658
|
-
test('custom signer', t => {
|
|
659
|
-
t.plan(
|
|
637
|
+
test('custom signer', async (t) => {
|
|
638
|
+
t.plan(6)
|
|
639
|
+
|
|
660
640
|
const fastify = Fastify()
|
|
661
641
|
const signStub = sinon.stub().returns('SIGNED-VALUE')
|
|
662
642
|
const unsignStub = sinon.stub().returns('ORIGINAL VALUE')
|
|
663
643
|
const secret = { sign: signStub, unsign: unsignStub }
|
|
664
644
|
fastify.register(plugin, { secret })
|
|
665
645
|
|
|
666
|
-
fastify.get('/test1', (
|
|
646
|
+
fastify.get('/test1', (_req, reply) => {
|
|
667
647
|
reply
|
|
668
648
|
.setCookie('foo', 'bar', { signed: true })
|
|
669
649
|
.send({ hello: 'world' })
|
|
670
650
|
})
|
|
671
651
|
|
|
672
|
-
fastify.inject({
|
|
652
|
+
const res = await fastify.inject({
|
|
673
653
|
method: 'GET',
|
|
674
654
|
url: '/test1'
|
|
675
|
-
}, (err, res) => {
|
|
676
|
-
t.error(err)
|
|
677
|
-
t.equal(res.statusCode, 200)
|
|
678
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
679
|
-
|
|
680
|
-
const cookies = res.cookies
|
|
681
|
-
t.equal(cookies.length, 1)
|
|
682
|
-
t.equal(cookies[0].name, 'foo')
|
|
683
|
-
t.equal(cookies[0].value, 'SIGNED-VALUE')
|
|
684
|
-
t.ok(signStub.calledOnceWithExactly('bar'))
|
|
685
655
|
})
|
|
656
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
657
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
658
|
+
|
|
659
|
+
const cookies = res.cookies
|
|
660
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
661
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
662
|
+
t.assert.strictEqual(cookies[0].value, 'SIGNED-VALUE')
|
|
663
|
+
t.assert.ok(signStub.calledOnceWithExactly('bar'))
|
|
686
664
|
})
|
|
687
665
|
|
|
688
|
-
test('unsignCookie decorator with custom signer', t => {
|
|
689
|
-
t.plan(
|
|
666
|
+
test('unsignCookie decorator with custom signer', async (t) => {
|
|
667
|
+
t.plan(3)
|
|
668
|
+
|
|
690
669
|
const fastify = Fastify()
|
|
691
670
|
const signStub = sinon.stub().returns('SIGNED-VALUE')
|
|
692
671
|
const unsignStub = sinon.stub().returns('ORIGINAL VALUE')
|
|
@@ -699,22 +678,21 @@ test('unsignCookie decorator with custom signer', t => {
|
|
|
699
678
|
})
|
|
700
679
|
})
|
|
701
680
|
|
|
702
|
-
fastify.inject({
|
|
681
|
+
const res = await fastify.inject({
|
|
703
682
|
method: 'GET',
|
|
704
683
|
url: '/test1',
|
|
705
684
|
headers: {
|
|
706
685
|
cookie: 'foo=SOME-SIGNED-VALUE'
|
|
707
686
|
}
|
|
708
|
-
}, (err, res) => {
|
|
709
|
-
t.error(err)
|
|
710
|
-
t.equal(res.statusCode, 200)
|
|
711
|
-
t.same(JSON.parse(res.body), { unsigned: 'ORIGINAL VALUE' })
|
|
712
|
-
t.ok(unsignStub.calledOnceWithExactly('SOME-SIGNED-VALUE'))
|
|
713
687
|
})
|
|
688
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
689
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { unsigned: 'ORIGINAL VALUE' })
|
|
690
|
+
t.assert.ok(unsignStub.calledOnceWithExactly('SOME-SIGNED-VALUE'))
|
|
714
691
|
})
|
|
715
692
|
|
|
716
|
-
test('pass options to `cookies.parse`', (t) => {
|
|
717
|
-
t.plan(
|
|
693
|
+
test('pass options to `cookies.parse`', async (t) => {
|
|
694
|
+
t.plan(5)
|
|
695
|
+
|
|
718
696
|
const fastify = Fastify()
|
|
719
697
|
fastify.register(plugin, {
|
|
720
698
|
parseOptions: {
|
|
@@ -723,31 +701,30 @@ test('pass options to `cookies.parse`', (t) => {
|
|
|
723
701
|
})
|
|
724
702
|
|
|
725
703
|
fastify.get('/test1', (req, reply) => {
|
|
726
|
-
t.ok(req.cookies)
|
|
727
|
-
t.ok(req.cookies.foo)
|
|
728
|
-
t.
|
|
704
|
+
t.assert.ok(req.cookies)
|
|
705
|
+
t.assert.ok(req.cookies.foo)
|
|
706
|
+
t.assert.strictEqual(req.cookies.foo, 'bartest')
|
|
729
707
|
reply.send({ hello: 'world' })
|
|
730
708
|
})
|
|
731
709
|
|
|
732
|
-
fastify.inject({
|
|
710
|
+
const res = await fastify.inject({
|
|
733
711
|
method: 'GET',
|
|
734
712
|
url: '/test1',
|
|
735
713
|
headers: {
|
|
736
714
|
cookie: 'foo=bar'
|
|
737
715
|
}
|
|
738
|
-
}, (err, res) => {
|
|
739
|
-
t.error(err)
|
|
740
|
-
t.equal(res.statusCode, 200)
|
|
741
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
742
716
|
})
|
|
717
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
718
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
743
719
|
|
|
744
720
|
function decoder (str) {
|
|
745
721
|
return str + 'test'
|
|
746
722
|
}
|
|
747
723
|
})
|
|
748
724
|
|
|
749
|
-
test('issue 53', (t) => {
|
|
750
|
-
t.plan(
|
|
725
|
+
test('issue 53', async (t) => {
|
|
726
|
+
t.plan(3)
|
|
727
|
+
|
|
751
728
|
const fastify = Fastify()
|
|
752
729
|
fastify.register(plugin)
|
|
753
730
|
|
|
@@ -755,7 +732,7 @@ test('issue 53', (t) => {
|
|
|
755
732
|
let count = 1
|
|
756
733
|
fastify.get('/foo', (req, reply) => {
|
|
757
734
|
if (count > 1) {
|
|
758
|
-
t.
|
|
735
|
+
t.assert.notEqual(cookies, req.cookies)
|
|
759
736
|
return reply.send('done')
|
|
760
737
|
}
|
|
761
738
|
|
|
@@ -763,44 +740,44 @@ test('issue 53', (t) => {
|
|
|
763
740
|
cookies = req.cookies
|
|
764
741
|
reply.send('done')
|
|
765
742
|
})
|
|
743
|
+
{
|
|
744
|
+
const res = await fastify.inject({ url: '/foo' })
|
|
745
|
+
t.assert.strictEqual(res.body, 'done')
|
|
746
|
+
}
|
|
766
747
|
|
|
767
|
-
|
|
768
|
-
|
|
769
|
-
t.
|
|
770
|
-
}
|
|
771
|
-
|
|
772
|
-
fastify.inject({ url: '/foo' }, (err, response) => {
|
|
773
|
-
t.error(err)
|
|
774
|
-
t.equal(response.body, 'done')
|
|
775
|
-
})
|
|
748
|
+
{
|
|
749
|
+
const res = await fastify.inject({ url: '/foo' })
|
|
750
|
+
t.assert.strictEqual(res.body, 'done')
|
|
751
|
+
}
|
|
776
752
|
})
|
|
777
753
|
|
|
778
|
-
test('serialize cookie manually using decorator', (t) => {
|
|
754
|
+
test('serialize cookie manually using decorator', async (t) => {
|
|
779
755
|
t.plan(2)
|
|
756
|
+
|
|
780
757
|
const fastify = Fastify()
|
|
781
758
|
fastify.register(plugin)
|
|
782
759
|
|
|
783
|
-
fastify.ready(
|
|
784
|
-
|
|
785
|
-
|
|
786
|
-
|
|
787
|
-
})
|
|
760
|
+
await new Promise(resolve => fastify.ready(resolve))
|
|
761
|
+
|
|
762
|
+
t.assert.ok(fastify.serializeCookie)
|
|
763
|
+
t.assert.deepStrictEqual(fastify.serializeCookie('foo', 'bar', {}), 'foo=bar')
|
|
788
764
|
})
|
|
789
765
|
|
|
790
|
-
test('parse cookie manually using decorator', (t) => {
|
|
766
|
+
test('parse cookie manually using decorator', async (t) => {
|
|
791
767
|
t.plan(2)
|
|
768
|
+
|
|
792
769
|
const fastify = Fastify()
|
|
793
770
|
fastify.register(plugin)
|
|
794
771
|
|
|
795
|
-
fastify.ready(
|
|
796
|
-
|
|
797
|
-
|
|
798
|
-
|
|
799
|
-
})
|
|
772
|
+
await new Promise(resolve => fastify.ready(resolve))
|
|
773
|
+
|
|
774
|
+
t.assert.ok(fastify.parseCookie)
|
|
775
|
+
t.assert.deepStrictEqual({ ...fastify.parseCookie('foo=bar', {}) }, { foo: 'bar' })
|
|
800
776
|
})
|
|
801
777
|
|
|
802
|
-
test('cookies set with plugin options parseOptions field', (t) => {
|
|
803
|
-
t.plan(
|
|
778
|
+
test('cookies set with plugin options parseOptions field', async (t) => {
|
|
779
|
+
t.plan(7)
|
|
780
|
+
|
|
804
781
|
const fastify = Fastify()
|
|
805
782
|
fastify.register(plugin, {
|
|
806
783
|
parseOptions: {
|
|
@@ -809,31 +786,29 @@ test('cookies set with plugin options parseOptions field', (t) => {
|
|
|
809
786
|
}
|
|
810
787
|
})
|
|
811
788
|
|
|
812
|
-
fastify.get('/test', (
|
|
789
|
+
fastify.get('/test', (_req, reply) => {
|
|
813
790
|
reply.setCookie('foo', 'foo').send({ hello: 'world' })
|
|
814
791
|
})
|
|
815
792
|
|
|
816
|
-
fastify.inject(
|
|
793
|
+
const res = await fastify.inject(
|
|
817
794
|
{
|
|
818
795
|
method: 'GET',
|
|
819
796
|
url: '/test'
|
|
820
|
-
}
|
|
821
|
-
|
|
822
|
-
|
|
823
|
-
|
|
824
|
-
|
|
825
|
-
|
|
826
|
-
|
|
827
|
-
|
|
828
|
-
|
|
829
|
-
|
|
830
|
-
t.equal(cookies[0].path, '/test')
|
|
831
|
-
t.equal(cookies[0].domain, 'example.com')
|
|
832
|
-
}
|
|
833
|
-
)
|
|
797
|
+
})
|
|
798
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
799
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
800
|
+
|
|
801
|
+
const cookies = res.cookies
|
|
802
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
803
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
804
|
+
t.assert.strictEqual(cookies[0].value, 'foo')
|
|
805
|
+
t.assert.strictEqual(cookies[0].path, '/test')
|
|
806
|
+
t.assert.strictEqual(cookies[0].domain, 'example.com')
|
|
834
807
|
})
|
|
835
808
|
|
|
836
809
|
test('create signed cookie manually using signCookie decorator', async (t) => {
|
|
810
|
+
t.plan(2)
|
|
811
|
+
|
|
837
812
|
const fastify = Fastify()
|
|
838
813
|
|
|
839
814
|
await fastify.register(plugin, { secret: 'secret' })
|
|
@@ -849,16 +824,18 @@ test('create signed cookie manually using signCookie decorator', async (t) => {
|
|
|
849
824
|
url: '/test1',
|
|
850
825
|
headers: { cookie: `foo=${fastify.signCookie('bar')}` }
|
|
851
826
|
})
|
|
852
|
-
t.
|
|
853
|
-
t.
|
|
827
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
828
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { unsigned: { value: 'bar', renew: false, valid: true } })
|
|
854
829
|
})
|
|
855
830
|
|
|
856
831
|
test('handle secure:auto of cookieOptions', async (t) => {
|
|
832
|
+
t.plan(11)
|
|
833
|
+
|
|
857
834
|
const fastify = Fastify({ trustProxy: true })
|
|
858
835
|
|
|
859
836
|
await fastify.register(plugin)
|
|
860
837
|
|
|
861
|
-
fastify.get('/test1', (
|
|
838
|
+
fastify.get('/test1', (_req, reply) => {
|
|
862
839
|
reply
|
|
863
840
|
.setCookie('foo', 'foo', { path: '/', secure: 'auto' })
|
|
864
841
|
.send()
|
|
@@ -871,11 +848,11 @@ test('handle secure:auto of cookieOptions', async (t) => {
|
|
|
871
848
|
})
|
|
872
849
|
|
|
873
850
|
const cookies = res.cookies
|
|
874
|
-
t.
|
|
875
|
-
t.
|
|
876
|
-
t.
|
|
877
|
-
t.
|
|
878
|
-
t.
|
|
851
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
852
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
853
|
+
t.assert.strictEqual(cookies[0].value, 'foo')
|
|
854
|
+
t.assert.strictEqual(cookies[0].secure, true)
|
|
855
|
+
t.assert.strictEqual(cookies[0].path, '/')
|
|
879
856
|
|
|
880
857
|
const res2 = await fastify.inject({
|
|
881
858
|
method: 'GET',
|
|
@@ -883,28 +860,29 @@ test('handle secure:auto of cookieOptions', async (t) => {
|
|
|
883
860
|
})
|
|
884
861
|
|
|
885
862
|
const cookies2 = res2.cookies
|
|
886
|
-
t.
|
|
887
|
-
t.
|
|
888
|
-
t.
|
|
889
|
-
t.
|
|
890
|
-
t.
|
|
891
|
-
t.
|
|
863
|
+
t.assert.strictEqual(cookies2.length, 1)
|
|
864
|
+
t.assert.strictEqual(cookies2[0].name, 'foo')
|
|
865
|
+
t.assert.strictEqual(cookies2[0].value, 'foo')
|
|
866
|
+
t.assert.strictEqual(cookies2[0].sameSite, 'Lax')
|
|
867
|
+
t.assert.deepStrictEqual(cookies2[0].secure, undefined)
|
|
868
|
+
t.assert.strictEqual(cookies2[0].path, '/')
|
|
892
869
|
})
|
|
893
870
|
|
|
894
871
|
test('should not decorate fastify, request and reply if no secret was provided', async (t) => {
|
|
895
872
|
t.plan(8)
|
|
873
|
+
|
|
896
874
|
const fastify = Fastify()
|
|
897
875
|
|
|
898
876
|
await fastify.register(plugin)
|
|
899
877
|
|
|
900
|
-
t.
|
|
901
|
-
t.
|
|
878
|
+
t.assert.ok(!fastify.signCookie)
|
|
879
|
+
t.assert.ok(!fastify.unsignCookie)
|
|
902
880
|
|
|
903
881
|
fastify.get('/testDecorators', (req, reply) => {
|
|
904
|
-
t.
|
|
905
|
-
t.
|
|
906
|
-
t.
|
|
907
|
-
t.
|
|
882
|
+
t.assert.ok(!req.signCookie)
|
|
883
|
+
t.assert.ok(!reply.signCookie)
|
|
884
|
+
t.assert.ok(!req.unsignCookie)
|
|
885
|
+
t.assert.ok(!reply.unsignCookie)
|
|
908
886
|
|
|
909
887
|
reply.send({
|
|
910
888
|
unsigned: req.unsignCookie(req.cookies.foo)
|
|
@@ -916,111 +894,110 @@ test('should not decorate fastify, request and reply if no secret was provided',
|
|
|
916
894
|
url: '/testDecorators'
|
|
917
895
|
})
|
|
918
896
|
|
|
919
|
-
t.
|
|
920
|
-
t.
|
|
897
|
+
t.assert.strictEqual(res.statusCode, 500)
|
|
898
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), {
|
|
921
899
|
statusCode: 500,
|
|
922
900
|
error: 'Internal Server Error',
|
|
923
901
|
message: 'req.unsignCookie is not a function'
|
|
924
902
|
})
|
|
925
903
|
})
|
|
926
904
|
|
|
927
|
-
test('dont add auto cookie parsing to onRequest-hook if hook-option is set to false', (t) => {
|
|
928
|
-
t.plan(
|
|
905
|
+
test('dont add auto cookie parsing to onRequest-hook if hook-option is set to false', async (t) => {
|
|
906
|
+
t.plan(5)
|
|
907
|
+
|
|
929
908
|
const fastify = Fastify()
|
|
930
909
|
fastify.register(plugin, { hook: false })
|
|
931
910
|
|
|
932
911
|
for (const hook of ['preValidation', 'preHandler', 'preParsing']) {
|
|
933
912
|
fastify.addHook(hook, async (req) => {
|
|
934
|
-
t.
|
|
913
|
+
t.assert.strictEqual(req.cookies, null)
|
|
935
914
|
})
|
|
936
915
|
}
|
|
937
916
|
|
|
938
917
|
fastify.get('/disable', (req, reply) => {
|
|
939
|
-
t.
|
|
918
|
+
t.assert.strictEqual(req.cookies, null)
|
|
940
919
|
reply.send()
|
|
941
920
|
})
|
|
942
921
|
|
|
943
|
-
fastify.inject({
|
|
922
|
+
const res = await fastify.inject({
|
|
944
923
|
method: 'GET',
|
|
945
924
|
url: '/disable',
|
|
946
925
|
headers: {
|
|
947
926
|
cookie: 'bar=bar'
|
|
948
927
|
}
|
|
949
|
-
}, (err, res) => {
|
|
950
|
-
t.error(err)
|
|
951
|
-
t.equal(res.statusCode, 200)
|
|
952
928
|
})
|
|
929
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
953
930
|
})
|
|
954
931
|
|
|
955
|
-
test('result in an error if hook-option is set to an invalid value', (t) => {
|
|
932
|
+
test('result in an error if hook-option is set to an invalid value', async (t) => {
|
|
956
933
|
t.plan(1)
|
|
934
|
+
|
|
957
935
|
const fastify = Fastify()
|
|
958
936
|
|
|
959
|
-
t.rejects(
|
|
937
|
+
await t.assert.rejects(
|
|
960
938
|
async () => fastify.register(plugin, { hook: true }),
|
|
961
939
|
new Error("@fastify/cookie: Invalid value provided for the hook-option. You can set the hook-option only to false, 'onRequest' , 'preParsing' , 'preValidation' or 'preHandler'")
|
|
962
940
|
)
|
|
963
941
|
})
|
|
964
942
|
|
|
965
|
-
test('correct working plugin if hook-option to preParsing', (t) => {
|
|
966
|
-
t.plan(
|
|
943
|
+
test('correct working plugin if hook-option to preParsing', async (t) => {
|
|
944
|
+
t.plan(4)
|
|
945
|
+
|
|
967
946
|
const fastify = Fastify()
|
|
968
947
|
fastify.register(plugin, { hook: 'preParsing' })
|
|
969
948
|
|
|
970
949
|
fastify.addHook('onRequest', async (req) => {
|
|
971
|
-
t.
|
|
950
|
+
t.assert.strictEqual(req.cookies, null)
|
|
972
951
|
})
|
|
973
952
|
|
|
974
953
|
fastify.addHook('preValidation', async (req) => {
|
|
975
|
-
t.
|
|
954
|
+
t.assert.strictEqual(req.cookies.bar, 'bar')
|
|
976
955
|
})
|
|
977
956
|
|
|
978
957
|
fastify.get('/preparsing', (req, reply) => {
|
|
979
|
-
t.
|
|
958
|
+
t.assert.strictEqual(req.cookies.bar, 'bar')
|
|
980
959
|
reply.send()
|
|
981
960
|
})
|
|
982
961
|
|
|
983
|
-
fastify.inject({
|
|
962
|
+
const res = await fastify.inject({
|
|
984
963
|
method: 'GET',
|
|
985
964
|
url: '/preparsing',
|
|
986
965
|
headers: {
|
|
987
966
|
cookie: 'bar=bar'
|
|
988
967
|
}
|
|
989
|
-
}, (err, res) => {
|
|
990
|
-
t.error(err)
|
|
991
|
-
t.equal(res.statusCode, 200)
|
|
992
968
|
})
|
|
969
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
993
970
|
})
|
|
994
971
|
|
|
995
|
-
test('if cookies are not set, then the handler creates an empty req.cookies object', (t) => {
|
|
996
|
-
t.plan(
|
|
972
|
+
test('if cookies are not set, then the handler creates an empty req.cookies object', async (t) => {
|
|
973
|
+
t.plan(4)
|
|
974
|
+
|
|
997
975
|
const fastify = Fastify()
|
|
998
976
|
fastify.register(plugin, { hook: 'preParsing' })
|
|
999
977
|
|
|
1000
978
|
fastify.addHook('onRequest', async (req) => {
|
|
1001
|
-
t.
|
|
979
|
+
t.assert.strictEqual(req.cookies, null)
|
|
1002
980
|
})
|
|
1003
981
|
|
|
1004
982
|
fastify.addHook('preValidation', async (req) => {
|
|
1005
|
-
t.ok(req.cookies)
|
|
983
|
+
t.assert.ok(req.cookies)
|
|
1006
984
|
})
|
|
1007
985
|
|
|
1008
986
|
fastify.get('/preparsing', (req, reply) => {
|
|
1009
|
-
t.ok(req.cookies)
|
|
987
|
+
t.assert.ok(req.cookies)
|
|
1010
988
|
reply.send()
|
|
1011
989
|
})
|
|
1012
990
|
|
|
1013
|
-
fastify.inject({
|
|
991
|
+
const res = await fastify.inject({
|
|
1014
992
|
method: 'GET',
|
|
1015
993
|
url: '/preparsing'
|
|
1016
|
-
}, (err, res) => {
|
|
1017
|
-
t.error(err)
|
|
1018
|
-
t.equal(res.statusCode, 200)
|
|
1019
994
|
})
|
|
995
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
1020
996
|
})
|
|
1021
997
|
|
|
1022
|
-
test('clearCookie should include parseOptions', (t) => {
|
|
1023
|
-
t.plan(
|
|
998
|
+
test('clearCookie should include parseOptions', async (t) => {
|
|
999
|
+
t.plan(9)
|
|
1000
|
+
|
|
1024
1001
|
const fastify = Fastify()
|
|
1025
1002
|
fastify.register(plugin, {
|
|
1026
1003
|
parseOptions: {
|
|
@@ -1034,36 +1011,35 @@ test('clearCookie should include parseOptions', (t) => {
|
|
|
1034
1011
|
maxAge: 36000
|
|
1035
1012
|
}
|
|
1036
1013
|
|
|
1037
|
-
fastify.get('/test1', (
|
|
1014
|
+
fastify.get('/test1', (_req, reply) => {
|
|
1038
1015
|
reply
|
|
1039
1016
|
.setCookie('foo', 'foo', cookieOptions)
|
|
1040
1017
|
.clearCookie('foo', cookieOptions)
|
|
1041
1018
|
.send({ hello: 'world' })
|
|
1042
1019
|
})
|
|
1043
1020
|
|
|
1044
|
-
fastify.inject({
|
|
1021
|
+
const res = await fastify.inject({
|
|
1045
1022
|
method: 'GET',
|
|
1046
1023
|
url: '/test1'
|
|
1047
|
-
}
|
|
1048
|
-
|
|
1049
|
-
|
|
1050
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
1024
|
+
})
|
|
1025
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
1026
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
1051
1027
|
|
|
1052
|
-
|
|
1028
|
+
const cookies = res.cookies
|
|
1053
1029
|
|
|
1054
|
-
|
|
1055
|
-
|
|
1056
|
-
|
|
1057
|
-
|
|
1058
|
-
|
|
1059
|
-
|
|
1030
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
1031
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
1032
|
+
t.assert.strictEqual(cookies[0].value, '')
|
|
1033
|
+
t.assert.strictEqual(cookies[0].maxAge, 0)
|
|
1034
|
+
t.assert.strictEqual(cookies[0].path, '/test')
|
|
1035
|
+
t.assert.strictEqual(cookies[0].domain, 'example.com')
|
|
1060
1036
|
|
|
1061
|
-
|
|
1062
|
-
})
|
|
1037
|
+
t.assert.ok(new Date(cookies[0].expires) < new Date())
|
|
1063
1038
|
})
|
|
1064
1039
|
|
|
1065
|
-
test('should update a cookie value when setCookie is called multiple times', (t) => {
|
|
1066
|
-
t.plan(
|
|
1040
|
+
test('should update a cookie value when setCookie is called multiple times', async (t) => {
|
|
1041
|
+
t.plan(14)
|
|
1042
|
+
|
|
1067
1043
|
const fastify = Fastify()
|
|
1068
1044
|
const secret = 'testsecret'
|
|
1069
1045
|
fastify.register(plugin, { secret })
|
|
@@ -1079,7 +1055,7 @@ test('should update a cookie value when setCookie is called multiple times', (t)
|
|
|
1079
1055
|
maxAge: 36000
|
|
1080
1056
|
}
|
|
1081
1057
|
|
|
1082
|
-
fastify.get('/test1', (
|
|
1058
|
+
fastify.get('/test1', (_req, reply) => {
|
|
1083
1059
|
reply
|
|
1084
1060
|
.setCookie('foo', 'foo', cookieOptions)
|
|
1085
1061
|
.clearCookie('foo', cookieOptions)
|
|
@@ -1089,36 +1065,35 @@ test('should update a cookie value when setCookie is called multiple times', (t)
|
|
|
1089
1065
|
.send({ hello: 'world' })
|
|
1090
1066
|
})
|
|
1091
1067
|
|
|
1092
|
-
fastify.inject({
|
|
1068
|
+
const res = await fastify.inject({
|
|
1093
1069
|
method: 'GET',
|
|
1094
1070
|
url: '/test1'
|
|
1095
|
-
}
|
|
1096
|
-
|
|
1097
|
-
|
|
1098
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
1071
|
+
})
|
|
1072
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
1073
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
1099
1074
|
|
|
1100
|
-
|
|
1101
|
-
|
|
1075
|
+
const cookies = res.cookies
|
|
1076
|
+
t.assert.strictEqual(cookies.length, 3)
|
|
1102
1077
|
|
|
1103
|
-
|
|
1104
|
-
|
|
1105
|
-
|
|
1078
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
1079
|
+
t.assert.strictEqual(cookies[0].value, '')
|
|
1080
|
+
t.assert.strictEqual(cookies[0].path, '/foo')
|
|
1106
1081
|
|
|
1107
|
-
|
|
1108
|
-
|
|
1109
|
-
|
|
1082
|
+
t.assert.strictEqual(cookies[1].name, 'foo')
|
|
1083
|
+
t.assert.strictEqual(cookies[1].value, sign('foo', secret))
|
|
1084
|
+
t.assert.strictEqual(cookies[1].maxAge, 36000)
|
|
1110
1085
|
|
|
1111
|
-
|
|
1112
|
-
|
|
1113
|
-
|
|
1114
|
-
|
|
1086
|
+
t.assert.strictEqual(cookies[2].name, 'foos')
|
|
1087
|
+
t.assert.strictEqual(cookies[2].value, sign('foosy', secret))
|
|
1088
|
+
t.assert.strictEqual(cookies[2].path, '/foo')
|
|
1089
|
+
t.assert.strictEqual(cookies[2].maxAge, 36000)
|
|
1115
1090
|
|
|
1116
|
-
|
|
1117
|
-
})
|
|
1091
|
+
t.assert.ok(new Date(cookies[0].expires) < new Date())
|
|
1118
1092
|
})
|
|
1119
1093
|
|
|
1120
|
-
test('should update a cookie value when setCookie is called multiple times (empty header)', (t) => {
|
|
1121
|
-
t.plan(
|
|
1094
|
+
test('should update a cookie value when setCookie is called multiple times (empty header)', async (t) => {
|
|
1095
|
+
t.plan(14)
|
|
1096
|
+
|
|
1122
1097
|
const fastify = Fastify()
|
|
1123
1098
|
const secret = 'testsecret'
|
|
1124
1099
|
fastify.register(plugin, { secret })
|
|
@@ -1134,7 +1109,7 @@ test('should update a cookie value when setCookie is called multiple times (empt
|
|
|
1134
1109
|
maxAge: 36000
|
|
1135
1110
|
}
|
|
1136
1111
|
|
|
1137
|
-
fastify.get('/test1', (
|
|
1112
|
+
fastify.get('/test1', (_req, reply) => {
|
|
1138
1113
|
reply
|
|
1139
1114
|
.header('Set-Cookie', '', cookieOptions)
|
|
1140
1115
|
.setCookie('foo', 'foo', cookieOptions)
|
|
@@ -1145,36 +1120,35 @@ test('should update a cookie value when setCookie is called multiple times (empt
|
|
|
1145
1120
|
.send({ hello: 'world' })
|
|
1146
1121
|
})
|
|
1147
1122
|
|
|
1148
|
-
fastify.inject({
|
|
1123
|
+
const res = await fastify.inject({
|
|
1149
1124
|
method: 'GET',
|
|
1150
1125
|
url: '/test1'
|
|
1151
|
-
}
|
|
1152
|
-
|
|
1153
|
-
|
|
1154
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
1126
|
+
})
|
|
1127
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
1128
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
1155
1129
|
|
|
1156
|
-
|
|
1157
|
-
|
|
1130
|
+
const cookies = res.cookies
|
|
1131
|
+
t.assert.strictEqual(cookies.length, 3)
|
|
1158
1132
|
|
|
1159
|
-
|
|
1160
|
-
|
|
1161
|
-
|
|
1133
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
1134
|
+
t.assert.strictEqual(cookies[0].value, '')
|
|
1135
|
+
t.assert.strictEqual(cookies[0].path, '/foo')
|
|
1162
1136
|
|
|
1163
|
-
|
|
1164
|
-
|
|
1165
|
-
|
|
1137
|
+
t.assert.strictEqual(cookies[1].name, 'foo')
|
|
1138
|
+
t.assert.strictEqual(cookies[1].value, sign('foo', secret))
|
|
1139
|
+
t.assert.strictEqual(cookies[1].maxAge, 36000)
|
|
1166
1140
|
|
|
1167
|
-
|
|
1168
|
-
|
|
1169
|
-
|
|
1170
|
-
|
|
1141
|
+
t.assert.strictEqual(cookies[2].name, 'foos')
|
|
1142
|
+
t.assert.strictEqual(cookies[2].value, sign('foosy', secret))
|
|
1143
|
+
t.assert.strictEqual(cookies[2].path, '/foo')
|
|
1144
|
+
t.assert.strictEqual(cookies[2].maxAge, 36000)
|
|
1171
1145
|
|
|
1172
|
-
|
|
1173
|
-
})
|
|
1146
|
+
t.assert.ok(new Date(cookies[0].expires) < new Date())
|
|
1174
1147
|
})
|
|
1175
1148
|
|
|
1176
|
-
test('should update a cookie value when setCookie is called multiple times (non-empty header)', (t) => {
|
|
1177
|
-
t.plan(
|
|
1149
|
+
test('should update a cookie value when setCookie is called multiple times (non-empty header)', async (t) => {
|
|
1150
|
+
t.plan(14)
|
|
1151
|
+
|
|
1178
1152
|
const fastify = Fastify()
|
|
1179
1153
|
const secret = 'testsecret'
|
|
1180
1154
|
fastify.register(plugin, { secret })
|
|
@@ -1190,7 +1164,7 @@ test('should update a cookie value when setCookie is called multiple times (non-
|
|
|
1190
1164
|
maxAge: 36000
|
|
1191
1165
|
}
|
|
1192
1166
|
|
|
1193
|
-
fastify.get('/test1', (
|
|
1167
|
+
fastify.get('/test1', (_req, reply) => {
|
|
1194
1168
|
reply
|
|
1195
1169
|
.header('Set-Cookie', 'manual=manual', cookieOptions)
|
|
1196
1170
|
.setCookie('foo', 'foo', cookieOptions)
|
|
@@ -1201,148 +1175,142 @@ test('should update a cookie value when setCookie is called multiple times (non-
|
|
|
1201
1175
|
.send({ hello: 'world' })
|
|
1202
1176
|
})
|
|
1203
1177
|
|
|
1204
|
-
fastify.inject({
|
|
1178
|
+
const res = await fastify.inject({
|
|
1205
1179
|
method: 'GET',
|
|
1206
1180
|
url: '/test1'
|
|
1207
|
-
}
|
|
1208
|
-
|
|
1209
|
-
|
|
1210
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
1181
|
+
})
|
|
1182
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
1183
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
1211
1184
|
|
|
1212
|
-
|
|
1213
|
-
|
|
1185
|
+
const cookies = res.cookies
|
|
1186
|
+
t.assert.strictEqual(cookies.length, 4)
|
|
1214
1187
|
|
|
1215
|
-
|
|
1216
|
-
|
|
1217
|
-
|
|
1188
|
+
t.assert.strictEqual(cookies[1].name, 'foo')
|
|
1189
|
+
t.assert.strictEqual(cookies[1].value, '')
|
|
1190
|
+
t.assert.strictEqual(cookies[1].path, '/foo')
|
|
1218
1191
|
|
|
1219
|
-
|
|
1220
|
-
|
|
1221
|
-
|
|
1192
|
+
t.assert.strictEqual(cookies[2].name, 'foo')
|
|
1193
|
+
t.assert.strictEqual(cookies[2].value, sign('foo', secret))
|
|
1194
|
+
t.assert.strictEqual(cookies[2].maxAge, 36000)
|
|
1222
1195
|
|
|
1223
|
-
|
|
1224
|
-
|
|
1225
|
-
|
|
1226
|
-
|
|
1196
|
+
t.assert.strictEqual(cookies[3].name, 'foos')
|
|
1197
|
+
t.assert.strictEqual(cookies[3].value, sign('foosy', secret))
|
|
1198
|
+
t.assert.strictEqual(cookies[3].path, '/foo')
|
|
1199
|
+
t.assert.strictEqual(cookies[3].maxAge, 36000)
|
|
1227
1200
|
|
|
1228
|
-
|
|
1229
|
-
})
|
|
1201
|
+
t.assert.ok(new Date(cookies[1].expires) < new Date())
|
|
1230
1202
|
})
|
|
1231
1203
|
|
|
1232
|
-
test('cookies get set correctly if set inside onSend', (t) => {
|
|
1233
|
-
t.plan(
|
|
1204
|
+
test('cookies get set correctly if set inside onSend', async (t) => {
|
|
1205
|
+
t.plan(6)
|
|
1206
|
+
|
|
1234
1207
|
const fastify = Fastify()
|
|
1235
1208
|
fastify.register(plugin)
|
|
1236
1209
|
|
|
1237
|
-
fastify.addHook('onSend', async (
|
|
1210
|
+
fastify.addHook('onSend', async (_req, reply, payload) => {
|
|
1238
1211
|
reply.setCookie('foo', 'foo', { path: '/' })
|
|
1239
1212
|
return payload
|
|
1240
1213
|
})
|
|
1241
1214
|
|
|
1242
|
-
fastify.get('/test1', (
|
|
1215
|
+
fastify.get('/test1', (_req, reply) => {
|
|
1243
1216
|
reply
|
|
1244
1217
|
.send({ hello: 'world' })
|
|
1245
1218
|
})
|
|
1246
1219
|
|
|
1247
|
-
fastify.inject({
|
|
1220
|
+
const res = await fastify.inject({
|
|
1248
1221
|
method: 'GET',
|
|
1249
1222
|
url: '/test1'
|
|
1250
|
-
}, (err, res) => {
|
|
1251
|
-
t.error(err)
|
|
1252
|
-
t.equal(res.statusCode, 200)
|
|
1253
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
1254
|
-
|
|
1255
|
-
const cookies = res.cookies
|
|
1256
|
-
t.equal(cookies.length, 1)
|
|
1257
|
-
t.equal(cookies[0].name, 'foo')
|
|
1258
|
-
t.equal(cookies[0].value, 'foo')
|
|
1259
|
-
t.equal(cookies[0].path, '/')
|
|
1260
1223
|
})
|
|
1224
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
1225
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
1226
|
+
|
|
1227
|
+
const cookies = res.cookies
|
|
1228
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
1229
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
1230
|
+
t.assert.strictEqual(cookies[0].value, 'foo')
|
|
1231
|
+
t.assert.strictEqual(cookies[0].path, '/')
|
|
1261
1232
|
})
|
|
1262
1233
|
|
|
1263
|
-
test('cookies get set correctly if set inside multiple onSends', (t) => {
|
|
1264
|
-
t.plan(
|
|
1234
|
+
test('cookies get set correctly if set inside multiple onSends', async (t) => {
|
|
1235
|
+
t.plan(9)
|
|
1236
|
+
|
|
1265
1237
|
const fastify = Fastify()
|
|
1266
1238
|
fastify.register(plugin)
|
|
1267
1239
|
|
|
1268
|
-
fastify.addHook('onSend', async (
|
|
1240
|
+
fastify.addHook('onSend', async (_req, reply, _payload) => {
|
|
1269
1241
|
reply.setCookie('foo', 'foo', { path: '/' })
|
|
1270
1242
|
})
|
|
1271
1243
|
|
|
1272
|
-
fastify.addHook('onSend', async (
|
|
1244
|
+
fastify.addHook('onSend', async (_req, reply, payload) => {
|
|
1273
1245
|
reply.setCookie('foo', 'foos', { path: '/' })
|
|
1274
1246
|
return payload
|
|
1275
1247
|
})
|
|
1276
1248
|
|
|
1277
|
-
fastify.get('/test1', (
|
|
1249
|
+
fastify.get('/test1', (_req, reply) => {
|
|
1278
1250
|
reply
|
|
1279
1251
|
.send({ hello: 'world' })
|
|
1280
1252
|
})
|
|
1281
1253
|
|
|
1282
|
-
fastify.inject({
|
|
1254
|
+
const res = await fastify.inject({
|
|
1283
1255
|
method: 'GET',
|
|
1284
1256
|
url: '/test1'
|
|
1285
|
-
}, (err, res) => {
|
|
1286
|
-
t.error(err)
|
|
1287
|
-
t.equal(res.statusCode, 200)
|
|
1288
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
1289
|
-
|
|
1290
|
-
const cookies = res.cookies
|
|
1291
|
-
t.equal(cookies.length, 2)
|
|
1292
|
-
t.equal(cookies[0].name, 'foo')
|
|
1293
|
-
t.equal(cookies[0].value, 'foo')
|
|
1294
|
-
t.equal(cookies[0].path, '/')
|
|
1295
|
-
|
|
1296
|
-
t.equal(cookies[1].name, 'foo')
|
|
1297
|
-
t.equal(cookies[1].value, 'foos')
|
|
1298
|
-
t.equal(cookies[1].path, '/')
|
|
1299
1257
|
})
|
|
1258
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
1259
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
1260
|
+
|
|
1261
|
+
const cookies = res.cookies
|
|
1262
|
+
t.assert.strictEqual(cookies.length, 2)
|
|
1263
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
1264
|
+
t.assert.strictEqual(cookies[0].value, 'foo')
|
|
1265
|
+
t.assert.strictEqual(cookies[0].path, '/')
|
|
1266
|
+
|
|
1267
|
+
t.assert.strictEqual(cookies[1].name, 'foo')
|
|
1268
|
+
t.assert.strictEqual(cookies[1].value, 'foos')
|
|
1269
|
+
t.assert.strictEqual(cookies[1].path, '/')
|
|
1300
1270
|
})
|
|
1301
1271
|
|
|
1302
|
-
test('cookies get set correctly if set inside onRequest', (t) => {
|
|
1303
|
-
t.plan(
|
|
1272
|
+
test('cookies get set correctly if set inside onRequest', async (t) => {
|
|
1273
|
+
t.plan(6)
|
|
1274
|
+
|
|
1304
1275
|
const fastify = Fastify()
|
|
1305
|
-
fastify.addHook('onRequest', async (
|
|
1276
|
+
fastify.addHook('onRequest', async (_req, reply) => {
|
|
1306
1277
|
reply.setCookie('foo', 'foo', { path: '/' })
|
|
1307
1278
|
return reply.send({ hello: 'world' })
|
|
1308
1279
|
})
|
|
1309
1280
|
|
|
1310
1281
|
fastify.register(plugin)
|
|
1311
1282
|
|
|
1312
|
-
fastify.inject({
|
|
1283
|
+
const res = await fastify.inject({
|
|
1313
1284
|
method: 'GET',
|
|
1314
1285
|
url: '/test1'
|
|
1315
|
-
}, (err, res) => {
|
|
1316
|
-
t.error(err)
|
|
1317
|
-
t.equal(res.statusCode, 200)
|
|
1318
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
1319
|
-
|
|
1320
|
-
const cookies = res.cookies
|
|
1321
|
-
t.equal(cookies.length, 1)
|
|
1322
|
-
t.equal(cookies[0].name, 'foo')
|
|
1323
|
-
t.equal(cookies[0].value, 'foo')
|
|
1324
|
-
t.equal(cookies[0].path, '/')
|
|
1325
1286
|
})
|
|
1287
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
1288
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
1289
|
+
|
|
1290
|
+
const cookies = res.cookies
|
|
1291
|
+
t.assert.strictEqual(cookies.length, 1)
|
|
1292
|
+
t.assert.strictEqual(cookies[0].name, 'foo')
|
|
1293
|
+
t.assert.strictEqual(cookies[0].value, 'foo')
|
|
1294
|
+
t.assert.strictEqual(cookies[0].path, '/')
|
|
1326
1295
|
})
|
|
1327
1296
|
|
|
1328
|
-
test('do not crash if the onRequest hook is not run', (t) => {
|
|
1329
|
-
t.plan(
|
|
1297
|
+
test('do not crash if the onRequest hook is not run', async (t) => {
|
|
1298
|
+
t.plan(2)
|
|
1299
|
+
|
|
1330
1300
|
const fastify = Fastify()
|
|
1331
|
-
fastify.addHook('onRequest', async (
|
|
1301
|
+
fastify.addHook('onRequest', async (_req, reply) => {
|
|
1332
1302
|
return reply.send({ hello: 'world' })
|
|
1333
1303
|
})
|
|
1334
1304
|
|
|
1335
1305
|
fastify.register(plugin)
|
|
1336
1306
|
|
|
1337
|
-
fastify.inject({
|
|
1307
|
+
const res = await fastify.inject({
|
|
1338
1308
|
method: 'GET',
|
|
1339
1309
|
url: '/test1',
|
|
1340
1310
|
headers: {
|
|
1341
1311
|
cookie: 'foo=foo'
|
|
1342
1312
|
}
|
|
1343
|
-
}, (err, res) => {
|
|
1344
|
-
t.error(err)
|
|
1345
|
-
t.equal(res.statusCode, 200)
|
|
1346
|
-
t.same(JSON.parse(res.body), { hello: 'world' })
|
|
1347
1313
|
})
|
|
1314
|
+
t.assert.strictEqual(res.statusCode, 200)
|
|
1315
|
+
t.assert.deepStrictEqual(JSON.parse(res.body), { hello: 'world' })
|
|
1348
1316
|
})
|