@javagt/express-easy-auth 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +13 -0
- package/demo/profileRouter.js +64 -0
- package/demo/public/css/style.css +1293 -0
- package/demo/public/index.html +272 -0
- package/demo/public/js/app.js +540 -0
- package/demo/server.js +195 -0
- package/examples/01-basic-setup.js +118 -0
- package/examples/02-passkeys.js +106 -0
- package/examples/03-api-keys.js +108 -0
- package/examples/04-totp-setup.js +125 -0
- package/examples/05-custom-logger.js +105 -0
- package/examples/06-password-reset.js +104 -0
- package/examples/08-external-db-linking.js +158 -0
- package/examples/README.md +32 -0
- package/openapi.yaml +263 -0
- package/package.json +35 -0
- package/readme.md +165 -0
- package/scratch/debug_bindings.js +29 -0
- package/scratch/test_sqlite.js +7 -0
- package/scratch/test_sqlite_multargs.js +17 -0
- package/scratch/test_sqlite_undefined.js +9 -0
- package/scratch/verify_sqlite_fix.js +14 -0
- package/src/client.js +295 -0
- package/src/db/init.js +203 -0
- package/src/db/sessionStore.js +67 -0
- package/src/index.js +61 -0
- package/src/middleware/auth.js +111 -0
- package/src/routes/auth.js +569 -0
- package/src/utils/authHelpers.js +48 -0
- package/src/utils/logger.js +71 -0
- package/test/auth.test.js +32 -0
- package/test/passkeys.test.js +19 -0
- package/test/user.test.js +29 -0
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import request from 'supertest';
|
|
2
|
+
import express from 'express';
|
|
3
|
+
import authRouter from '../src/routes/auth.js';
|
|
4
|
+
|
|
5
|
+
describe('Auth API', () => {
|
|
6
|
+
let app;
|
|
7
|
+
beforeAll(() => {
|
|
8
|
+
app = express();
|
|
9
|
+
app.use(express.json());
|
|
10
|
+
app.use('/api/v1/auth', authRouter);
|
|
11
|
+
});
|
|
12
|
+
|
|
13
|
+
describe('POST /api/v1/auth/register', () => {
|
|
14
|
+
it('should return 400 if missing fields', async () => {
|
|
15
|
+
const res = await request(app)
|
|
16
|
+
.post('/api/v1/auth/register')
|
|
17
|
+
.send({ username: 'user' });
|
|
18
|
+
expect(res.status).toBe(400);
|
|
19
|
+
expect(res.body.error).toBeDefined();
|
|
20
|
+
});
|
|
21
|
+
});
|
|
22
|
+
|
|
23
|
+
describe('POST /api/v1/auth/login', () => {
|
|
24
|
+
it('should return 400 if missing credentials', async () => {
|
|
25
|
+
const res = await request(app)
|
|
26
|
+
.post('/api/v1/auth/login')
|
|
27
|
+
.send({ username: 'user' });
|
|
28
|
+
expect(res.status).toBe(400);
|
|
29
|
+
expect(res.body.error).toBeDefined();
|
|
30
|
+
});
|
|
31
|
+
});
|
|
32
|
+
});
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import request from 'supertest';
|
|
2
|
+
import express from 'express';
|
|
3
|
+
import passkeysRouter from '../src/routes/passkeys.js';
|
|
4
|
+
|
|
5
|
+
describe('Passkeys API', () => {
|
|
6
|
+
let app;
|
|
7
|
+
beforeAll(() => {
|
|
8
|
+
app = express();
|
|
9
|
+
app.use(express.json());
|
|
10
|
+
app.use('/api/v1/passkeys', passkeysRouter);
|
|
11
|
+
});
|
|
12
|
+
|
|
13
|
+
describe('GET /api/v1/passkeys/list', () => {
|
|
14
|
+
it('should return 401 if not authenticated', async () => {
|
|
15
|
+
const res = await request(app).get('/api/v1/passkeys/list');
|
|
16
|
+
expect([401, 403]).toContain(res.status);
|
|
17
|
+
});
|
|
18
|
+
});
|
|
19
|
+
});
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import request from 'supertest';
|
|
2
|
+
import express from 'express';
|
|
3
|
+
import userRouter from '../src/routes/user.js';
|
|
4
|
+
|
|
5
|
+
describe('User API', () => {
|
|
6
|
+
let app;
|
|
7
|
+
beforeAll(() => {
|
|
8
|
+
app = express();
|
|
9
|
+
app.use(express.json());
|
|
10
|
+
app.use('/api/v1/user', userRouter);
|
|
11
|
+
});
|
|
12
|
+
|
|
13
|
+
describe('GET /api/v1/user/me', () => {
|
|
14
|
+
it('should return 401 if not authenticated', async () => {
|
|
15
|
+
const res = await request(app).get('/api/v1/user/me');
|
|
16
|
+
expect([401, 403]).toContain(res.status);
|
|
17
|
+
});
|
|
18
|
+
});
|
|
19
|
+
|
|
20
|
+
describe('POST /api/v1/user/keys', () => {
|
|
21
|
+
it('should return 400 if name is missing', async () => {
|
|
22
|
+
const res = await request(app)
|
|
23
|
+
.post('/api/v1/user/keys')
|
|
24
|
+
.send({ permissions: ['action:read'] });
|
|
25
|
+
expect(res.status).toBe(400);
|
|
26
|
+
expect(res.body.error).toBeDefined();
|
|
27
|
+
});
|
|
28
|
+
});
|
|
29
|
+
});
|