@stanlemon/server-with-auth 0.1.1 → 0.1.4

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "@stanlemon/server-with-auth",
-  "version": "0.1.1",
+  "version": "0.1.4",
   "description": "A basic express web server setup with authentication baked in.",
   "author": "Stan Lemon <stanlemon@users.noreply.github.com>",
   "license": "MIT",
   "engines": {
-    "node": ">=16.0"
+    "node": ">=16.13.0"
   },
   "type": "module",
   "main": "./src/index.js",
@@ -24,7 +24,7 @@
     "lowdb": "^3.0.0",
     "passport": "^0.5.2",
     "passport-jwt": "^4.0.0",
-    "shortid": "^2.2.8",
+    "shortid": "^2.2.16",
     "uuid": "^8.3.2"
   },
   "devDependencies": {

package/src/data/simple-users-dao.js

@@ -35,9 +35,14 @@ export default class SimpleUsersDao {
   };
 
   getUserByUsernameAndPassword = (username, password) => {
+    // Treat this like a failed login.
+    if (!username || !password) {
+      return false;
+    }
+
     const user = this.getUserByUsername(username);
 
-    if (!bcrypt.compareSync(password, user.password)) {
+    if (!user || !bcrypt.compareSync(password, user.password)) {
       return false;
     }
 

package/src/data/simple-users-dao.test.js

@@ -0,0 +1,92 @@
+import { Memory } from "lowdb";
+import SimpleUsersDao from "./simple-users-dao.js";
+
+describe("simple-users-dao", () => {
+  // This is a user that we will reuse in our tests
+  const data = {
+    username: "test",
+    password: "password",
+  };
+  // This will be our user database
+  let users;
+
+  beforeEach(() => {
+    // Before each test reset our users database
+    users = new SimpleUsersDao([], new Memory());
+  });
+
+  it("creates a user", async () => {
+    let user = await users.createUser(data);
+
+    expect(user.username).toEqual(data.username);
+    // The value should be encrypted now
+    expect(user.password).not.toEqual(data.password);
+    // These fields are added by the create process
+    expect(user.verification_token).not.toBeUndefined();
+    expect(user.created_at).not.toBeUndefined();
+    expect(user.last_updated).not.toBeUndefined();
+
+    const refresh = users.getUserByUsername(data.username);
+
+    // If we retrieve the user by username, it matches the object we got when we created it
+    expect(refresh).toMatchObject(user);
+  });
+
+  it("creates a user with an existing username errors", async () => {
+    let hasError = false;
+
+    try {
+      // Create the user
+      await users.createUser(data);
+      // Attempt to create the user again, this will fail
+      await users.createUser(data);
+    } catch (err) {
+      hasError = err;
+    }
+
+    expect(hasError).not.toBe(false);
+    expect(hasError.message).toEqual("This username is already taken.");
+  });
+
+  it("retrieve user by username and password", async () => {
+    const user1 = await users.createUser(data);
+
+    const user2 = users.getUserByUsernameAndPassword(
+      data.username,
+      data.password
+    );
+
+    expect(user1).toMatchObject(user2);
+  });
+
+  it("retrieve user by username and wrong password fails", async () => {
+    await users.createUser(data);
+
+    const user2 = users.getUserByUsernameAndPassword(
+      data.username,
+      "wrong password"
+    );
+
+    expect(user2).toBe(false);
+  });
+
+  it("retrieve user by username and undefined password fails", async () => {
+    await users.createUser(data);
+
+    const user2 = users.getUserByUsernameAndPassword(data.username, undefined);
+
+    expect(user2).toBe(false);
+  });
+
+  it("retrieve user by username that does not exist fails", async () => {
+    const user = users.getUserByUsernameAndPassword("notarealuser", "password");
+
+    expect(user).toBe(false);
+  });
+
+  it("retrieve user by username that is undefined fails", async () => {
+    const user = users.getUserByUsernameAndPassword(undefined, "password");
+
+    expect(user).toBe(false);
+  });
+});