adapt-authoring-sessions 1.0.2 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/.github/workflows/tests.yml +15 -0
  2. package/package.json +28 -4
  3. package/tests/SessionsModule.spec.js +106 -0
package/.github/workflows/tests.yml ADDED
@@ -0,0 +1,15 @@
1
+ name: Tests
2
+ on: push
3
+ jobs:
4
+ default:
5
+ runs-on: ubuntu-latest
6
+ permissions:
7
+ contents: read
8
+ steps:
9
+ - uses: actions/checkout@v4
10
+ - uses: actions/setup-node@v4
11
+ with:
12
+ node-version: 'lts/*'
13
+ cache: 'npm'
14
+ - run: npm ci
15
+ - run: npm test
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "adapt-authoring-sessions",
3
- "version": "1.0.2",
3
+ "version": "1.1.0",
4
4
  "description": "Module which stores users sessions in the MongoDB",
5
5
  "homepage": "https://github.com/adapt-security/adapt-authoring-sessions",
6
6
  "license": "GPL-3.0",
@@ -8,12 +8,25 @@
8
8
  "main": "index.js",
9
9
  "repository": "github:adapt-security/adapt-authoring-sessions",
10
10
  "dependencies": {
11
+ "adapt-authoring-core": "^1.7.0",
11
12
  "connect-mongo": "^6.0.0",
12
13
  "express-session": "^1.18.0"
13
14
  },
14
15
  "peerDependencies": {
15
- "adapt-authoring-auth": "github:adapt-security/adapt-authoring-auth",
16
- "adapt-authoring-core": "github:adapt-security/adapt-authoring-core"
16
+ "adapt-authoring-auth": "^1.0.5",
17
+ "adapt-authoring-mongodb": "^1.1.3",
18
+ "adapt-authoring-server": "^1.2.1"
19
+ },
20
+ "peerDependenciesMeta": {
21
+ "adapt-authoring-auth": {
22
+ "optional": true
23
+ },
24
+ "adapt-authoring-mongodb": {
25
+ "optional": true
26
+ },
27
+ "adapt-authoring-server": {
28
+ "optional": true
29
+ }
17
30
  },
18
31
  "devDependencies": {
19
32
  "@semantic-release/git": "^10.0.1",
@@ -37,7 +50,18 @@
37
50
  ],
38
51
  "@semantic-release/npm",
39
52
  "@semantic-release/github",
40
- "@semantic-release/git"
53
+ [
54
+ "@semantic-release/git",
55
+ {
56
+ "assets": [
57
+ "package.json"
58
+ ],
59
+ "message": "Chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
60
+ }
61
+ ]
41
62
  ]
63
+ },
64
+ "scripts": {
65
+ "test": "node --test 'tests/**/*.spec.js'"
42
66
  }
43
67
  }
package/tests/SessionsModule.spec.js ADDED
@@ -0,0 +1,106 @@
1
+ import { describe, it, mock } from 'node:test'
2
+ import assert from 'node:assert/strict'
3
+
4
+ /**
5
+ * SessionsModule extends AbstractModule and requires express-session, MongoDB, etc.
6
+ * We test the storeAuthHeader and clearSession methods using extracted logic.
7
+ */
8
+
9
+ describe('SessionsModule', () => {
10
+ describe('#storeAuthHeader()', () => {
11
+ /* inline helper: extracted storeAuthHeader logic */
12
+ function storeAuthHeader (req, res, next) {
13
+ const token = req?.session?.token
14
+ if (token && !req.headers.Authorization) {
15
+ req.headers.Authorization = `Bearer ${token}`
16
+ }
17
+ next()
18
+ }
19
+
20
+ it('should set Authorization header when session token exists and no header present', () => {
21
+ const req = {
22
+ session: { token: 'abc123' },
23
+ headers: {}
24
+ }
25
+ const next = mock.fn()
26
+ storeAuthHeader(req, {}, next)
27
+ assert.equal(req.headers.Authorization, 'Bearer abc123')
28
+ assert.equal(next.mock.calls.length, 1)
29
+ })
30
+
31
+ it('should not override existing Authorization header', () => {
32
+ const req = {
33
+ session: { token: 'abc123' },
34
+ headers: { Authorization: 'Bearer existing' }
35
+ }
36
+ const next = mock.fn()
37
+ storeAuthHeader(req, {}, next)
38
+ assert.equal(req.headers.Authorization, 'Bearer existing')
39
+ })
40
+
41
+ it('should call next when no session token', () => {
42
+ const req = {
43
+ session: {},
44
+ headers: {}
45
+ }
46
+ const next = mock.fn()
47
+ storeAuthHeader(req, {}, next)
48
+ assert.equal(req.headers.Authorization, undefined)
49
+ assert.equal(next.mock.calls.length, 1)
50
+ })
51
+
52
+ it('should call next when session is undefined', () => {
53
+ const req = { headers: {} }
54
+ const next = mock.fn()
55
+ storeAuthHeader(req, {}, next)
56
+ assert.equal(next.mock.calls.length, 1)
57
+ })
58
+
59
+ it('should call next when req is empty', () => {
60
+ const next = mock.fn()
61
+ storeAuthHeader({}, {}, next)
62
+ assert.equal(next.mock.calls.length, 1)
63
+ })
64
+ })
65
+
66
+ describe('#clearSession()', () => {
67
+ /* inline helper: extracted clearSession logic */
68
+ async function clearSession (req) {
69
+ if (!req.session) {
70
+ return
71
+ }
72
+ return new Promise((resolve, reject) => {
73
+ req.session.destroy(e => {
74
+ if (e) return reject(new Error('DESTROY_SESSION_FAIL'))
75
+ resolve()
76
+ })
77
+ })
78
+ }
79
+
80
+ it('should return early when no session exists', async () => {
81
+ const result = await clearSession({})
82
+ assert.equal(result, undefined)
83
+ })
84
+
85
+ it('should resolve when session.destroy succeeds', async () => {
86
+ const req = {
87
+ session: {
88
+ destroy: (cb) => cb(null)
89
+ }
90
+ }
91
+ await clearSession(req)
92
+ })
93
+
94
+ it('should reject when session.destroy fails', async () => {
95
+ const req = {
96
+ session: {
97
+ destroy: (cb) => cb(new Error('fail'))
98
+ }
99
+ }
100
+ await assert.rejects(
101
+ () => clearSession(req),
102
+ { message: 'DESTROY_SESSION_FAIL' }
103
+ )
104
+ })
105
+ })
106
+ })