npm - wabe - Versions diffs - 0.6.12 → 0.6.14 - Mend

wabe 0.6.12 → 0.6.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (156) hide show

package/dist/database/DatabaseController.d.ts +2 -0
package/dist/file/FileDevAdapter.d.ts +1 -0
package/dist/graphql/pointerAndRelationFunction.d.ts +6 -0
package/dist/index.js +3827 -3541
package/dist/schema/Schema.d.ts +2 -2
package/dist/server/generateCodegen.d.ts +10 -0
package/dist/server/index.d.ts +2 -1
package/dist/utils/objectKeys.d.ts +1 -0
package/package.json +7 -4
package/dev/index.ts +0 -215
package/dist/schema/resolvers/sendEmail.d.ts +0 -1
package/generated/schema.graphql +0 -1945
package/generated/wabe.ts +0 -448
package/src/authentication/OTP.test.ts +0 -69
package/src/authentication/OTP.ts +0 -64
package/src/authentication/Session.test.ts +0 -629
package/src/authentication/Session.ts +0 -517
package/src/authentication/cookies.ts +0 -10
package/src/authentication/defaultAuthentication.ts +0 -209
package/src/authentication/index.ts +0 -4
package/src/authentication/interface.ts +0 -177
package/src/authentication/oauth/GitHub.test.ts +0 -91
package/src/authentication/oauth/GitHub.ts +0 -121
package/src/authentication/oauth/Google.test.ts +0 -91
package/src/authentication/oauth/Google.ts +0 -101
package/src/authentication/oauth/Oauth2Client.test.ts +0 -219
package/src/authentication/oauth/Oauth2Client.ts +0 -135
package/src/authentication/oauth/index.ts +0 -2
package/src/authentication/oauth/utils.test.ts +0 -33
package/src/authentication/oauth/utils.ts +0 -27
package/src/authentication/providers/EmailOTP.test.ts +0 -127
package/src/authentication/providers/EmailOTP.ts +0 -95
package/src/authentication/providers/EmailPassword.test.ts +0 -263
package/src/authentication/providers/EmailPassword.ts +0 -138
package/src/authentication/providers/EmailPasswordSRP.test.ts +0 -208
package/src/authentication/providers/EmailPasswordSRP.ts +0 -191
package/src/authentication/providers/GitHub.ts +0 -24
package/src/authentication/providers/Google.ts +0 -24
package/src/authentication/providers/OAuth.test.ts +0 -185
package/src/authentication/providers/OAuth.ts +0 -106
package/src/authentication/providers/PhonePassword.test.ts +0 -221
package/src/authentication/providers/PhonePassword.ts +0 -136
package/src/authentication/providers/QRCodeOTP.test.ts +0 -77
package/src/authentication/providers/QRCodeOTP.ts +0 -69
package/src/authentication/providers/index.ts +0 -6
package/src/authentication/resolvers/refreshResolver.test.ts +0 -30
package/src/authentication/resolvers/refreshResolver.ts +0 -19
package/src/authentication/resolvers/signInWithResolver.inte.test.ts +0 -59
package/src/authentication/resolvers/signInWithResolver.test.ts +0 -306
package/src/authentication/resolvers/signInWithResolver.ts +0 -106
package/src/authentication/resolvers/signOutResolver.test.ts +0 -38
package/src/authentication/resolvers/signOutResolver.ts +0 -18
package/src/authentication/resolvers/signUpWithResolver.test.ts +0 -180
package/src/authentication/resolvers/signUpWithResolver.ts +0 -68
package/src/authentication/resolvers/verifyChallenge.test.ts +0 -230
package/src/authentication/resolvers/verifyChallenge.ts +0 -78
package/src/authentication/roles.test.ts +0 -49
package/src/authentication/roles.ts +0 -40
package/src/authentication/security.ts +0 -278
package/src/authentication/utils.test.ts +0 -97
package/src/authentication/utils.ts +0 -39
package/src/cache/InMemoryCache.test.ts +0 -62
package/src/cache/InMemoryCache.ts +0 -45
package/src/cron/index.test.ts +0 -17
package/src/cron/index.ts +0 -43
package/src/database/DatabaseController.test.ts +0 -613
package/src/database/DatabaseController.ts +0 -1415
package/src/database/index.test.ts +0 -1551
package/src/database/index.ts +0 -9
package/src/database/interface.ts +0 -308
package/src/email/DevAdapter.ts +0 -7
package/src/email/EmailController.test.ts +0 -29
package/src/email/EmailController.ts +0 -13
package/src/email/index.ts +0 -2
package/src/email/interface.ts +0 -36
package/src/email/templates/sendOtpCode.ts +0 -120
package/src/file/FileController.ts +0 -28
package/src/file/FileDevAdapter.ts +0 -51
package/src/file/hookDeleteFile.ts +0 -25
package/src/file/hookReadFile.ts +0 -66
package/src/file/hookUploadFile.ts +0 -52
package/src/file/index.test.ts +0 -1031
package/src/file/index.ts +0 -2
package/src/file/interface.ts +0 -63
package/src/file/security.ts +0 -156
package/src/graphql/GraphQLSchema.test.ts +0 -5099
package/src/graphql/GraphQLSchema.ts +0 -886
package/src/graphql/index.ts +0 -2
package/src/graphql/parseGraphqlSchema.ts +0 -85
package/src/graphql/parser.test.ts +0 -203
package/src/graphql/parser.ts +0 -707
package/src/graphql/pointerAndRelationFunction.ts +0 -191
package/src/graphql/resolvers.ts +0 -464
package/src/graphql/tests/aggregation.test.ts +0 -1115
package/src/graphql/tests/e2e.test.ts +0 -590
package/src/graphql/tests/scalars.test.ts +0 -250
package/src/graphql/types.ts +0 -227
package/src/hooks/HookObject.test.ts +0 -122
package/src/hooks/HookObject.ts +0 -165
package/src/hooks/authentication.ts +0 -67
package/src/hooks/createUser.test.ts +0 -77
package/src/hooks/createUser.ts +0 -10
package/src/hooks/defaultFields.test.ts +0 -176
package/src/hooks/defaultFields.ts +0 -32
package/src/hooks/deleteSession.test.ts +0 -181
package/src/hooks/deleteSession.ts +0 -20
package/src/hooks/hashFieldHook.test.ts +0 -152
package/src/hooks/hashFieldHook.ts +0 -89
package/src/hooks/index.test.ts +0 -258
package/src/hooks/index.ts +0 -420
package/src/hooks/permissions.test.ts +0 -412
package/src/hooks/permissions.ts +0 -93
package/src/hooks/protected.test.ts +0 -551
package/src/hooks/protected.ts +0 -74
package/src/hooks/searchableFields.test.ts +0 -147
package/src/hooks/searchableFields.ts +0 -86
package/src/hooks/session.test.ts +0 -134
package/src/hooks/session.ts +0 -76
package/src/hooks/setEmail.test.ts +0 -216
package/src/hooks/setEmail.ts +0 -33
package/src/hooks/setupAcl.test.ts +0 -618
package/src/hooks/setupAcl.ts +0 -25
package/src/hooks/virtualFields.test.ts +0 -228
package/src/hooks/virtualFields.ts +0 -48
package/src/index.ts +0 -9
package/src/schema/Schema.test.ts +0 -482
package/src/schema/Schema.ts +0 -839
package/src/schema/defaultResolvers.ts +0 -93
package/src/schema/index.ts +0 -1
package/src/schema/resolvers/meResolver.test.ts +0 -62
package/src/schema/resolvers/meResolver.ts +0 -10
package/src/schema/resolvers/resetPassword.test.ts +0 -341
package/src/schema/resolvers/resetPassword.ts +0 -63
package/src/schema/resolvers/sendEmail.test.ts +0 -118
package/src/schema/resolvers/sendEmail.ts +0 -21
package/src/schema/resolvers/sendOtpCode.test.ts +0 -141
package/src/schema/resolvers/sendOtpCode.ts +0 -52
package/src/security.test.ts +0 -4136
package/src/server/defaultSessionHandler.test.ts +0 -62
package/src/server/defaultSessionHandler.ts +0 -104
package/src/server/generateCodegen.ts +0 -433
package/src/server/index.test.ts +0 -843
package/src/server/index.ts +0 -336
package/src/server/interface.ts +0 -11
package/src/server/routes/authHandler.ts +0 -171
package/src/server/routes/index.ts +0 -48
package/src/utils/crypto.test.ts +0 -41
package/src/utils/crypto.ts +0 -105
package/src/utils/database.ts +0 -8
package/src/utils/export.ts +0 -12
package/src/utils/helper.ts +0 -204
package/src/utils/index.test.ts +0 -11
package/src/utils/index.ts +0 -196
package/src/utils/preload.ts +0 -8
package/src/utils/testHelper.ts +0 -124
package/tsconfig.json +0 -32

package/src/authentication/Session.test.ts DELETED Viewed

@@ -1,629 +0,0 @@
-import { describe, expect, it, mock, beforeEach } from 'bun:test'
-import { fail } from 'node:assert'
-import crypto from 'node:crypto'
-import jwt, { type JwtPayload } from 'jsonwebtoken'
-import { Session } from './Session'
-const encryptToken = (token: string, secret: string) => {
-	const key = crypto.createHash('sha256').update(secret).digest()
-	const iv = crypto.createHmac('sha256', key).update(token).digest().subarray(0, 12)
-	const cipher = crypto.createCipheriv('aes-256-gcm', key, iv)
-	const encrypted = Buffer.concat([cipher.update(token, 'utf8'), cipher.final()])
-	const tag = cipher.getAuthTag()
-	return `${iv.toString('hex')}:${tag.toString('hex')}:${encrypted.toString('hex')}`
-}
-describe('Session', () => {
-	const mockGetObject = mock(() => Promise.resolve({}) as any)
-	const mockGetObjects = mock(() => Promise.resolve([]) as any)
-	const mockCreateObject = mock(() => Promise.resolve({ id: 'userId' })) as any
-	const mockDeleteObject = mock(() => Promise.resolve()) as any
-	const mockUpdateObject = mock(() => Promise.resolve()) as any
-	const controllers = {
-		database: {
-			getObject: mockGetObject,
-			getObjects: mockGetObjects,
-			createObject: mockCreateObject,
-			deleteObject: mockDeleteObject,
-			updateObject: mockUpdateObject,
-		},
-	}
-	beforeEach(() => {
-		mockGetObject.mockClear()
-		mockGetObjects.mockClear()
-		mockCreateObject.mockClear()
-		mockDeleteObject.mockClear()
-		mockUpdateObject.mockClear()
-	})
-	const context = {
-		isRoot: true,
-		wabe: {
-			controllers,
-			config: { authentication: { session: { jwtSecret: 'dev' } } },
-		},
-	} as any
-	it('should set all data set in the jwtTokenFields on create session', async () => {
-		mockGetObject.mockResolvedValueOnce({
-			id: 'userId',
-			email: 'user@email.com',
-		})
-		const session = new Session<any>()
-		const jwtTokenFields = {
-			id: true,
-			email: true,
-		}
-		const { accessToken, refreshToken } = await session.create('userId', {
-			isRoot: true,
-			wabe: {
-				controllers,
-				config: {
-					authentication: {
-						session: {
-							jwtSecret: 'dev',
-							jwtTokenFields,
-						},
-					},
-				},
-			},
-		} as any)
-		const decodedAccessToken = jwt.decode(accessToken) as JwtPayload
-		const decodedRefreshToken = jwt.decode(refreshToken) as JwtPayload
-		expect(decodedAccessToken.user).toEqual({
-			id: 'userId',
-			email: 'user@email.com',
-		})
-		expect(decodedRefreshToken.user).toEqual({
-			id: 'userId',
-			email: 'user@email.com',
-		})
-		expect(mockCreateObject).toHaveBeenCalledWith({
-			className: '_Session',
-			context: expect.any(Object),
-			data: {
-				accessTokenEncrypted: expect.any(String),
-				accessTokenExpiresAt: expect.any(Date),
-				refreshTokenEncrypted: expect.any(String),
-				refreshTokenExpiresAt: expect.any(Date),
-				user: 'userId',
-			},
-			select: { id: true },
-		})
-	})
-	it('should set all data set in the jwtTokenFields on refresh session', async () => {
-		const session = new Session<any>()
-		const { accessToken: oldAccessToken, refreshToken: oldRefreshToken } = await session.create(
-			'userId',
-			context,
-		)
-		mockGetObjects.mockResolvedValue([
-			{
-				id: 'sessionId',
-				refreshTokenEncrypted: encryptToken(oldRefreshToken, 'dev'),
-				refreshTokenExpiresAt: new Date(Date.now() + 1000 * 60 * 60 * 24),
-				user: {
-					id: 'userId',
-					email: 'userEmail',
-				},
-			},
-		])
-		mockGetObject.mockResolvedValue({
-			id: 'userId',
-			email: 'user@email.com',
-		})
-		const jwtTokenFields = {
-			id: true,
-			email: true,
-		}
-		const { accessToken, refreshToken } = await session.refresh(oldAccessToken, oldRefreshToken, {
-			isRoot: true,
-			wabe: {
-				controllers,
-				config: {
-					authentication: {
-						session: {
-							jwtSecret: 'dev',
-							jwtTokenFields,
-						},
-					},
-				},
-			},
-		} as any)
-		if (!accessToken || !refreshToken) fail()
-		const decodedAccessToken = jwt.decode(accessToken) as JwtPayload
-		const decodedRefreshToken = jwt.decode(refreshToken) as JwtPayload
-		expect(decodedAccessToken.user).toEqual({
-			id: 'userId',
-			email: 'user@email.com',
-		})
-		expect(decodedRefreshToken.user).toEqual({
-			id: 'userId',
-			email: 'user@email.com',
-		})
-	})
-	it('should not set user fields if not jwtTokenFields is set on create session', async () => {
-		mockGetObject.mockResolvedValueOnce({
-			id: 'userId',
-			email: 'user@email.com',
-		})
-		const session = new Session<any>()
-		const { accessToken, refreshToken } = await session.create('userId', context)
-		const decodedAccessToken = jwt.decode(accessToken) as JwtPayload
-		const decodedRefreshToken = jwt.decode(refreshToken) as JwtPayload
-		expect(decodedAccessToken.user).toBeUndefined()
-		expect(decodedRefreshToken.user).toBeUndefined()
-	})
-	it('should not set user fields if not jwtTokenFields is set on refresh session', async () => {
-		const session = new Session<any>()
-		const { accessToken: oldAccessToken, refreshToken: oldRefreshToken } = await session.create(
-			'userId',
-			context,
-		)
-		mockGetObjects.mockResolvedValue([
-			{
-				id: 'sessionId',
-				refreshTokenEncrypted: encryptToken(oldRefreshToken, 'dev'),
-				refreshTokenExpiresAt: new Date(Date.now() + 1000 * 60 * 60 * 24),
-				user: {
-					id: 'userId',
-					email: 'userEmail',
-				},
-			},
-		])
-		mockGetObject.mockResolvedValue({
-			id: 'userId',
-			email: 'user@email.com',
-		})
-		const { accessToken, refreshToken } = await session.refresh(
-			oldAccessToken,
-			oldRefreshToken,
-			context,
-		)
-		if (!accessToken || !refreshToken) fail()
-		const decodedAccessToken = jwt.decode(accessToken) as JwtPayload
-		const decodedRefreshToken = jwt.decode(refreshToken) as JwtPayload
-		expect(decodedAccessToken.user).toBeUndefined()
-		expect(decodedRefreshToken.user).toBeUndefined()
-	})
-	it('should returns null if no user found', async () => {
-		mockGetObjects.mockResolvedValue([])
-		const session = new Session<any>()
-		const { accessToken } = await session.create('userId', context)
-		const res = await session.meFromAccessToken({ accessToken, csrfToken: '' }, context)
-		expect(res.user).toBeNull()
-		expect(res.sessionId).toBeNull()
-		expect(mockGetObjects).toHaveBeenCalledTimes(1)
-		expect(mockGetObjects).toHaveBeenCalledWith({
-			className: '_Session',
-			where: {
-				accessTokenEncrypted: { equalTo: encryptToken(accessToken, 'dev') },
-				OR: [
-					{
-						accessTokenExpiresAt: {
-							greaterThanOrEqualTo: expect.any(Date),
-						},
-					},
-					{
-						refreshTokenExpiresAt: {
-							greaterThanOrEqualTo: expect.any(Date),
-						},
-					},
-				],
-			},
-			first: 1,
-			select: {
-				id: true,
-				user: true,
-				accessTokenExpiresAt: true,
-				refreshTokenExpiresAt: true,
-				refreshTokenEncrypted: true,
-			},
-			context: expect.any(Object),
-		})
-	})
-	it('should return the user associated with an access token', async () => {
-		mockGetObjects.mockResolvedValue([
-			{
-				id: 'sessionId',
-				refreshTokenEncrypted: encryptToken('refreshToken', 'dev'),
-				user: {
-					id: 'userId',
-					email: 'userEmail',
-				},
-				refreshTokenExpiresAt: new Date(Date.now() + 1000 * 60 * 60 * 24 * 30),
-			},
-		])
-		const session = new Session<any>()
-		const { accessToken } = await session.create('userId', context)
-		const { sessionId, user } = await session.meFromAccessToken(
-			{ accessToken, csrfToken: '' },
-			{
-				...context,
-				wabe: {
-					...context.wabe,
-					config: {
-						...context.wabe.config,
-						security: { disableCSRFProtection: true },
-					},
-				},
-			},
-		)
-		expect(mockGetObjects).toHaveBeenCalledTimes(1)
-		expect(mockGetObjects).toHaveBeenCalledWith({
-			className: '_Session',
-			where: {
-				accessTokenEncrypted: { equalTo: encryptToken(accessToken, 'dev') },
-				OR: [
-					{
-						accessTokenExpiresAt: {
-							greaterThanOrEqualTo: expect.any(Date),
-						},
-					},
-					{
-						refreshTokenExpiresAt: {
-							greaterThanOrEqualTo: expect.any(Date),
-						},
-					},
-				],
-			},
-			first: 1,
-			select: {
-				id: true,
-				user: true,
-				accessTokenExpiresAt: true,
-				refreshTokenExpiresAt: true,
-				refreshTokenEncrypted: true,
-			},
-			context: expect.any(Object),
-		})
-		expect(sessionId).toEqual('sessionId')
-		expect(user?.id).toEqual('userId')
-		expect(user?.email).toEqual('userEmail')
-	})
-	it('should create a new session', async () => {
-		const session = new Session<any>()
-		const fifteenMinutes = new Date(Date.now() + 1000 * 60 * 15)
-		const sevenDays = new Date(Date.now() + 1000 * 60 * 60 * 24 * 7)
-		const { accessToken, refreshToken } = await session.create('userId', context)
-		expect(accessToken).not.toBeUndefined()
-		expect(refreshToken).not.toBeUndefined()
-		if (!accessToken || !refreshToken) fail()
-		const decodedAccessToken = jwt.decode(accessToken) as JwtPayload
-		const decodedRefreshToken = jwt.decode(refreshToken) as JwtPayload
-		expect(decodedAccessToken).not.toBeNull()
-		expect(decodedAccessToken.userId).toEqual('userId')
-		expect(decodedAccessToken.exp).toBeGreaterThanOrEqual(
-			Math.floor(fifteenMinutes.getTime() / 1000),
-		)
-		expect(decodedAccessToken.iat).toBeGreaterThanOrEqual(Math.floor((Date.now() - 500) / 1000)) // minus 500ms to avoid flaky
-		expect(decodedRefreshToken).not.toBeNull()
-		expect(decodedRefreshToken.userId).toEqual('userId')
-		expect(decodedRefreshToken.exp).toBeGreaterThanOrEqual(Math.floor(sevenDays.getTime() / 1000))
-		expect(decodedRefreshToken.iat).toBeGreaterThanOrEqual(Math.floor((Date.now() - 500) / 1000)) // minus 500ms to avoid flaky
-		expect(mockCreateObject).toHaveBeenCalledTimes(1)
-		expect(mockCreateObject).toHaveBeenCalledWith({
-			className: '_Session',
-			context: expect.any(Object),
-			data: {
-				accessTokenEncrypted: expect.any(String),
-				accessTokenExpiresAt: expect.any(Date),
-				refreshTokenEncrypted: expect.any(String),
-				refreshTokenExpiresAt: expect.any(Date),
-				user: 'userId',
-			},
-			select: { id: true },
-		})
-	})
-	it('should delete a session', async () => {
-		const session = new Session<any>()
-		await session.delete({
-			sessionId: 'sessionId',
-			wabe: {
-				controllers,
-			},
-		} as any)
-		expect(mockDeleteObject).toHaveBeenCalledTimes(1)
-		expect(mockDeleteObject).toHaveBeenCalledWith({
-			className: '_Session',
-			context: {
-				sessionId: 'sessionId',
-				wabe: { controllers },
-				isRoot: true,
-			},
-			id: 'sessionId',
-			select: {},
-		})
-	})
-	it('should refresh a session', async () => {
-		const session = new Session<any>()
-		const { accessToken: oldAccessToken, refreshToken: oldRefreshToken } = await session.create(
-			'userId',
-			context,
-		)
-		mockGetObjects.mockResolvedValue([
-			{
-				id: 'sessionId',
-				refreshTokenEncrypted: encryptToken(oldRefreshToken, 'dev'),
-				refreshTokenExpiresAt: new Date(Date.now() + 1000 * 60 * 60 * 24),
-				user: {
-					id: 'userId',
-					email: 'userEmail',
-				},
-			},
-		])
-		const { accessToken, refreshToken } = await session.refresh(
-			oldAccessToken,
-			oldRefreshToken,
-			context,
-		)
-		expect(accessToken).not.toBeUndefined()
-		expect(refreshToken).not.toBeUndefined()
-		expect(mockGetObjects).toHaveBeenCalledTimes(1)
-		expect(mockGetObjects).toHaveBeenCalledWith({
-			className: '_Session',
-			where: {
-				accessTokenEncrypted: { equalTo: encryptToken(oldAccessToken, 'dev') },
-				refreshTokenEncrypted: {
-					equalTo: encryptToken(oldRefreshToken, 'dev'),
-				},
-			},
-			select: {
-				id: true,
-				user: {
-					id: true,
-					role: {
-						id: true,
-						name: true,
-					},
-				},
-				refreshTokenEncrypted: true,
-				refreshTokenExpiresAt: true,
-			},
-			context: expect.any(Object),
-		})
-		expect(mockUpdateObject).toHaveBeenCalledTimes(1)
-		expect(mockUpdateObject).toHaveBeenCalledWith({
-			className: '_Session',
-			context: expect.any(Object),
-			id: 'sessionId',
-			data: {
-				accessTokenEncrypted: expect.any(String),
-				accessTokenExpiresAt: expect.any(Date),
-				refreshTokenEncrypted: expect.any(String),
-				refreshTokenExpiresAt: expect.any(Date),
-			},
-			select: {},
-		})
-		const accessTokenExpiresAt = mockUpdateObject.mock.calls[0][0].data.accessTokenExpiresAt as Date
-		const refreshTokenExpiresAt = mockUpdateObject.mock.calls[0][0].data
-			.refreshTokenExpiresAt as Date
-		// -1000 to avoid flaky
-		expect(accessTokenExpiresAt.getTime()).toBeGreaterThan(Date.now() + 1000 * 60 * 15 - 1000)
-		// -1000 to avoid flaky
-		expect(refreshTokenExpiresAt.getTime()).toBeGreaterThan(
-			Date.now() + 1000 * 60 * 60 * 24 * 7 - 1000,
-		)
-	})
-	it('should return null if access token is invalid (malformed)', async () => {
-		const session = new Session<any>()
-		const res = await session.meFromAccessToken(
-			{ accessToken: 'not-a-jwt', csrfToken: '' },
-			context,
-		)
-		expect(res.accessToken).toBeNull()
-		expect(res.user).toBeNull()
-		expect(res.sessionId).toBeNull()
-	})
-	it('should enforce CSRF by default when cookies are used', async () => {
-		const session = new Session<any>()
-		mockGetObjects.mockResolvedValue([
-			{
-				id: 'sessionId',
-				refreshTokenEncrypted: encryptToken('refreshToken', 'dev'),
-				refreshTokenExpiresAt: new Date(Date.now() + 1000 * 60 * 60),
-				accessTokenExpiresAt: new Date(Date.now() + 1000 * 60 * 15),
-				user: {
-					id: 'userId',
-				},
-			},
-		])
-		const res = await session.meFromAccessToken({ accessToken: 'valid.jwt.token', csrfToken: '' }, {
-			isRoot: true,
-			wabe: {
-				controllers,
-				config: {
-					authentication: {
-						session: { jwtSecret: 'dev' },
-					},
-					security: {
-						// disableCSRFProtection undefined => protection ON
-					},
-				},
-			},
-		} as any)
-		expect(res.accessToken).toBeNull()
-		expect(res.user).toBeNull()
-		expect(res.sessionId).toBeNull()
-	})
-	it('should not refresh session if the access token does not already take 75% of time', () => {
-		const session = new Session<any>()
-		// 1 hour
-		const refreshTokenAgeInMs = 1000 * 60 * 60
-		// Expires in 1 hour
-		const date1 = new Date(Date.now() + 1000 * 60 * 60)
-		// Expires in 20 minutes
-		const date2 = new Date(Date.now() + 1000 * 60 * 15)
-		// Expired since 20 minutes
-		const date3 = new Date(Date.now() - 1000 * 60 * 20)
-		expect(session._isRefreshTokenExpired(date1, refreshTokenAgeInMs)).toBe(false)
-		expect(session._isRefreshTokenExpired(date2, refreshTokenAgeInMs)).toBe(true)
-		expect(session._isRefreshTokenExpired(date3, refreshTokenAgeInMs)).toBe(true)
-	})
-	it('should return null on refresh session if session not found', async () => {
-		mockGetObjects.mockResolvedValue([])
-		const session = new Session<any>()
-		const { accessToken: oldAccessToken, refreshToken: oldRefreshToken } = await session.create(
-			'userId',
-			context,
-		)
-		const { accessToken, refreshToken } = await session.refresh(
-			oldAccessToken,
-			oldRefreshToken,
-			context,
-		)
-		expect(accessToken).toBeNull()
-		expect(refreshToken).toBeNull()
-		expect(mockGetObjects).toHaveBeenCalledTimes(1)
-		expect(mockGetObjects).toHaveBeenCalledWith({
-			className: '_Session',
-			where: {
-				accessTokenEncrypted: { equalTo: encryptToken(oldAccessToken, 'dev') },
-				refreshTokenEncrypted: {
-					equalTo: encryptToken(oldRefreshToken, 'dev'),
-				},
-			},
-			select: {
-				id: true,
-				user: {
-					id: true,
-					role: {
-						id: true,
-						name: true,
-					},
-				},
-				refreshTokenEncrypted: true,
-				refreshTokenExpiresAt: true,
-			},
-			context: expect.any(Object),
-		})
-	})
-	it("should throw an error on refresh session if session's refresh token is expired", async () => {
-		mockGetObjects.mockResolvedValue([
-			{
-				id: 'sessionId',
-				refreshTokenEncrypted: encryptToken('refreshToken', 'dev'),
-				refreshTokenExpiresAt: new Date(Date.now() - 1000),
-				user: {
-					id: 'userId',
-					email: 'userEmail',
-				},
-			},
-		])
-		const session = new Session<any>()
-		const { refreshToken, accessToken } = await session.create('userId', context)
-		expect(session.refresh(accessToken, refreshToken, context)).rejects.toThrow(
-			'Refresh token expired',
-		)
-	})
-	it("should throw an error on refresh session if session's refresh token is not the same as the one in the database", async () => {
-		mockGetObjects.mockResolvedValue([
-			{
-				id: 'sessionId',
-				refreshTokenEncrypted: encryptToken('otherRefreshToken', 'dev'),
-				refreshTokenExpiresAt: new Date(Date.now() + 1000 * 60 * 60 * 24),
-				user: {
-					id: 'userId',
-					email: 'userEmail',
-				},
-			},
-		])
-		const session = new Session<any>()
-		const { refreshToken, accessToken } = await session.create('userId', context)
-		expect(session.refresh(accessToken, refreshToken, context)).rejects.toThrow(
-			'Invalid refresh token',
-		)
-	})
-})