feat: usage of ESM modules imports (instead of CommonJS)
BREAKING CHANGE: This package is now pure ESM BREAKING CHANGE: minimum supported Node.js >= 16.0.0
This commit is contained in:
parent
559ad8bd6d
commit
dbb363747d
@ -1,22 +1,14 @@
|
||||
{
|
||||
"extends": ["standard-with-typescript", "prettier"],
|
||||
"plugins": ["unicorn", "import", "prettier"],
|
||||
"extends": ["conventions", "prettier"],
|
||||
"plugins": ["prettier", "import", "unicorn"],
|
||||
"parserOptions": {
|
||||
"project": "./tsconfig.json"
|
||||
},
|
||||
"env": {
|
||||
"node": true,
|
||||
"jest": true
|
||||
"node": true
|
||||
},
|
||||
"rules": {
|
||||
"prettier/prettier": "error",
|
||||
"import/order": [
|
||||
"error",
|
||||
{
|
||||
"groups": ["builtin", "external", "internal"],
|
||||
"newlines-between": "always"
|
||||
}
|
||||
],
|
||||
"import/extensions": ["error", "always"],
|
||||
"unicorn/prefer-node-protocol": "error"
|
||||
}
|
||||
|
6
.github/workflows/build.yml
vendored
6
.github/workflows/build.yml
vendored
@ -10,10 +10,10 @@ jobs:
|
||||
build:
|
||||
runs-on: 'ubuntu-latest'
|
||||
steps:
|
||||
- uses: 'actions/checkout@v2'
|
||||
- uses: 'actions/checkout@v3.0.0'
|
||||
|
||||
- name: 'Use Node.js'
|
||||
uses: 'actions/setup-node@v2.5.1'
|
||||
uses: 'actions/setup-node@v3.1.0'
|
||||
with:
|
||||
node-version: 'lts/*'
|
||||
cache: 'npm'
|
||||
@ -21,5 +21,5 @@ jobs:
|
||||
- name: 'Install'
|
||||
run: 'npm install'
|
||||
|
||||
- name: 'Build Package'
|
||||
- name: 'Build'
|
||||
run: 'npm run build'
|
||||
|
4
.github/workflows/lint.yml
vendored
4
.github/workflows/lint.yml
vendored
@ -10,10 +10,10 @@ jobs:
|
||||
lint:
|
||||
runs-on: 'ubuntu-latest'
|
||||
steps:
|
||||
- uses: 'actions/checkout@v2'
|
||||
- uses: 'actions/checkout@v3.0.0'
|
||||
|
||||
- name: 'Use Node.js'
|
||||
uses: 'actions/setup-node@v2.5.1'
|
||||
uses: 'actions/setup-node@v3.1.0'
|
||||
with:
|
||||
node-version: 'lts/*'
|
||||
cache: 'npm'
|
||||
|
4
.github/workflows/release.yml
vendored
4
.github/workflows/release.yml
vendored
@ -8,10 +8,10 @@ jobs:
|
||||
release:
|
||||
runs-on: 'ubuntu-latest'
|
||||
steps:
|
||||
- uses: 'actions/checkout@v2'
|
||||
- uses: 'actions/checkout@v3.0.0'
|
||||
|
||||
- name: 'Use Node.js'
|
||||
uses: 'actions/setup-node@v2.5.1'
|
||||
uses: 'actions/setup-node@v3.1.0'
|
||||
with:
|
||||
node-version: 'lts/*'
|
||||
cache: 'npm'
|
||||
|
9
.github/workflows/test.yml
vendored
9
.github/workflows/test.yml
vendored
@ -10,10 +10,10 @@ jobs:
|
||||
test:
|
||||
runs-on: 'ubuntu-latest'
|
||||
steps:
|
||||
- uses: 'actions/checkout@v2'
|
||||
- uses: 'actions/checkout@v3.0.0'
|
||||
|
||||
- name: 'Use Node.js'
|
||||
uses: 'actions/setup-node@v2.5.1'
|
||||
uses: 'actions/setup-node@v3.1.0'
|
||||
with:
|
||||
node-version: 'lts/*'
|
||||
cache: 'npm'
|
||||
@ -21,8 +21,11 @@ jobs:
|
||||
- name: 'Install'
|
||||
run: 'npm install'
|
||||
|
||||
- name: 'Build'
|
||||
run: 'npm run build'
|
||||
|
||||
- name: 'Test'
|
||||
run: 'npm run test'
|
||||
|
||||
- name: 'Upload Coverage'
|
||||
uses: 'codecov/codecov-action@v2.1.0'
|
||||
uses: 'codecov/codecov-action@v3.0.0'
|
||||
|
1
.gitignore
vendored
1
.gitignore
vendored
@ -10,6 +10,7 @@ build
|
||||
|
||||
# testing
|
||||
coverage
|
||||
.nyc_output
|
||||
|
||||
# debug
|
||||
npm-debug.log*
|
||||
|
@ -1,10 +1,6 @@
|
||||
{
|
||||
"*": ["editorconfig-checker"],
|
||||
"*.{js,jsx,ts,tsx}": [
|
||||
"prettier --write",
|
||||
"eslint --fix",
|
||||
"jest --findRelatedTests"
|
||||
],
|
||||
"*.{js,jsx,ts,tsx}": ["prettier --write", "eslint --fix"],
|
||||
"*.{json,jsonc,yml,yaml}": ["prettier --write"],
|
||||
"*.{md}": ["prettier --write", "markdownlint --dot --fix"]
|
||||
}
|
||||
|
5
.nycrc.json
Normal file
5
.nycrc.json
Normal file
@ -0,0 +1,5 @@
|
||||
{
|
||||
"reporter": ["text", "cobertura"],
|
||||
"src": "./build",
|
||||
"all": true
|
||||
}
|
2
.swcrc
2
.swcrc
@ -13,7 +13,7 @@
|
||||
"loose": true
|
||||
},
|
||||
"module": {
|
||||
"type": "commonjs",
|
||||
"type": "es6",
|
||||
"strict": false,
|
||||
"strictMode": true,
|
||||
"lazy": false,
|
||||
|
9
.taprc
Normal file
9
.taprc
Normal file
@ -0,0 +1,9 @@
|
||||
ts: false
|
||||
jsx: false
|
||||
flow: false
|
||||
check-coverage: false
|
||||
coverage: false
|
||||
timeout: 10000
|
||||
|
||||
files:
|
||||
- 'build/**/*.test.js'
|
@ -21,7 +21,7 @@ All work on **Thream** happens directly on [GitHub](https://github.com/Thream).
|
||||
|
||||
- **Please first discuss** the change you wish to make via [issue](https://github.com/Thream/socketio-jwt/issues) before making a change. It might avoid a waste of your time.
|
||||
|
||||
- Ensure your code respect `eslint` and `prettier`.
|
||||
- Ensure your code respect linting.
|
||||
|
||||
- Make sure your **code passes the tests**.
|
||||
|
||||
|
@ -27,6 +27,10 @@ Compatible with `socket.io >= 3.0.0`.
|
||||
|
||||
This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) & it is not intended to take any credit but to improve the code from now on.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- [Node.js](https://nodejs.org/) >= 16.0.0
|
||||
|
||||
## 💾 Install
|
||||
|
||||
**Note:** It is a package that is recommended to use/install on both the client and server sides.
|
||||
|
@ -1,10 +0,0 @@
|
||||
{
|
||||
"testEnvironment": "node",
|
||||
"resolver": "jest-ts-webcompat-resolver",
|
||||
"transform": {
|
||||
"^.+\\.(t|j)sx?$": ["@swc/jest"]
|
||||
},
|
||||
"rootDir": "./src",
|
||||
"collectCoverage": true,
|
||||
"coverageDirectory": "../coverage/"
|
||||
}
|
14261
package-lock.json
generated
14261
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
52
package.json
52
package.json
@ -1,6 +1,7 @@
|
||||
{
|
||||
"name": "@thream/socketio-jwt",
|
||||
"version": "0.0.0-development",
|
||||
"type": "module",
|
||||
"public": true,
|
||||
"description": "Authenticate socket.io incoming connections with JWTs.",
|
||||
"license": "MIT",
|
||||
@ -10,7 +11,7 @@
|
||||
"build"
|
||||
],
|
||||
"engines": {
|
||||
"node": ">=12.0.0"
|
||||
"node": ">=16.0.0"
|
||||
},
|
||||
"publishConfig": {
|
||||
"access": "public"
|
||||
@ -31,13 +32,14 @@
|
||||
"homepage": "https://github.com/Thream/socketio-jwt#readme",
|
||||
"scripts": {
|
||||
"build": "rimraf ./build && swc ./src --out-dir ./build && tsc",
|
||||
"build:dev": "swc ./src --out-dir ./build --watch",
|
||||
"lint:commit": "commitlint",
|
||||
"lint:editorconfig": "editorconfig-checker",
|
||||
"lint:markdown": "markdownlint \"**/*.md\" --dot --ignore-path \".gitignore\"",
|
||||
"lint:typescript": "eslint \"**/*.{js,jsx,ts,tsx}\" --ignore-path \".gitignore\"",
|
||||
"lint:prettier": "prettier \".\" --check --ignore-path \".gitignore\"",
|
||||
"lint:staged": "lint-staged",
|
||||
"test": "jest",
|
||||
"test": "c8 tap",
|
||||
"release": "semantic-release",
|
||||
"postinstall": "husky install",
|
||||
"prepublishOnly": "pinst --disable",
|
||||
@ -50,40 +52,36 @@
|
||||
"jsonwebtoken": "8.5.1"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@commitlint/cli": "16.2.1",
|
||||
"@commitlint/cli": "16.2.3",
|
||||
"@commitlint/config-conventional": "16.2.1",
|
||||
"@swc/cli": "0.1.55",
|
||||
"@swc/core": "1.2.141",
|
||||
"@swc/jest": "0.2.17",
|
||||
"@types/express": "4.17.13",
|
||||
"@types/jest": "27.4.0",
|
||||
"@swc/cli": "0.1.57",
|
||||
"@swc/core": "1.2.164",
|
||||
"@types/jsonwebtoken": "8.5.8",
|
||||
"@types/node": "17.0.18",
|
||||
"@types/server-destroy": "1.0.1",
|
||||
"@typescript-eslint/eslint-plugin": "4.32.0",
|
||||
"axios": "0.26.0",
|
||||
"@types/node": "17.0.23",
|
||||
"@types/tap": "15.0.6",
|
||||
"@typescript-eslint/eslint-plugin": "5.18.0",
|
||||
"@typescript-eslint/parser": "5.18.0",
|
||||
"axios": "0.26.1",
|
||||
"c8": "7.11.0",
|
||||
"editorconfig-checker": "4.0.2",
|
||||
"eslint": "7.32.0",
|
||||
"eslint-config-prettier": "8.3.0",
|
||||
"eslint-config-standard-with-typescript": "21.0.1",
|
||||
"eslint-plugin-import": "2.25.4",
|
||||
"eslint-plugin-node": "11.1.0",
|
||||
"eslint": "8.12.0",
|
||||
"eslint-config-conventions": "2.0.0",
|
||||
"eslint-config-prettier": "8.5.0",
|
||||
"eslint-plugin-import": "2.26.0",
|
||||
"eslint-plugin-prettier": "4.0.0",
|
||||
"eslint-plugin-promise": "5.2.0",
|
||||
"eslint-plugin-unicorn": "40.1.0",
|
||||
"express": "4.17.3",
|
||||
"eslint-plugin-promise": "6.0.0",
|
||||
"eslint-plugin-unicorn": "42.0.0",
|
||||
"fastify": "3.28.0",
|
||||
"husky": "7.0.4",
|
||||
"jest": "27.5.1",
|
||||
"jest-ts-webcompat-resolver": "1.0.0",
|
||||
"lint-staged": "12.3.4",
|
||||
"lint-staged": "12.3.7",
|
||||
"markdownlint-cli": "0.31.1",
|
||||
"pinst": "2.1.6",
|
||||
"pinst": "3.0.0",
|
||||
"prettier": "2.6.2",
|
||||
"rimraf": "3.0.2",
|
||||
"semantic-release": "19.0.2",
|
||||
"server-destroy": "1.0.1",
|
||||
"prettier": "2.5.1",
|
||||
"socket.io": "4.4.1",
|
||||
"socket.io-client": "4.4.1",
|
||||
"typescript": "4.5.5"
|
||||
"tap": "16.0.1",
|
||||
"typescript": "4.6.3"
|
||||
}
|
||||
}
|
||||
|
@ -1,194 +1,204 @@
|
||||
import tap from 'tap'
|
||||
import axios from 'axios'
|
||||
import { io } from 'socket.io-client'
|
||||
import { io, Socket } from 'socket.io-client'
|
||||
|
||||
import { isUnauthorizedError } from '../UnauthorizedError.js'
|
||||
import {
|
||||
API_URL,
|
||||
fixtureStart,
|
||||
fixtureStop,
|
||||
getSocket,
|
||||
basicProfile,
|
||||
Profile
|
||||
} from './fixture/index.js'
|
||||
|
||||
describe('authorize - with secret as string in options', () => {
|
||||
let token: string = ''
|
||||
|
||||
beforeEach((done) => {
|
||||
fixtureStart(async () => {
|
||||
const response = await axios.post('http://localhost:9000/login')
|
||||
token = response.data.token
|
||||
})
|
||||
.then(done)
|
||||
.catch((error) => {
|
||||
done(error)
|
||||
})
|
||||
})
|
||||
|
||||
afterEach((done) => {
|
||||
fixtureStop(done)
|
||||
})
|
||||
|
||||
it('should emit error with no token provided', (done) => {
|
||||
const socket = io('http://localhost:9000')
|
||||
socket.on('connect_error', (error) => {
|
||||
expect(isUnauthorizedError(error)).toBeTruthy()
|
||||
if (isUnauthorizedError(error)) {
|
||||
expect(error.data.message).toEqual('no token provided')
|
||||
expect(error.data.code).toEqual('credentials_required')
|
||||
}
|
||||
socket.close()
|
||||
done()
|
||||
})
|
||||
})
|
||||
|
||||
it('should emit error with bad token format', (done) => {
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: 'testing' }
|
||||
})
|
||||
socket.on('connect_error', (error) => {
|
||||
expect(isUnauthorizedError(error)).toBeTruthy()
|
||||
if (isUnauthorizedError(error)) {
|
||||
expect(error.data.message).toEqual(
|
||||
'Format is Authorization: Bearer [token]'
|
||||
)
|
||||
expect(error.data.code).toEqual('credentials_bad_format')
|
||||
}
|
||||
socket.close()
|
||||
done()
|
||||
})
|
||||
})
|
||||
|
||||
it('should emit error with unauthorized handshake', (done) => {
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: 'Bearer testing' }
|
||||
})
|
||||
socket.on('connect_error', (error) => {
|
||||
expect(isUnauthorizedError(error)).toBeTruthy()
|
||||
if (isUnauthorizedError(error)) {
|
||||
expect(error.data.message).toEqual(
|
||||
'Unauthorized: Token is missing or invalid Bearer'
|
||||
)
|
||||
expect(error.data.code).toEqual('invalid_token')
|
||||
}
|
||||
socket.close()
|
||||
done()
|
||||
})
|
||||
})
|
||||
|
||||
it('should connect the user', (done) => {
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
})
|
||||
socket.on('connect', () => {
|
||||
socket.close()
|
||||
done()
|
||||
})
|
||||
socket.on('connect_error', (error) => {
|
||||
done(error)
|
||||
})
|
||||
})
|
||||
export const api = axios.create({
|
||||
baseURL: API_URL,
|
||||
headers: {
|
||||
'Content-Type': 'application/json'
|
||||
}
|
||||
})
|
||||
|
||||
const secretCallback = async (): Promise<string> => {
|
||||
return 'somesecret'
|
||||
}
|
||||
|
||||
describe('authorize - with secret as callback in options', () => {
|
||||
let token: string = ''
|
||||
await tap.test('authorize', async (t) => {
|
||||
await t.test('with secret as string in options', async (t) => {
|
||||
let token = ''
|
||||
let socket: Socket | null = null
|
||||
|
||||
beforeEach((done) => {
|
||||
fixtureStart(
|
||||
async () => {
|
||||
const response = await axios.post('http://localhost:9000/login')
|
||||
token = response.data.token
|
||||
},
|
||||
{ secret: secretCallback }
|
||||
)
|
||||
.then(done)
|
||||
.catch((error) => {
|
||||
done(error)
|
||||
t.beforeEach(async () => {
|
||||
await fixtureStart()
|
||||
const response = await api.post('/login', {})
|
||||
token = response.data.token
|
||||
})
|
||||
|
||||
t.afterEach(async () => {
|
||||
socket?.disconnect()
|
||||
await fixtureStop()
|
||||
})
|
||||
|
||||
await t.test('should emit error with no token provided', (t) => {
|
||||
t.plan(4)
|
||||
socket = io(API_URL)
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.equal(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
t.equal(error.data.message, 'no token provided')
|
||||
t.equal(error.data.code, 'credentials_required')
|
||||
}
|
||||
t.pass()
|
||||
})
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.fail()
|
||||
})
|
||||
})
|
||||
|
||||
afterEach((done) => {
|
||||
fixtureStop(done)
|
||||
})
|
||||
await t.test('should emit error with bad token format', (t) => {
|
||||
t.plan(4)
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'testing' }
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.equal(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
t.equal(error.data.message, 'Format is Authorization: Bearer [token]')
|
||||
t.equal(error.data.code, 'credentials_bad_format')
|
||||
}
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.fail()
|
||||
})
|
||||
})
|
||||
|
||||
it('should emit error with no token provided', (done) => {
|
||||
const socket = io('http://localhost:9000')
|
||||
socket.on('connect_error', (error) => {
|
||||
expect(isUnauthorizedError(error)).toBeTruthy()
|
||||
if (isUnauthorizedError(error)) {
|
||||
expect(error.data.message).toEqual('no token provided')
|
||||
expect(error.data.code).toEqual('credentials_required')
|
||||
}
|
||||
socket.close()
|
||||
done()
|
||||
await t.test('should emit error with unauthorized handshake', (t) => {
|
||||
t.plan(4)
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'Bearer testing' }
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.equal(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
t.equal(
|
||||
error.data.message,
|
||||
'Unauthorized: Token is missing or invalid Bearer'
|
||||
)
|
||||
t.equal(error.data.code, 'invalid_token')
|
||||
}
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.fail()
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should connect the user', (t) => {
|
||||
t.plan(1)
|
||||
socket = io(API_URL, {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.fail(error.message)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
it('should emit error with bad token format', (done) => {
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: 'testing' }
|
||||
await t.test('with secret as callback in options', async (t) => {
|
||||
let token = ''
|
||||
let socket: Socket | null = null
|
||||
|
||||
t.beforeEach(async () => {
|
||||
await fixtureStart({ secret: secretCallback })
|
||||
const response = await api.post('/login', {})
|
||||
token = response.data.token
|
||||
})
|
||||
socket.on('connect_error', (error) => {
|
||||
expect(isUnauthorizedError(error)).toBeTruthy()
|
||||
if (isUnauthorizedError(error)) {
|
||||
expect(error.data.message).toEqual(
|
||||
'Format is Authorization: Bearer [token]'
|
||||
)
|
||||
expect(error.data.code).toEqual('credentials_bad_format')
|
||||
}
|
||||
socket.close()
|
||||
done()
|
||||
|
||||
t.afterEach(async () => {
|
||||
socket?.disconnect()
|
||||
await fixtureStop()
|
||||
})
|
||||
|
||||
await t.test('should emit error with no token provided', (t) => {
|
||||
t.plan(4)
|
||||
socket = io(API_URL)
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.equal(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
t.equal(error.data.message, 'no token provided')
|
||||
t.equal(error.data.code, 'credentials_required')
|
||||
}
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.fail()
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should emit error with bad token format', (t) => {
|
||||
t.plan(4)
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'testing' }
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.equal(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
t.equal(error.data.message, 'Format is Authorization: Bearer [token]')
|
||||
t.equal(error.data.code, 'credentials_bad_format')
|
||||
}
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.fail()
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should emit error with unauthorized handshake', (t) => {
|
||||
t.plan(4)
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'Bearer testing' }
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.equal(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
t.equal(
|
||||
error.data.message,
|
||||
'Unauthorized: Token is missing or invalid Bearer'
|
||||
)
|
||||
t.equal(error.data.code, 'invalid_token')
|
||||
}
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.fail()
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should connect the user', (t) => {
|
||||
t.plan(1)
|
||||
socket = io(API_URL, {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.fail(error.message)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
it('should emit error with unauthorized handshake', (done) => {
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: 'Bearer testing' }
|
||||
})
|
||||
socket.on('connect_error', (error) => {
|
||||
expect(isUnauthorizedError(error)).toBeTruthy()
|
||||
if (isUnauthorizedError(error)) {
|
||||
expect(error.data.message).toEqual(
|
||||
'Unauthorized: Token is missing or invalid Bearer'
|
||||
)
|
||||
expect(error.data.code).toEqual('invalid_token')
|
||||
}
|
||||
socket.close()
|
||||
done()
|
||||
})
|
||||
})
|
||||
await t.test('with onAuthentication callback in options', async (t) => {
|
||||
let token = ''
|
||||
let wrongToken = ''
|
||||
let socket: Socket | null = null
|
||||
|
||||
it('should connect the user', (done) => {
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
})
|
||||
socket.on('connect', () => {
|
||||
socket.close()
|
||||
done()
|
||||
})
|
||||
socket.on('connect_error', (error) => {
|
||||
done(error)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
describe('authorize - with onAuthentication callback in options', () => {
|
||||
let token: string = ''
|
||||
let wrongToken: string = ''
|
||||
|
||||
beforeEach((done) => {
|
||||
fixtureStart(
|
||||
async () => {
|
||||
const response = await axios.post('http://localhost:9000/login')
|
||||
token = response.data.token
|
||||
const responseWrong = await axios.post(
|
||||
'http://localhost:9000/login-wrong'
|
||||
)
|
||||
wrongToken = responseWrong.data.token
|
||||
},
|
||||
{
|
||||
t.beforeEach(async () => {
|
||||
await fixtureStart({
|
||||
secret: secretCallback,
|
||||
onAuthentication: (decodedToken: Profile) => {
|
||||
if (!decodedToken.checkField) {
|
||||
@ -198,102 +208,117 @@ describe('authorize - with onAuthentication callback in options', () => {
|
||||
email: decodedToken.email
|
||||
}
|
||||
}
|
||||
}
|
||||
)
|
||||
.then(done)
|
||||
.catch((error) => {
|
||||
done(error)
|
||||
})
|
||||
})
|
||||
const response = await api.post('/login', {})
|
||||
token = response.data.token
|
||||
const responseWrong = await api.post('/login-wrong', {})
|
||||
wrongToken = responseWrong.data.token
|
||||
})
|
||||
|
||||
afterEach((done) => {
|
||||
fixtureStop(done)
|
||||
})
|
||||
t.afterEach(async () => {
|
||||
socket?.disconnect()
|
||||
await fixtureStop()
|
||||
})
|
||||
|
||||
it('should emit error with no token provided', (done) => {
|
||||
const socket = io('http://localhost:9000')
|
||||
socket.on('connect_error', (error) => {
|
||||
expect(isUnauthorizedError(error)).toBeTruthy()
|
||||
if (isUnauthorizedError(error)) {
|
||||
expect(error.data.message).toEqual('no token provided')
|
||||
expect(error.data.code).toEqual('credentials_required')
|
||||
}
|
||||
socket.close()
|
||||
done()
|
||||
await t.test('should emit error with no token provided', (t) => {
|
||||
t.plan(4)
|
||||
socket = io(API_URL)
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.equal(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
t.equal(error.data.message, 'no token provided')
|
||||
t.equal(error.data.code, 'credentials_required')
|
||||
}
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.fail()
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
it('should emit error with bad token format', (done) => {
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: 'testing' }
|
||||
await t.test('should emit error with bad token format', (t) => {
|
||||
t.plan(4)
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'testing' }
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.equal(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
t.equal(error.data.message, 'Format is Authorization: Bearer [token]')
|
||||
t.equal(error.data.code, 'credentials_bad_format')
|
||||
}
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.fail()
|
||||
})
|
||||
})
|
||||
socket.on('connect_error', (error) => {
|
||||
expect(isUnauthorizedError(error)).toBeTruthy()
|
||||
if (isUnauthorizedError(error)) {
|
||||
expect(error.data.message).toEqual(
|
||||
'Format is Authorization: Bearer [token]'
|
||||
)
|
||||
expect(error.data.code).toEqual('credentials_bad_format')
|
||||
}
|
||||
socket.close()
|
||||
done()
|
||||
})
|
||||
})
|
||||
|
||||
it('should emit error with unauthorized handshake', (done) => {
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: 'Bearer testing' }
|
||||
await t.test('should emit error with unauthorized handshake', (t) => {
|
||||
t.plan(4)
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'Bearer testing' }
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.equal(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
t.equal(
|
||||
error.data.message,
|
||||
'Unauthorized: Token is missing or invalid Bearer'
|
||||
)
|
||||
t.equal(error.data.code, 'invalid_token')
|
||||
}
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.fail()
|
||||
})
|
||||
})
|
||||
socket.on('connect_error', (error) => {
|
||||
expect(isUnauthorizedError(error)).toBeTruthy()
|
||||
if (isUnauthorizedError(error)) {
|
||||
expect(error.data.message).toEqual(
|
||||
'Unauthorized: Token is missing or invalid Bearer'
|
||||
)
|
||||
expect(error.data.code).toEqual('invalid_token')
|
||||
}
|
||||
socket.close()
|
||||
done()
|
||||
})
|
||||
})
|
||||
|
||||
it('should connect the user', (done) => {
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
await t.test('should connect the user', (t) => {
|
||||
t.plan(1)
|
||||
socket = io(API_URL, {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.pass()
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.fail(error.message)
|
||||
})
|
||||
})
|
||||
socket.on('connect', () => {
|
||||
socket.close()
|
||||
done()
|
||||
})
|
||||
})
|
||||
|
||||
it('should contain user property', (done) => {
|
||||
const socketServer = getSocket()
|
||||
socketServer?.on('connection', (client: any) => {
|
||||
expect(client.user.email).toEqual('john@doe.com')
|
||||
await t.test('should contains user properties', (t) => {
|
||||
t.plan(2)
|
||||
const socketServer = getSocket()
|
||||
socketServer?.on('connection', (client: any) => {
|
||||
t.equal(client.user.email, basicProfile.email)
|
||||
t.pass()
|
||||
})
|
||||
socket = io(API_URL, {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
t.fail(error.message)
|
||||
})
|
||||
})
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
})
|
||||
socket.on('connect', () => {
|
||||
socket.close()
|
||||
done()
|
||||
})
|
||||
})
|
||||
|
||||
it('should emit error when user validation fails', (done) => {
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: `Bearer ${wrongToken}` }
|
||||
})
|
||||
socket.on('connect_error', (err: any) => {
|
||||
try {
|
||||
expect(err.message).toEqual('Check Field validation failed')
|
||||
} catch (err) {
|
||||
socket.close()
|
||||
done(err)
|
||||
}
|
||||
socket.close()
|
||||
done()
|
||||
await t.test('should emit error when user validation fails', (t) => {
|
||||
t.plan(2)
|
||||
socket = io(API_URL, {
|
||||
auth: { token: `Bearer ${wrongToken}` }
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
try {
|
||||
t.equal(error.message, 'Check Field validation failed')
|
||||
t.pass()
|
||||
} catch {
|
||||
t.fail()
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
t.fail()
|
||||
})
|
||||
})
|
||||
})
|
||||
})
|
||||
|
@ -1,42 +1,41 @@
|
||||
import type { Server as HttpServer } from 'node:http'
|
||||
import type { Server as HttpsServer } from 'node:https'
|
||||
|
||||
import express from 'express'
|
||||
import jwt from 'jsonwebtoken'
|
||||
import { Server as SocketIoServer } from 'socket.io'
|
||||
import enableDestroy from 'server-destroy'
|
||||
import fastify, { FastifyInstance } from 'fastify'
|
||||
|
||||
import { authorize, AuthorizeOptions } from '../../index.js'
|
||||
|
||||
export interface Profile {
|
||||
interface FastifyIo {
|
||||
instance: SocketIoServer
|
||||
}
|
||||
|
||||
declare module 'fastify' {
|
||||
export interface FastifyInstance {
|
||||
io: FastifyIo
|
||||
}
|
||||
}
|
||||
|
||||
export interface BasicProfile {
|
||||
email: string
|
||||
id: number
|
||||
}
|
||||
|
||||
export interface Profile extends BasicProfile {
|
||||
checkField: boolean
|
||||
}
|
||||
|
||||
interface Socket {
|
||||
io: null | SocketIoServer
|
||||
init: (httpServer: HttpServer | HttpsServer) => void
|
||||
export const PORT = 9000
|
||||
export const API_URL = `http://localhost:${PORT}`
|
||||
export const basicProfile: BasicProfile = {
|
||||
email: 'john@doe.com',
|
||||
id: 123
|
||||
}
|
||||
|
||||
const socket: Socket = {
|
||||
io: null,
|
||||
init(httpServer) {
|
||||
socket.io = new SocketIoServer(httpServer)
|
||||
}
|
||||
}
|
||||
|
||||
let server: HttpServer | null = null
|
||||
let application: FastifyInstance | null = null
|
||||
|
||||
export const fixtureStart = async (
|
||||
done: any,
|
||||
options: AuthorizeOptions = { secret: 'super secret' }
|
||||
): Promise<void> => {
|
||||
const profile: Profile = {
|
||||
email: 'john@doe.com',
|
||||
id: 123,
|
||||
checkField: true
|
||||
}
|
||||
const profile: Profile = { ...basicProfile, checkField: true }
|
||||
let keySecret = ''
|
||||
if (typeof options.secret === 'string') {
|
||||
keySecret = options.secret
|
||||
@ -46,35 +45,35 @@ export const fixtureStart = async (
|
||||
payload: profile
|
||||
})
|
||||
}
|
||||
const app = express()
|
||||
app.use(express.json())
|
||||
app.post('/login', (_req, res) => {
|
||||
application = fastify()
|
||||
application.post('/login', async (_request, reply) => {
|
||||
const token = jwt.sign(profile, keySecret, {
|
||||
expiresIn: 60 * 60 * 5
|
||||
})
|
||||
return res.json({ token })
|
||||
reply.statusCode = 201
|
||||
return { token }
|
||||
})
|
||||
app.post('/login-wrong', (_req, res) => {
|
||||
application.post('/login-wrong', async (_request, reply) => {
|
||||
profile.checkField = false
|
||||
const token = jwt.sign(profile, keySecret, {
|
||||
expiresIn: 60 * 60 * 5
|
||||
})
|
||||
return res.json({ token })
|
||||
reply.statusCode = 201
|
||||
return { token }
|
||||
})
|
||||
server = app.listen(9000, done)
|
||||
socket.init(server)
|
||||
socket.io?.use(authorize(options))
|
||||
enableDestroy(server)
|
||||
const instance = new SocketIoServer(application.server)
|
||||
instance.use(authorize(options))
|
||||
application.decorate('io', { instance })
|
||||
application.addHook('onClose', (fastify) => {
|
||||
fastify.io.instance.close()
|
||||
})
|
||||
await application.listen(PORT)
|
||||
}
|
||||
|
||||
export const fixtureStop = (callback: Function): void => {
|
||||
socket.io?.close()
|
||||
try {
|
||||
server?.destroy()
|
||||
} catch {}
|
||||
callback()
|
||||
export const fixtureStop = async (): Promise<void> => {
|
||||
await application?.close()
|
||||
}
|
||||
|
||||
export const getSocket = (): SocketIoServer | null => {
|
||||
return socket.io
|
||||
export const getSocket = (): SocketIoServer | undefined => {
|
||||
return application?.io.instance
|
||||
}
|
||||
|
@ -1,7 +1,7 @@
|
||||
{
|
||||
"compilerOptions": {
|
||||
"target": "ESNext",
|
||||
"module": "commonjs",
|
||||
"module": "ESNext",
|
||||
"lib": ["ESNext"],
|
||||
"moduleResolution": "node",
|
||||
"outDir": "./build",
|
||||
|
Reference in New Issue
Block a user