mirror of
https://github.com/stack-auth/stack.git
synced 2026-06-13 21:01:21 +08:00
160 lines
5.2 KiB
TypeScript
160 lines
5.2 KiB
TypeScript
import { describe, expect, test } from "vitest";
|
|
import request from "supertest";
|
|
import { BASE_URL, INTERNAL_PROJECT_CLIENT_KEY, INTERNAL_PROJECT_ID } from "../../helpers";
|
|
import crypto from "crypto";
|
|
|
|
const AUTH_HEADER = {
|
|
"x-stack-project-id": INTERNAL_PROJECT_ID,
|
|
"x-stack-publishable-client-key": INTERNAL_PROJECT_CLIENT_KEY,
|
|
};
|
|
|
|
const JSON_HEADER = {
|
|
"content-type": "application/json"
|
|
}
|
|
|
|
function randomString() {
|
|
return crypto.randomBytes(16).toString("hex");
|
|
}
|
|
|
|
async function signUpWithEmailPassword() {
|
|
const email = randomString() + "@stack-test.example.com";
|
|
const password = randomString();
|
|
const response = await request(BASE_URL).post("/api/v1/auth/signup").set(AUTH_HEADER).set(JSON_HEADER).send({
|
|
email,
|
|
password,
|
|
emailVerificationRedirectUrl: 'https://localhost:3000/verify-email',
|
|
});
|
|
|
|
return { email, password, response };
|
|
}
|
|
|
|
async function signInWithEmailPassword(email: string, password: string) {
|
|
const response = await request(BASE_URL).post("/api/v1/auth/signin").set(AUTH_HEADER).set(JSON_HEADER).send({
|
|
email,
|
|
password,
|
|
});
|
|
|
|
return { email, password, response };
|
|
}
|
|
|
|
describe("Various internal project tests", () => {
|
|
test("Main Page", async () => {
|
|
const response = await request(BASE_URL).get("/");
|
|
expect(response.status).toBe(307);
|
|
});
|
|
|
|
test("API root (no authentication)", async () => {
|
|
const response = await request(BASE_URL).get("/api/v1");
|
|
expect(response.status).toBe(200);
|
|
expect(response.text).contains("Stack API")
|
|
expect(response.text).contains("Authentication: None")
|
|
});
|
|
|
|
test("Credential sign up", async () => {
|
|
const { response } = await signUpWithEmailPassword();
|
|
expect(response.status).toBe(200);
|
|
});
|
|
|
|
test("Credential sign in", async () => {
|
|
const { email, password } = await signUpWithEmailPassword();
|
|
const { response } = await signInWithEmailPassword(email, password);
|
|
|
|
expect(response.status).toBe(200);
|
|
});
|
|
|
|
test("No current user without authentication", async () => {
|
|
const response = await request(BASE_URL).get("/api/v1/current-user").set(AUTH_HEADER);
|
|
expect(response.status).toBe(200);
|
|
expect(response.body).toBe(null);
|
|
});
|
|
|
|
test("Get current user", async () => {
|
|
const { email, password, response } = await signUpWithEmailPassword();
|
|
await signInWithEmailPassword(email, password);
|
|
|
|
const response2 = await request(BASE_URL)
|
|
.get("/api/v1/current-user")
|
|
.set({
|
|
...AUTH_HEADER,
|
|
'authorization': 'StackSession ' + response.body.accessToken,
|
|
});
|
|
expect(response2.status).toBe(200);
|
|
expect(response2.body.primaryEmail).toBe(email)
|
|
});
|
|
|
|
test("Can't get current user with invalid token", async () => {
|
|
const response = await request(BASE_URL)
|
|
.get("/api/v1/current-user")
|
|
.set({
|
|
...AUTH_HEADER,
|
|
'authorization': 'StackSession invalid-token',
|
|
});
|
|
expect(response.status).toBeGreaterThanOrEqual(400);
|
|
expect(response.status).toBeLessThan(500);
|
|
});
|
|
|
|
test("Update current user's display name", async () => {
|
|
const { email, password, response } = await signUpWithEmailPassword();
|
|
await signInWithEmailPassword(email, password);
|
|
|
|
const response2 = await request(BASE_URL)
|
|
.put("/api/v1/current-user")
|
|
.set({
|
|
...AUTH_HEADER,
|
|
'authorization': 'StackSession ' + response.body.accessToken,
|
|
})
|
|
.set(JSON_HEADER)
|
|
.send({
|
|
displayName: "New display name",
|
|
});
|
|
expect(response2.status).toBe(200);
|
|
expect(response2.body.displayName).toBe("New display name");
|
|
});
|
|
|
|
test("Can't update current user's primary e-mail with client keys", async () => {
|
|
const { email, password, response } = await signUpWithEmailPassword();
|
|
await signInWithEmailPassword(email, password);
|
|
|
|
const response2 = await request(BASE_URL)
|
|
.put("/api/v1/current-user")
|
|
.set({
|
|
...AUTH_HEADER,
|
|
'authorization': 'StackSession ' + response.body.accessToken,
|
|
})
|
|
.set(JSON_HEADER)
|
|
.send({
|
|
primaryEmail: "thismailshouldntupdate@stack-test.example.com",
|
|
});
|
|
expect(response2.status).toBe(200);
|
|
expect(response2.body.primaryEmail).toBe(email);
|
|
});
|
|
|
|
test("Can't update non-existing user's display name", async () => {
|
|
const response = await request(BASE_URL)
|
|
.put("/api/v1/current-user")
|
|
.set(AUTH_HEADER)
|
|
.set(JSON_HEADER)
|
|
.send({
|
|
displayName: "New username",
|
|
});
|
|
expect(response.status).toBeGreaterThanOrEqual(400);
|
|
expect(response.status).toBeLessThan(500);
|
|
});
|
|
|
|
test("API root (signed in)", async () => {
|
|
const { email, password, response } = await signUpWithEmailPassword();
|
|
await signInWithEmailPassword(email, password);
|
|
|
|
const response2 = await request(BASE_URL).get("/api/v1").set({
|
|
...AUTH_HEADER,
|
|
'x-stack-request-type': 'client',
|
|
'authorization': 'StackSession ' + response.body.accessToken,
|
|
});
|
|
expect(response2.status).toBe(200);
|
|
expect(response2.text).contains("Stack API");
|
|
expect(response2.text).contains("Authentication: Client");
|
|
expect(response2.text).contains("Project: " + INTERNAL_PROJECT_ID);
|
|
expect(response2.text).contains("User: " + email);
|
|
});
|
|
});
|