From 791e16ce52bbf467d8b067bfc3b7bdd047dfb022 Mon Sep 17 00:00:00 2001 From: Pujit Mehrotra Date: Mon, 7 Oct 2024 10:12:21 -0400 Subject: [PATCH] test(CookieService): reading valid & invalid session cookies --- .../unraid-api/auth/cookie.service.spec.ts | 75 +++++++++++++++---- 1 file changed, 62 insertions(+), 13 deletions(-) diff --git a/api/src/unraid-api/auth/cookie.service.spec.ts b/api/src/unraid-api/auth/cookie.service.spec.ts index 1fd151fda..24ae9894c 100644 --- a/api/src/unraid-api/auth/cookie.service.spec.ts +++ b/api/src/unraid-api/auth/cookie.service.spec.ts @@ -1,18 +1,67 @@ -import { Test, TestingModule } from '@nestjs/testing'; -import { CookieService } from './cookie.service'; +import { Test, type TestingModule } from '@nestjs/testing'; +import { CookieService, SESSION_COOKIE_OPTIONS } from './cookie.service'; +import { describe, it, beforeAll, afterAll } from 'vitest'; +import { emptyDir, ensureFile } from 'fs-extra'; -describe('CookieService', () => { - let service: CookieService; +describe.concurrent('CookieService', () => { + let service: CookieService; + const sessionDir = '/tmp/php/sessions'; - beforeEach(async () => { - const module: TestingModule = await Test.createTestingModule({ - providers: [CookieService], - }).compile(); + // helper to create a session file + function makeSession(sessionId: string, cookieService: CookieService = service) { + const path = cookieService.getSessionFilePath(sessionId); + return ensureFile(path); + } - service = module.get(CookieService); - }); + beforeAll(async () => { + const module: TestingModule = await Test.createTestingModule({ + providers: [ + CookieService, + { provide: SESSION_COOKIE_OPTIONS, useValue: { namePrefix: 'unraid_', sessionDir } }, + ], + }).compile(); - it('should be defined', () => { - expect(service).toBeDefined(); - }); + service = module.get(CookieService); + await emptyDir(sessionDir); + }); + + afterAll(async () => { + await emptyDir(sessionDir); + }); + + it('has completed test setup', ({ expect }) => { + expect(service).toBeDefined(); + expect(service.opts.sessionDir).toEqual(sessionDir); + expect(service.opts.namePrefix).toEqual('unraid_'); + }); + + it('handles session names robustly', ({ expect }) => { + const session = (name?: unknown) => service.getSessionFilePath(name as string); + expect(session('foo')).toEqual('/tmp/php/sessions/sess_foo'); + expect(session('')).toEqual('/tmp/php/sessions/sess_'); + expect(session(null)).toEqual('/tmp/php/sessions/sess_null'); + expect(session(undefined)).toEqual('/tmp/php/sessions/sess_undefined'); + expect(session(1)).toEqual('/tmp/php/sessions/sess_1'); + expect(session(1.0)).toEqual('/tmp/php/sessions/sess_1'); + expect(session(1.1)).toEqual('/tmp/php/sessions/sess_1.1'); + expect(session({})).toEqual('/tmp/php/sessions/sess_[object Object]'); + expect(session(['foo', 'bar'])).toEqual('/tmp/php/sessions/sess_foo,bar'); + expect(session('foo/bar')).toEqual('/tmp/php/sessions/sess_foo/bar'); + }); + + it('can read an existing session & reject a non-existent one', async ({ expect }) => { + const sessionId = '123abc'; + expect(await service.hasValidAuthCookie({ unraid_session: sessionId })).toBe(false); + await makeSession(sessionId); + expect(await service.hasValidAuthCookie({ unraid_session: sessionId })).toBe(true); + }); + + it('can recognize session cookies', async ({ expect }) => { + const sessionId = '123abc'; + await makeSession(sessionId); + expect(await service.hasValidAuthCookie({ unraid: sessionId })).toBe(false); + expect(await service.hasValidAuthCookie({ unraid_: sessionId })).toBe(true); + expect(await service.hasValidAuthCookie({ unraid_0: sessionId })).toBe(true); + expect(await service.hasValidAuthCookie({ unraid_session: sessionId })).toBe(true); + }); });