Skip to content

Instantly share code, notes, and snippets.

@jeshuamaxey

jeshuamaxey/authed-agent.js

Last active December 10, 2017 18:21
Show Gist options
  • Save jeshuamaxey/e88a21f802445bf05e18 to your computer and use it in GitHub Desktop.
Save jeshuamaxey/e88a21f802445bf05e18 to your computer and use it in GitHub Desktop.
Download ZIP
A helper script which generates an authenticated user for testing angular fullstack API endpoints
Raw
authed-agent.js
/**
* adapted from code by chiyuk
* https://github.com/DaftMonk/generator-angular-fullstack/issues/494#issuecomment-62564718
*/
'use strict';
var app = require('../app');
var User = require('../api/user/user.model');
var request = require('supertest');
var Q = require('q');
// used to generate unique email addresses
var userCounter = 0;
function Authed(role) {
var agent = request.agent(app);
var deferred = Q.defer();
var token;
var userData = {
name: 'alan turing',
email: (userCounter++) +'@headlondon.com',
password: 'password',
role: role
};
function createUser(done) {
var user = new User(userData);
user.save(function(err) {
if (err) return done(err);
return done();
});
}
function deleteUser(done) {
User.remove({email: userData.email}, function(err) {
if (err) return done(err);
done();
});
};
function getToken(done) {
agent
.post('/auth/local')
.send(userData)
.expect(200)
.expect('Content-Type', /json/)
.end(function(err, res) {
token = res.body.token;
deferred.resolve();
done();
});
return deferred.promise;
}
return {
authorize: function() {
before(function(done) {
createUser(done);
});
before(function(done) {
getToken(done).then(function() {
done();
});
})
},
getData: function() {
var deferred = Q.defer();
User.findOne({
email: userData.email
})
.exec(function(err, user) {
deferred.resolve(user);
});
return deferred.promise;
},
deleteUser: function(done) {
return deleteUser(done);
},
token: function() {
return token;
},
get: function(url) {
return agent.get(url).set('authorization', 'Bearer ' + token);
},
post: function(url) {
return agent.post(url).set('authorization', 'Bearer ' + token);
},
put: function(url) {
return agent.put(url).set('authorization', 'Bearer ' + token);
},
delete: function(url) {
return agent.delete(url).set('authorization', 'Bearer ' + token);
}
}
}
module.exports = function(role) {
return new Authed(role);
}
Raw
users.spec.js
/**
* example usage
*/
'use strict';
var should = require('should');
var app = require('../../app');
var request = require('supertest');
// create two users with different permissions
var admin = require('../../auth/authed-agent')('admin'); <--- (1a) create an admin user
var user = require('../../auth/authed-agent')('user'); <--- (1b) create a standard user
describe('API: /api/users', function() {
// log our users in
admin.authorize(); <--- (2a) log in (authorize) admin user
user.authorize(); <--- (2b) log in (authorize) standard user
it('GET: should respond with an unauthorized error for an unauthorized user', function(done) {
request(app) <--- (3a) example request with no authorization
.get('/api/users')
.expect(401)
.end(function(err, res) {
if (err) return done(err);
done();
});
});
it('GET: should respond with a forbidden error for an unauthorized user', function(done) {
user <--- (3b) example request insufficient authorization
.get('/api/users')
.expect(403)
.end(function(err, res) {
if (err) return done(err);
done();
});
});
it('GET: should respond with JSON array for an authorized admin user', function(done) {
admin <--- (3c) example request required authorization
.get('/api/users')
.expect(200)
.end(function(err, res) {
if (err) return done(err);
res.body.should.be.instanceof(Array);
done();
});
});
it('POST: should respond with token', function(done) {
request(app)
.post('/api/users')
.send({
email: '[email protected]',
password: 'password'
})
.expect(200)
.end(function(err, res) {
if (err) return done(err);
res.body.should.have.property('token');
done();
});
});
})
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment