| blob | 9a36ea45feb95beddf8a81e4a7e1bae8960b45dc |
1 var app = require('../../examples/auth')
2 var request = require('supertest')
4 function getCookie(res) {
5 return res.headers['set-cookie'][0].split(';')[0];
6 }
8 describe('auth', function(){
9 describe('GET /',function(){
10 it('should redirect to /login', function(done){
11 request(app)
12 .get('/')
13 .expect('Location', '/login')
14 .expect(302, done)
15 })
16 })
18 describe('GET /login',function(){
19 it('should render login form', function(done){
20 request(app)
21 .get('/login')
22 .expect(200, /<form/, done)
23 })
25 it('should display login error', function(done){
26 request(app)
27 .post('/login')
28 .type('urlencoded')
29 .send('username=not-tj&password=foobar')
30 .expect('Location', '/login')
31 .expect(302, function(err, res){
32 if (err) return done(err)
33 request(app)
34 .get('/login')
35 .set('Cookie', getCookie(res))
36 .expect(200, /Authentication failed/, done)
37 })
38 })
39 })
41 describe('GET /logout',function(){
42 it('should redirect to /', function(done){
43 request(app)
44 .get('/logout')
45 .expect('Location', '/')
46 .expect(302, done)
47 })
48 })
50 describe('GET /restricted',function(){
51 it('should redirect to /login without cookie', function(done){
52 request(app)
53 .get('/restricted')
54 .expect('Location', '/login')
55 .expect(302, done)
56 })
58 it('should succeed with proper cookie', function(done){
59 request(app)
60 .post('/login')
61 .type('urlencoded')
62 .send('username=tj&password=foobar')
63 .expect('Location', '/')
64 .expect(302, function(err, res){
65 if (err) return done(err)
66 request(app)
67 .get('/restricted')
68 .set('Cookie', getCookie(res))
69 .expect(200, done)
70 })
71 })
72 })
74 describe('POST /login', function(){
75 it('should fail without proper username', function(done){
76 request(app)
77 .post('/login')
78 .type('urlencoded')
79 .send('username=not-tj&password=foobar')
80 .expect('Location', '/login')
81 .expect(302, done)
82 })
84 it('should fail without proper password', function(done){
85 request(app)
86 .post('/login')
87 .type('urlencoded')
88 .send('username=tj&password=baz')
89 .expect('Location', '/login')
90 .expect(302, done)
91 })
93 it('should succeed with proper credentials', function(done){
94 request(app)
95 .post('/login')
96 .type('urlencoded')
97 .send('username=tj&password=foobar')
98 .expect('Location', '/')
99 .expect(302, done)
100 })
101 })
102 })