barbercollie/ReadMeABook
1
0
Fork 1
mirror of https://github.com/kikootwo/ReadMeABook.git synced 2026-06-03 12:50:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

test(auth): add tests for token authentication

Browse Source
This commit is contained in:
Orvanix
2026-03-12 12:20:41 +00:00
parent 6af15b9622
commit b20673e7ea
2 changed files with 179 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/api/admin-login-token.routes.test.ts
+106
View File
@@ -0,0 +1,106 @@
/**
* Component: Admin User Login Token Tests
* Documentation: documentation/testing.md
*/
import { beforeEach, describe, expect, it, vi } from 'vitest';
import { createPrismaMock } from '../helpers/prisma';
let authRequest: any;
const prismaMock = createPrismaMock();
const requireAuthMock = vi.hoisted(() => vi.fn());
const requireAdminMock = vi.hoisted(() => vi.fn());
const generateApiTokenMock = vi.hoisted(() => vi.fn());
vi.mock('@/lib/db', () => ({
prisma: prismaMock,
}));
vi.mock('@/lib/middleware/auth', () => ({
requireAuth: requireAuthMock,
requireAdmin: requireAdminMock,
}));
vi.mock('@/lib/utils/api-token', () => ({
generateApiToken: generateApiTokenMock,
}));
describe('Admin login token routes', () => {
beforeEach(() => {
vi.clearAllMocks();
authRequest = { user: { id: 'admin-1', username: 'admin', role: 'admin' }, json: vi.fn() };
requireAuthMock.mockImplementation((_req: any, handler: any) => handler(authRequest));
requireAdminMock.mockImplementation((_req: any, handler: any) => handler());
generateApiTokenMock.mockReturnValue({ fullToken: 'rmab_test_token' });
});
describe('POST /api/admin/users/[id]/login-token', () => {
it('generates a login token for an active user', async () => {
prismaMock.user.findUnique.mockResolvedValueOnce({
plexUsername: 'testuser',
deletedAt: null,
});
prismaMock.user.update.mockResolvedValueOnce({});
const { POST } = await import('@/app/api/admin/users/[id]/login-token/route');
const response = await POST({} as any, { params: Promise.resolve({ id: 'u1' }) });
const payload = await response.json();
expect(response.status).toBe(201);
expect(payload.fullToken).toBe('rmab_test_token');
});
it('returns 404 when user does not exist', async () => {
prismaMock.user.findUnique.mockResolvedValueOnce(null);
const { POST } = await import('@/app/api/admin/users/[id]/login-token/route');
const response = await POST({} as any, { params: Promise.resolve({ id: 'missing' }) });
const payload = await response.json();
expect(response.status).toBe(404);
expect(payload.error).toMatch(/User not found/);
});
it('returns 403 when user is deleted', async () => {
prismaMock.user.findUnique.mockResolvedValueOnce({
plexUsername: 'deleteduser',
deletedAt: new Date(),
});
const { POST } = await import('@/app/api/admin/users/[id]/login-token/route');
const response = await POST({} as any, { params: Promise.resolve({ id: 'u2' }) });
const payload = await response.json();
expect(response.status).toBe(403);
expect(payload.error).toMatch(/deleted user/);
});
});
describe('DELETE /api/admin/users/[id]/login-token', () => {
it('revokes the login token for a user', async () => {
prismaMock.user.findUnique.mockResolvedValueOnce({
plexUsername: 'testuser',
});
prismaMock.user.update.mockResolvedValueOnce({});
const { DELETE } = await import('@/app/api/admin/users/[id]/login-token/route');
const response = await DELETE({} as any, { params: Promise.resolve({ id: 'u1' }) });
const payload = await response.json();
expect(response.status).toBe(200);
expect(payload.success).toBe(true);
});
it('returns 404 when user does not exist', async () => {
prismaMock.user.findUnique.mockResolvedValueOnce(null);
const { DELETE } = await import('@/app/api/admin/users/[id]/login-token/route');
const response = await DELETE({} as any, { params: Promise.resolve({ id: 'missing' }) });
const payload = await response.json();
expect(response.status).toBe(404);
expect(payload.error).toMatch(/User not found/);
});
});
});