Allow set user mapped from JWT directly on request (#6411)

* Use user mapped from JWT for Auth * Add a test for userFromJWT bypass Co-authored-by: Gordon Sun <gordon.sun@pipe17.com>
2020-04-03 15:09:37 -07:00
parent 81b22b21b5
commit b08571774f
2 changed files with 22 additions and 0 deletions
--- a/spec/Middlewares.spec.js
+++ b/spec/Middlewares.spec.js
@@ -356,4 +356,15 @@ describe('middlewares', () => {
      middlewares.DEFAULT_ALLOWED_HEADERS
    );
  });
+
+  it('should use user provided on field userFromJWT', done => {
+    AppCache.put(fakeReq.body._ApplicationId, {
+      masterKey: 'masterKey',
+    });
+    fakeReq.userFromJWT = 'fake-user';
+    middlewares.handleParseHeaders(fakeReq, fakeRes, () => {
+      expect(fakeReq.auth.user).toEqual('fake-user');
+      done();
+    });
+  });
 });