joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4ac4b7f71002ed4fbedbb901db1f6ed1e9ac5559
kami-parse-server/spec/RevocableSessionsUpgrade.spec.js
Diamond Lewis e6ac3b6932 fix(prettier): Properly handle lint-stage files (#6970) 
Now handles top level files and recursive files in folders.

Set max line length to be 100
2020-10-25 15:06:58 -05:00

140 lines
3.8 KiB
JavaScript
Raw Blame History

const Config = require('../lib/Config');
const sessionToken = 'legacySessionToken';
const request = require('../lib/request');
const Parse = require('parse/node');
function createUser() {
const config = Config.get(Parse.applicationId);
const user = {
objectId: '1234567890',
username: 'hello',
password: 'pass',
_session_token: sessionToken,
};
return config.database.create('_User', user);
}
describe_only_db('mongo')('revocable sessions', () => {
beforeEach(done => {
// Create 1 user with the legacy
createUser().then(done);
});
it('should upgrade legacy session token', done => {
const user = Parse.Object.fromJSON({
className: '_User',
objectId: '1234567890',
sessionToken: sessionToken,
});
user
._upgradeToRevocableSession()
.then(res => {
expect(res.getSessionToken().indexOf('r:')).toBe(0);
const config = Config.get(Parse.applicationId);
// use direct access to the DB to make sure we're not
// getting the session token stripped
return config.database
.loadSchema()
.then(schemaController => {
return schemaController.getOneSchema('_User', true);
})
.then(schema => {
return config.database.adapter.find('_User', schema, { objectId: '1234567890' }, {});
})
.then(results => {
expect(results.length).toBe(1);
expect(results[0].sessionToken).toBeUndefined();
});
})
.then(
() => {
done();
},
err => {
jfail(err);
done();
}
);
});
it('should be able to become with revocable session token', done => {
const user = Parse.Object.fromJSON({
className: '_User',
objectId: '1234567890',
sessionToken: sessionToken,
});
user
._upgradeToRevocableSession()
.then(res => {
expect(res.getSessionToken().indexOf('r:')).toBe(0);
return Parse.User.logOut()
.then(() => {
return Parse.User.become(res.getSessionToken());
})
.then(user => {
expect(user.id).toEqual('1234567890');
});
})
.then(
() => {
done();
},
err => {
jfail(err);
done();
}
);
});
it('should not upgrade bad legacy session token', done => {
request({
method: 'POST',
url: Parse.serverURL + '/upgradeToRevocableSession',
headers: {
'X-Parse-Application-Id': Parse.applicationId,
'X-Parse-Rest-API-Key': 'rest',
'X-Parse-Session-Token': 'badSessionToken',
},
})
.then(
() => {
fail('should not be able to upgrade a bad token');
},
response => {
expect(response.status).toBe(400);
expect(response.data).not.toBeUndefined();
expect(response.data.code).toBe(Parse.Error.INVALID_SESSION_TOKEN);
expect(response.data.error).toEqual('invalid legacy session token');
}
)
.then(() => {
done();
});
});
it('should not crash without session token #2720', done => {
request({
method: 'POST',
url: Parse.serverURL + '/upgradeToRevocableSession',
headers: {
'X-Parse-Application-Id': Parse.applicationId,
'X-Parse-Rest-API-Key': 'rest',
},
})
.then(
() => {
fail('should not be able to upgrade a bad token');
},
response => {
expect(response.status).toBe(404);
expect(response.data).not.toBeUndefined();
expect(response.data.code).toBe(Parse.Error.OBJECT_NOT_FOUND);
expect(response.data.error).toEqual('invalid session');
}
)
.then(() => {
done();
});
});
});
Reference in New Issue View Git Blame Copy Permalink