forgejo-lila/lila
1
0
Fork 0
Code Issues 50 Pull requests Projects 1 Releases Packages Wiki Activity Actions

wip

Browse source
This commit is contained in:
lila 2026-05-30 03:47:59 +02:00
parent 37f6a55798
commit d55a1ed648
2 changed files with 104 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apps/api/src/gameSessionStore/GameSessionStore.ts
View file

@ -1,6 +1,6 @@
export type GameSessionData = { export type GameSessionData = {
answers: Map<string, { correctOptionId: number }>; answers: Map<string, { correctOptionId: number }>;
userId: string; userId: string | null;
}; };
export interface GameSessionStore { export interface GameSessionStore {

103
apps/api/src/middleware/authMiddleware.test.ts Normal file
View file

@ -0,0 +1,103 @@
import express from "express";
import request from "supertest";
import { describe, it, expect, vi, beforeEach } from "vitest";
import type { Session, User } from "better-auth";
vi.mock("../lib/auth.js", () => ({ auth: { api: { getSession: vi.fn() } } }));
vi.mock("better-auth/node", () => ({
fromNodeHeaders: vi.fn().mockReturnValue({}),
}));
import { auth } from "../lib/auth.js";
import { requireAuth, optionalAuth } from "./authMiddleware.js";
const mockGetSession = vi.mocked(auth.api.getSession);
function createOptionalAuthApp() {
const app = express();
app.use(optionalAuth);
app.get("/test", (req, res) => {
res
.status(200)
.json({
hasSession: !!req.session,
userId: req.session?.user?.id ?? null,
});
});
return app;
}
describe("optionalAuth", () => {
beforeEach(() => {
vi.clearAllMocks();
});
it("allows the request through when no session exists (guest)", async () => {
mockGetSession.mockResolvedValue(null);
const app = createOptionalAuthApp();
const res = await request(app).get("/test");
expect(res.status).toBe(200);
expect(res.body).toEqual({ hasSession: false, userId: null });
});
it("attaches session to req when user is authenticated", async () => {
mockGetSession.mockResolvedValue({
session: { id: "session-1" } as Session,
user: { id: "user-1" } as User,
});
const app = createOptionalAuthApp();
const res = await request(app).get("/test");
expect(res.status).toBe(200);
expect(res.body).toEqual({ hasSession: true, userId: "user-1" });
});
it("allows the request through even when getSession throws", async () => {
mockGetSession.mockRejectedValue(new Error("auth service down"));
const app = createOptionalAuthApp();
const res = await request(app).get("/test");
expect(res.status).toBe(200);
expect(res.body).toEqual({ hasSession: false, userId: null });
});
});
describe("requireAuth", () => {
beforeEach(() => {
vi.clearAllMocks();
});
it("returns 401 when no session exists", async () => {
mockGetSession.mockResolvedValue(null);
const app = express();
app.use(requireAuth);
app.get("/test", (_req, res) => res.status(200).json({ ok: true }));
const res = await request(app).get("/test");
expect(res.status).toBe(401);
expect(res.body).toEqual({ success: false, error: "Unauthorized" });
});
it("allows the request through when session exists", async () => {
mockGetSession.mockResolvedValue({
session: { id: "session-1" } as Session,
user: { id: "user-1" } as User,
});
const app = express();
app.use(requireAuth);
app.get("/test", (req, res) => {
res.status(200).json({ userId: req.session?.user?.id });
});
const res = await request(app).get("/test");
expect(res.status).toBe(200);
expect(res.body).toEqual({ userId: "user-1" });
});
});