Luke The Dev
49 lines
1.3 KiB
TypeScript
49 lines
1.3 KiB
TypeScript
// @vitest-environment node
|
|
|
|
import { describe, expect, it } from "vitest";
|
|
|
|
describe("createAccessGate", () => {
|
|
it("allows when token is unset", async () => {
|
|
const { createAccessGate } = await import("../../server/access-gate");
|
|
const gate = createAccessGate({ token: "" });
|
|
expect(gate.allowUpgrade({ headers: {} })).toBe(true);
|
|
});
|
|
|
|
it("rejects /api requests without cookie when enabled", async () => {
|
|
const { createAccessGate } = await import("../../server/access-gate");
|
|
const gate = createAccessGate({ token: "abc" });
|
|
|
|
let statusCode = 0;
|
|
let ended = false;
|
|
const res = {
|
|
setHeader: () => {},
|
|
end: () => {
|
|
ended = true;
|
|
},
|
|
get statusCode() {
|
|
return statusCode;
|
|
},
|
|
set statusCode(value: number) {
|
|
statusCode = value;
|
|
},
|
|
};
|
|
|
|
const handled = gate.handleHttp(
|
|
{ url: "/api/studio", headers: { host: "example.test" } },
|
|
res
|
|
);
|
|
|
|
expect(handled).toBe(true);
|
|
expect(statusCode).toBe(401);
|
|
expect(ended).toBe(true);
|
|
});
|
|
|
|
it("allows upgrades when cookie matches", async () => {
|
|
const { createAccessGate } = await import("../../server/access-gate");
|
|
const gate = createAccessGate({ token: "abc" });
|
|
expect(
|
|
gate.allowUpgrade({ headers: { cookie: "studio_access=abc" } })
|
|
).toBe(true);
|
|
});
|
|
});
|