Files
insforge--insforge/backend/tests/unit/auth-api-key-middleware.test.ts
wehub-resource-sync 3a28426bf4
Lint and Format Check / lint-and-format (push) Failing after 0s
Check Migrations / Check for duplicate migration numbers (push) Failing after 1s
CI Pre-merge Check / CI Pre-merge Check (push) Failing after 2m17s
chore: import upstream snapshot with attribution
2026-07-13 12:23:40 +08:00

70 lines
2.1 KiB
TypeScript

import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
import type { NextFunction, Response } from 'express';
import type { AuthRequest } from '../../src/api/middlewares/auth';
const { mockVerifyApiKey } = vi.hoisted(() => ({
mockVerifyApiKey: vi.fn<(apiKey: string) => Promise<boolean>>(),
}));
vi.mock('@/services/secrets/secret.service.js', () => ({
SecretService: {
getInstance: () => ({
verifyApiKey: mockVerifyApiKey,
}),
},
}));
async function loadAuthMiddleware() {
vi.stubEnv('JWT_SECRET', 'test-secret-long-enough-for-signing-32chars');
return import('../../src/api/middlewares/auth');
}
describe('verifyApiKey', () => {
beforeEach(() => {
vi.resetModules();
mockVerifyApiKey.mockReset();
});
afterEach(() => {
vi.unstubAllEnvs();
});
it('sets hasApiKey only after the API key is verified', async () => {
mockVerifyApiKey.mockResolvedValue(true);
const { verifyApiKey } = await loadAuthMiddleware();
const req = {
headers: {
authorization: 'Bearer ik_valid',
},
} as AuthRequest;
const next = vi.fn() as NextFunction;
await verifyApiKey(req, {} as Response, next);
expect(mockVerifyApiKey).toHaveBeenCalledWith('ik_valid');
expect(req.authenticated).toBe(true);
expect(req.hasApiKey).toBe(true);
expect(Object.prototype.hasOwnProperty.call(req, 'apiKey')).toBe(false);
expect(next).toHaveBeenCalledWith();
});
it('does not set hasApiKey when API key verification fails', async () => {
mockVerifyApiKey.mockResolvedValue(false);
const { verifyApiKey } = await loadAuthMiddleware();
const req = {
headers: {
'x-api-key': 'ik_invalid',
},
} as unknown as AuthRequest;
const next = vi.fn() as NextFunction;
await verifyApiKey(req, {} as Response, next);
expect(mockVerifyApiKey).toHaveBeenCalledWith('ik_invalid');
expect(req.authenticated).toBeUndefined();
expect(req.hasApiKey).toBeUndefined();
expect(next).toHaveBeenCalledTimes(1);
expect(next).toHaveBeenCalledWith(expect.objectContaining({ statusCode: 401 }));
});
});