arkay/bookmarksite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
bookmarksite/backend/tests/test-middleware.js
Rainer Koschnick 29592c7fc8 WIP
2025-07-20 20:43:06 +02:00

109 lines
3.2 KiB
JavaScript
Raw Permalink Blame History

/**
* Basic test to verify middleware functionality
*/
require('dotenv').config();
// Set a test JWT secret if not set
if (!process.env.JWT_SECRET) {
process.env.JWT_SECRET = 'test-secret-key-for-middleware-testing';
}
const jwt = require('jsonwebtoken');
const middleware = require('./src/middleware');
console.log('Testing middleware imports...');
// Test 1: Check if all middleware functions are exported
const expectedMiddleware = [
'authenticateToken',
'optionalAuth',
'authLimiter',
'passwordResetLimiter',
'apiLimiter',
'registrationLimiter',
'securityHeaders',
'corsConfig',
'securityLogger',
'sanitizeInput',
'requireBookmarkOwnership',
'requireSelfAccess',
'addUserContext',
'validateBookmarkData',
'requireAdmin',
'logAuthorizationEvents',
'checkBulkBookmarkOwnership'
];
let allExported = true;
expectedMiddleware.forEach(name => {
if (typeof middleware[name] !== 'function') {
console.error(`❌ Missing or invalid middleware: ${name}`);
allExported = false;
}
});
if (allExported) {
console.log('✅ All middleware functions exported correctly');
} else {
console.log('❌ Some middleware functions are missing');
process.exit(1);
}
// Test 2: Test JWT authentication middleware
console.log('\nTesting JWT authentication middleware...');
// Create a test token
const testUser = { userId: 'test-user-123', email: 'test@example.com' };
const testToken = jwt.sign(testUser, process.env.JWT_SECRET, { expiresIn: '1h' });
// Mock request and response objects
const mockReq = {
cookies: { authToken: testToken },
headers: {}
};
const mockRes = {
status: (code) => ({
json: (data) => {
console.log(`Response: ${code}`, data);
return mockRes;
}
})
};
const mockNext = () => {
console.log('✅ Authentication middleware passed - user authenticated');
console.log('User data:', mockReq.user);
};
// Test valid token
middleware.authenticateToken(mockReq, mockRes, mockNext);
// Test 3: Test rate limiting middleware structure
console.log('\nTesting rate limiting middleware structure...');
const rateLimiters = ['authLimiter', 'passwordResetLimiter', 'apiLimiter', 'registrationLimiter'];
rateLimiters.forEach(limiter => {
if (typeof middleware[limiter] === 'function') {
console.log(`${limiter} is properly configured`);
} else {
console.log(`${limiter} is not properly configured`);
}
});
// Test 4: Test security headers middleware
console.log('\nTesting security headers middleware...');
if (typeof middleware.securityHeaders === 'function') {
console.log('✅ Security headers middleware is properly configured');
} else {
console.log('❌ Security headers middleware is not properly configured');
}
console.log('\n🎉 Middleware testing completed successfully!');
console.log('\nMiddleware components implemented:');
console.log('- JWT token validation for protected routes');
console.log('- Rate limiting for authentication endpoints');
console.log('- Security headers using helmet.js');
console.log('- User authorization for bookmark operations');
console.log('- Additional security features (CORS, input sanitization, logging)');
Reference in New Issue View Git Blame Copy Permalink