savanni/monorepo
1
0
Fork 0
Code Issues 90 Pull Requests Projects 6 Releases Wiki Activity

Force the password-reset state to Unauthorized on most auth-required routes

Browse Source
This commit is contained in:
Savanni D'Gerinel 2025-02-16 15:54:34 -05:00
parent 41bb21c254
commit 0663a70c97
4 changed files with 15 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
visions/client/Taskfile.yml
View File

@ -13,4 +13,4 @@ tasks:
test: test:
cmds: cmds:
- npx jest src/ - npx jest

3
visions/client/jest.config.js
View File

@ -1,7 +1,8 @@
/** @type {import('ts-jest').JestConfigWithTsJest} **/ /** @type {import('ts-jest').JestConfigWithTsJest} **/
module.exports = { module.exports = {
testEnvironment: "node", testEnvironment: "node",
testMatch: [ "**/*.test.ts" ],
transform: { transform: {
"^.+.tsx?$": ["ts-jest",{}], "^.+.tsx?$": ["ts-jest",{}],
}, },
}; };

19
visions/client/src/client.test.ts
View File

@ -6,7 +6,7 @@ describe('what happens in an authentication', () => {
let response = await client.auth('vakarian', 'aoeu') let response = await client.auth('vakarian', 'aoeu')
expect(response).toEqual({ expect(response).toEqual({
status: 'ok', status: 'ok',
content: 'vakarian-session-id', content: { type: 'success', content: 'vakarian-session-id' },
}) })
}) })
@ -28,8 +28,8 @@ describe('what happens in an authentication', () => {
{ {
let response = await client.auth('shephard', 'aoeu') let response = await client.auth('shephard', 'aoeu')
expect(response).toEqual({ expect(response).toEqual({
status: 'password-reset', status: 'ok',
content: 'shephard-session-id', content: { type: 'password-reset', content: 'shephard-session-id' },
}) })
} }
{ {
@ -42,8 +42,8 @@ describe('what happens in an authentication', () => {
let client = new Connection(new URL('http://127.0.0.1:8001')) let client = new Connection(new URL('http://127.0.0.1:8001'))
{ {
let authResponse = await client.auth('vakarian', 'aoeu') let authResponse = await client.auth('vakarian', 'aoeu')
if (authResponse.status === 'ok') { if (authResponse.status === 'ok' && authResponse.content.type === 'success') {
let sessionId = authResponse.content let sessionId = authResponse.content.content
let response = await client.listUsers(sessionId) let response = await client.listUsers(sessionId)
expect(response).toEqual({ expect(response).toEqual({
status: 'ok', status: 'ok',
@ -74,12 +74,11 @@ describe('what happens in an authentication', () => {
} }
{ {
let authResponse = await client.auth('shephard', 'aoeu') let authResponse = await client.auth('shephard', 'aoeu')
if (authResponse.status === 'password-reset') { if (authResponse.status === 'ok' && authResponse.content.type === 'password-reset') {
let sessionId = authResponse.content let sessionId = authResponse.content.content
let response = await client.listUsers(sessionId) expect(await client.listUsers(sessionId)).toEqual({ status: 'unauthorized' })
expect(response).toEqual({ status: 'unauthorized' })
} else { } else {
throw new Error('authorization should have been password-reset') throw new Error('Authorization shuld have been password-reset')
} }
} }
/* /*

19
visions/client/src/client.ts
View File

@ -1,17 +1,16 @@
import { VResponse, SessionId, UserOverview } from '../gen/types' import { AuthResponse, SessionId, UserOverview } from '../gen/types'
export interface Client { export interface Client {
auth: ( auth: (
username: string, username: string,
password: string, password: string,
) => Promise<ClientResponse<SessionId>> ) => Promise<ClientResponse<AuthResponse<SessionId>>>
listUsers: (sessionId: SessionId) => Promise<ClientResponse<UserOverview[]>> listUsers: (sessionId: SessionId) => Promise<ClientResponse<UserOverview[]>>
} }
export type ClientResponse<A> = export type ClientResponse<A> =
| { status: 'ok'; content: A } | { status: 'ok'; content: A }
| { status: 'password-reset'; content: SessionId }
| { status: 'unauthorized' } | { status: 'unauthorized' }
| { status: 'unexpected'; code: number } | { status: 'unexpected'; code: number }
@ -25,7 +24,7 @@ export class Connection implements Client {
async auth( async auth(
username: string, username: string,
password: string, password: string,
): Promise<ClientResponse<SessionId>> { ): Promise<ClientResponse<AuthResponse<SessionId>>> {
const url = new URL(this.base) const url = new URL(this.base)
url.pathname = `/api/test/auth` url.pathname = `/api/test/auth`
const response = await fetch(url, { const response = await fetch(url, {
@ -35,12 +34,6 @@ export class Connection implements Client {
}) })
if (response.ok) { if (response.ok) {
let resp = await response.json() let resp = await response.json()
switch (resp.type) {
case 'success':
return { status: 'ok', content: resp.content }
case 'password-reset':
return { status: 'password-reset', content: resp.content }
}
return { status: 'ok', content: resp } return { status: 'ok', content: resp }
} else if (response.status == 401) { } else if (response.status == 401) {
return { status: 'unauthorized' } return { status: 'unauthorized' }
@ -60,12 +53,6 @@ export class Connection implements Client {
}) })
if (response.ok) { if (response.ok) {
let resp = await response.json() let resp = await response.json()
switch (resp.type) {
case 'success':
return { status: 'ok', content: resp.content }
case 'password-reset':
return { status: 'password-reset', content: resp.content }
}
return { status: 'ok', content: resp } return { status: 'ok', content: resp }
} else if (response.status == 401) { } else if (response.status == 401) {
return { status: 'unauthorized' } return { status: 'unauthorized' }