Add admin api authentication function

2025-03-01 10:36:34 +00:00 · 2020-02-26 12:59:40 +09:00
parent 4f9395e881
commit bba6855872
5 changed files with 112 additions and 4 deletions
--- a/test/unit/@node-red/editor-api/lib/auth/strategies_spec.js
+++ b/test/unit/@node-red/editor-api/lib/auth/strategies_spec.js
@@ -129,6 +129,38 @@ describe("api/auth/strategies", function() {
        })
    });

+    describe("Tokens Strategy", function() {
+        it('Succeeds if tokens user enabled',function(done) {
+            var userDefault = sinon.stub(Users,"tokens",function(token) {
+                return when.resolve("tokens-"+token);
+            });
+            strategies.tokensStrategy._success = strategies.tokensStrategy.success;
+            strategies.tokensStrategy.success = function(user) {
+                user.should.equal("tokens-1234");
+                strategies.tokensStrategy.success = strategies.tokensStrategy._success;
+                delete strategies.tokensStrategy._success;
+                done();
+            };
+            strategies.tokensStrategy.authenticate({headers:{"authorization":"1234"}});
+        });
+        it('Fails if tokens user not enabled',function(done) {
+            var userDefault = sinon.stub(Users,"tokens",function() {
+                return when.resolve(null);
+            });
+            strategies.tokensStrategy._fail = strategies.tokensStrategy.fail;
+            strategies.tokensStrategy.fail = function(err) {
+                err.should.equal(401);
+                strategies.tokensStrategy.fail = strategies.tokensStrategy._fail;
+                delete strategies.tokensStrategy._fail;
+                done();
+            };
+            strategies.tokensStrategy.authenticate({headers:{"authorization":"1234"}});
+        });
+        afterEach(function() {
+            Users.tokens.restore();
+        })
+    });
+
    describe("Bearer Strategy", function() {
        it('Rejects invalid token',function(done) {
            var getToken = sinon.stub(Tokens,"get",function(token) {
--- a/test/unit/@node-red/editor-api/lib/auth/users_spec.js
+++ b/test/unit/@node-red/editor-api/lib/auth/users_spec.js
@@ -227,4 +227,47 @@ describe("api/auth/users", function() {
            });
        });
    });
+
+    describe('Initialised with tokens set as function',function() {
+        before(function() {
+            Users.init({
+                type:"strategy",
+                tokens: function(token) { return("Done-"+token); }
+            });
+        });
+        after(function() {
+            Users.init({});
+        });
+        describe('#tokens',function() {
+            it('handles api.tokens being a function',function(done) {
+                Users.should.have.property('tokens').which.is.a.Function();
+                (Users.tokens("1234")).should.equal("Done-1234");
+                (Users.tokenHeader()).should.equal("authorization");
+                done();
+            });
+        });
+    });
+
+    describe('Initialised with tokens set as function and tokenHeader set as token header name',function() {
+        before(function() {
+            Users.init({
+                type:"strategy",
+                tokens: function(token) { return("Done-"+token); },
+                tokenHeader: "X-TEST-TOKEN"
+            });
+        });
+        after(function() {
+            Users.init({});
+        });
+        describe('#tokens',function() {
+            it('handles api.tokens being a function and api.tokenHeader being a header name',function(done) {
+                Users.should.have.property('tokens').which.is.a.Function();
+                (Users.tokens("1234")).should.equal("Done-1234");
+                Users.should.have.property('tokenHeader').which.is.a.Function();
+                (Users.tokenHeader()).should.equal("x-test-token");
+                done();
+            });
+        });
+    });
+
 });