chore: add test for loginSuccessHandler

andypols · andypols · commit e65d42edc8bd · 2025-07-10T10:41:06.000+01:00
diff --git a/src/service/routes/auth.js b/src/service/routes/auth.js
@@ -47,6 +47,25 @@ const getLoginStrategy = () => {
   return enabledAppropriateLoginStrategies[0].type.toLowerCase();
 };
 
+const loginSuccessHandler = () => async (req, res) => {
+  try {
+    const currentUser = { ...req.user };
+    delete currentUser.password;
+    console.log(
+      `serivce.routes.auth.login: user logged in, username=${
+        currentUser.username
+      } profile=${JSON.stringify(currentUser)}`,
+    );
+    res.send({
+      message: 'success',
+      user: toPublicUser(currentUser),
+    });
+  } catch (e) {
+    console.log(`service.routes.auth.login: Error logging user in ${JSON.stringify(e)}`);
+    res.status(500).send('Failed to login').end();
+  }
+};
+
 // TODO: provide separate auth endpoints for each auth strategy or chain compatibile auth strategies
 // TODO: if providing separate auth methods, inform the frontend so it has relevant UI elements and appropriate client-side behavior
 router.post(
@@ -60,25 +79,7 @@ router.post(
     console.log('going to auth with', authType);
     return passport.authenticate(authType)(req, res, next);
   },
-  async (req, res) => {
-    try {
-      const currentUser = { ...req.user };
-      delete currentUser.password;
-      console.log(
-        `serivce.routes.auth.login: user logged in, username=${
-          currentUser.username
-        } profile=${JSON.stringify(currentUser)}`,
-      );
-      res.send({
-        message: 'success',
-        user: toPublicUser(currentUser),
-      });
-    } catch (e) {
-      console.log(`service.routes.auth.login: Error logging user in ${JSON.stringify(e)}`);
-      res.status(500).send('Failed to login').end();
-      return;
-    }
-  },
+  loginSuccessHandler(),
 );
 
 router.get('/oidc', passport.authenticate(authStrategies['openidconnect'].type));
@@ -162,4 +163,8 @@ router.get('/me', async (req, res) => {
     res.status(401).end();
   }
 });
-module.exports = router;
+
+module.exports = {
+  router,
+  loginSuccessHandler
+};
diff --git a/src/service/routes/index.js b/src/service/routes/index.js
@@ -10,7 +10,7 @@ const jwtAuthHandler = require('../passport/jwtAuthHandler');
 const router = new express.Router();
 
 router.use('/api', home);
-router.use('/api/auth', auth);
+router.use('/api/auth', auth.router);
 router.use('/api/v1/healthcheck', healthcheck);
 router.use('/api/v1/push', jwtAuthHandler(), push);
 router.use('/api/v1/repo', jwtAuthHandler(), repo);
diff --git a/test/services/routes/auth.test.js b/test/services/routes/auth.test.js
@@ -2,7 +2,7 @@ const chai = require('chai');
 const chaiHttp = require('chai-http');
 const sinon = require('sinon');
 const express = require('express');
-const authRouter = require('../../../src/service/routes/auth');
+const { router, loginSuccessHandler } = require('../../../src/service/routes/auth');
 const db = require('../../../src/db');
 
 const { expect } = chai;
@@ -19,7 +19,7 @@ const newApp = (username) => {
     });
   }
 
-  app.use('/auth', authRouter);
+  app.use('/auth', router);
   return app;
 };
 
@@ -28,6 +28,36 @@ describe('Auth API', function () {
     sinon.restore();
   });
 
+  describe('loginSuccessHandler', function () {
+    it('should log in user and return public user data', async function () {
+      const user = {
+        username: 'bob',
+        password: 'secret',
+        email: 'bob@example.com',
+        displayName: 'Bob',
+      };
+
+      const res = {
+        send: sinon.spy(),
+      };
+
+      await loginSuccessHandler()({ user }, res);
+
+      expect(res.send.calledOnce).to.be.true;
+      expect(res.send.firstCall.args[0]).to.deep.equal({
+        message: 'success',
+        user: {
+          admin: false,
+          displayName: 'Bob',
+          email: 'bob@example.com',
+          gitAccount: '',
+          title: '',
+          username: 'bob',
+        },
+      });
+    });
+  });
+
   describe('/me', function () {
     it('GET /me returns Unauthorized if authenticated user not in request', async () => {
       const res = await chai.request(newApp()).get('/auth/me');
