Merge pull request #289 from KunalKapadia/develop

Develop to Master

Author: kunalkapadia

package.json

@@ -12,6 +12,7 @@
   },
   "scripts": {
     "start": "gulp serve",
+    "start:debug": "cross-env DEBUG=express-mongoose-es6-rest-api:* yarn start",
     "build": "gulp",
     "lint": "esw *.js server config --color",
     "lint:watch": "yarn lint -- --watch",

server/controllers/auth.controller.js

@@ -1,8 +1,7 @@
 import jwt from 'jsonwebtoken';
 import httpStatus from 'http-status';
 import APIError from '../helpers/APIError';
-
-const config = require('../../config/env');
+import config from '../../config/env';
 
 // sample user, used for authentication
 const user = {
@@ -30,7 +29,7 @@ function login(req, res, next) {
     });
   }
 
-  const err = new APIError('Authentication error', httpStatus.UNAUTHORIZED);
+  const err = new APIError('Authentication error', httpStatus.UNAUTHORIZED, true);
   return next(err);
 }
 

server/tests/auth.test.js

@@ -0,0 +1,78 @@
+import request from 'supertest-as-promised';
+import httpStatus from 'http-status';
+import jwt from 'jsonwebtoken';
+import chai, { expect } from 'chai';
+import app from '../../index';
+import config from '../../config/env';
+
+chai.config.includeStack = true;
+
+describe('## Auth APIs', () => {
+  const validUserCredentials = {
+    username: 'react',
+    password: 'express'
+  };
+
+  const invalidUserCredentials = {
+    username: 'react',
+    password: 'IDontKnow'
+  };
+
+  let jwtToken;
+
+  describe('# POST /api/auth/login', () => {
+    it('should return Authentication error', (done) => {
+      request(app)
+        .post('/api/auth/login')
+        .send(invalidUserCredentials)
+        .expect(httpStatus.UNAUTHORIZED)
+        .then((res) => {
+          expect(res.body.message).to.equal('Authentication error');
+          done();
+        })
+        .catch(done);
+    });
+
+    it('should get valid JWT token', (done) => {
+      request(app)
+        .post('/api/auth/login')
+        .send(validUserCredentials)
+        .expect(httpStatus.OK)
+        .then((res) => {
+          expect(res.body).to.have.property('token');
+          jwt.verify(res.body.token, config.jwtSecret, (err, decoded) => {
+            expect(err).to.not.be.ok; // eslint-disable-line no-unused-expressions
+            expect(decoded.username).to.equal(validUserCredentials.username);
+            jwtToken = `Bearer ${res.body.token}`;
+            done();
+          });
+        })
+        .catch(done);
+    });
+  });
+
+  describe('# GET /api/auth/random-number', () => {
+    it('should fail to get random number because of missing Authorization', (done) => {
+      request(app)
+        .get('/api/auth/random-number')
+        .expect(httpStatus.UNAUTHORIZED)
+        .then((res) => {
+          expect(res.body.message).to.equal('Unauthorized');
+          done();
+        })
+        .catch(done);
+    });
+
+    it('should get a random number', (done) => {
+      request(app)
+        .get('/api/auth/random-number')
+        .set('Authorization', jwtToken)
+        .expect(httpStatus.OK)
+        .then((res) => {
+          expect(res.body.num).to.be.a('number');
+          done();
+        })
+        .catch(done);
+    });
+  });
+});