msw: Implement PUT /api/v1/me/tokens request handler

Author: Turbo87

packages/crates-io-msw/handlers/api-tokens.js

@@ -0,0 +1,3 @@
+import createToken from './api-tokens/create.js';
+
+export default [createToken];

packages/crates-io-msw/handlers/api-tokens/create.js

@@ -0,0 +1,27 @@
+import { http, HttpResponse } from 'msw';
+
+import { db } from '../../index.js';
+import { serializeApiToken } from '../../serializers/api-token.js';
+import { getSession } from '../../utils/session.js';
+
+export default http.put('/api/v1/me/tokens', async ({ request }) => {
+  let { user } = getSession();
+  if (!user) {
+    return HttpResponse.json({ errors: [{ detail: 'must be logged in to perform that action' }] }, { status: 403 });
+  }
+
+  let json = await request.json();
+
+  let token = db.apiToken.create({
+    user,
+    name: json.api_token.name,
+    crateScopes: json.api_token.crate_scopes ?? null,
+    endpointScopes: json.api_token.endpoint_scopes ?? null,
+    expiredAt: json.api_token.expired_at ?? null,
+    createdAt: new Date().toISOString(),
+  });
+
+  return HttpResponse.json({
+    api_token: serializeApiToken(token, { includeToken: true }),
+  });
+});

packages/crates-io-msw/handlers/api-tokens/create.test.js

@@ -0,0 +1,110 @@
+import { afterEach, assert, beforeEach, test, vi } from 'vitest';
+
+import { db } from '../../index.js';
+
+beforeEach(() => {
+  vi.useFakeTimers();
+  vi.setSystemTime(new Date('2017-11-20T11:23:45Z'));
+});
+
+afterEach(() => {
+  vi.restoreAllMocks();
+});
+
+test('creates a new API token', async function () {
+  let user = db.user.create();
+  db.mswSession.create({ user });
+
+  let body = JSON.stringify({ api_token: { name: 'foooo' } });
+  let response = await fetch('/api/v1/me/tokens', { method: 'PUT', body });
+  assert.strictEqual(response.status, 200);
+
+  let token = db.apiToken.findMany({})[0];
+  assert.ok(token);
+
+  assert.deepEqual(await response.json(), {
+    api_token: {
+      id: 1,
+      crate_scopes: null,
+      created_at: '2017-11-20T11:23:45.000Z',
+      endpoint_scopes: null,
+      expired_at: null,
+      last_used_at: null,
+      name: 'foooo',
+      revoked: false,
+      token: token.token,
+    },
+  });
+});
+
+test('creates a new API token with scopes', async function () {
+  let user = db.user.create();
+  db.mswSession.create({ user });
+
+  let body = JSON.stringify({
+    api_token: {
+      name: 'foooo',
+      crate_scopes: ['serde', 'serde-*'],
+      endpoint_scopes: ['publish-update'],
+    },
+  });
+  let response = await fetch('/api/v1/me/tokens', { method: 'PUT', body });
+  assert.strictEqual(response.status, 200);
+
+  let token = db.apiToken.findMany({})[0];
+  assert.ok(token);
+
+  assert.deepEqual(await response.json(), {
+    api_token: {
+      id: 1,
+      crate_scopes: ['serde', 'serde-*'],
+      created_at: '2017-11-20T11:23:45.000Z',
+      endpoint_scopes: ['publish-update'],
+      expired_at: null,
+      last_used_at: null,
+      name: 'foooo',
+      revoked: false,
+      token: token.token,
+    },
+  });
+});
+
+test('creates a new API token with expiry date', async function () {
+  let user = db.user.create();
+  db.mswSession.create({ user });
+
+  let body = JSON.stringify({
+    api_token: {
+      name: 'foooo',
+      expired_at: '2023-12-24T12:34:56Z',
+    },
+  });
+  let response = await fetch('/api/v1/me/tokens', { method: 'PUT', body });
+  assert.strictEqual(response.status, 200);
+
+  let token = db.apiToken.findMany({})[0];
+  assert.ok(token);
+
+  assert.deepEqual(await response.json(), {
+    api_token: {
+      id: 1,
+      crate_scopes: null,
+      created_at: '2017-11-20T11:23:45.000Z',
+      endpoint_scopes: null,
+      expired_at: '2023-12-24T12:34:56.000Z',
+      last_used_at: null,
+      name: 'foooo',
+      revoked: false,
+      token: token.token,
+    },
+  });
+});
+
+test('returns an error if unauthenticated', async function () {
+  let body = JSON.stringify({ api_token: {} });
+  let response = await fetch('/api/v1/me/tokens', { method: 'PUT', body });
+  assert.strictEqual(response.status, 403);
+  assert.deepEqual(await response.json(), {
+    errors: [{ detail: 'must be logged in to perform that action' }],
+  });
+});

packages/crates-io-msw/index.js

@@ -1,3 +1,4 @@
+import apiTokenHandlers from './handlers/api-tokens.js';
 import categoryHandlers from './handlers/categories.js';
 import docsRsHandlers from './handlers/docs-rs.js';
 import inviteHandlers from './handlers/invites.js';
@@ -21,6 +22,7 @@ import version from './models/version.js';
 import { factory } from './utils/factory.js';
 
 export const handlers = [
+  ...apiTokenHandlers,
   ...categoryHandlers,
   ...docsRsHandlers,
   ...inviteHandlers,