1- import {
2- sealData as ironSessionSeal ,
3- unsealData as ironSessionUnseal ,
4- } from 'iron-session' ;
51import { SessionEncryption } from './ironWebcryptoEncryption.js' ;
6- import ironSessionEncryption from './ironSessionEncryption.js' ;
72
83const testPassword = 'this-is-a-test-password-that-is-32-characters-long!' ;
94const testData = {
105 userId : '123' ,
116 email : 'test@example.com' ,
12- timestamp : Date . now ( ) ,
137} ;
148
159describe ( 'ironWebcryptoEncryption' , ( ) => {
1610 const encryption = new SessionEncryption ( ) ;
1711
18- describe ( 'cross-compatibility with iron-session' , ( ) => {
19- it ( 'can unseal data sealed by iron-session' , async ( ) => {
20- const sealed = await ironSessionSeal ( testData , {
21- password : testPassword ,
22- } ) ;
23-
24- const unsealed = await encryption . unsealData ( sealed , {
25- password : testPassword ,
26- } ) ;
27-
28- expect ( unsealed ) . toEqual ( testData ) ;
29- } ) ;
30-
31- it ( 'produces data that iron-session can unseal' , async ( ) => {
32- const sealed = await encryption . sealData ( testData , {
33- password : testPassword ,
34- } ) ;
35-
36- const unsealed = await ironSessionUnseal ( sealed , {
37- password : testPassword ,
38- } ) ;
39-
40- expect ( unsealed ) . toEqual ( testData ) ;
41- } ) ;
42-
43- it ( 'handles version 2 tokens correctly' , async ( ) => {
12+ describe ( 'seal/unseal' , ( ) => {
13+ it ( 'round-trips data correctly' , async ( ) => {
4414 const sealed = await encryption . sealData ( testData , {
4515 password : testPassword ,
4616 } ) ;
47-
48- expect ( sealed ) . toMatch ( / ~ 2 $ / ) ;
49-
5017 const unsealed = await encryption . unsealData ( sealed , {
5118 password : testPassword ,
5219 } ) ;
53- expect ( unsealed ) . toEqual ( testData ) ;
54- } ) ;
55-
56- it ( 'handles legacy tokens without version' , async ( ) => {
57- const legacySealed = await ironSessionSeal ( testData , {
58- password : testPassword ,
59- } ) ;
60- const sealWithoutVersion = legacySealed . split ( '~' ) [ 0 ] ! ;
61-
62- const unsealed = await encryption . unsealData ( sealWithoutVersion , {
63- password : testPassword ,
64- } ) ;
6520
6621 expect ( unsealed ) . toEqual ( testData ) ;
6722 } ) ;
68- } ) ;
6923
70- describe ( 'basic functionality' , ( ) => {
71- it ( 'seals and unseals data correctly' , async ( ) => {
24+ it ( 'produces version 2 tokens' , async ( ) => {
7225 const sealed = await encryption . sealData ( testData , {
7326 password : testPassword ,
7427 } ) ;
75- const unsealed = await encryption . unsealData ( sealed , {
76- password : testPassword ,
77- } ) ;
7828
79- expect ( unsealed ) . toEqual ( testData ) ;
29+ expect ( sealed ) . toMatch ( / ~ 2 $ / ) ;
8030 } ) ;
8131
8232 it ( 'handles TTL parameter' , async ( ) => {
@@ -99,27 +49,15 @@ describe('ironWebcryptoEncryption', () => {
9949 encryption . unsealData ( sealed , { password : wrongPassword } ) ,
10050 ) . rejects . toThrow ( ) ;
10151 } ) ;
102- } ) ;
103-
104- describe ( 'compatibility with ironSessionEncryption export' , ( ) => {
105- it ( 'can unseal data sealed by ironSessionEncryption' , async ( ) => {
106- const sealed = await ironSessionEncryption . sealData ( testData , {
107- password : testPassword ,
108- } ) ;
109-
110- const unsealed = await encryption . unsealData ( sealed , {
111- password : testPassword ,
112- } ) ;
113-
114- expect ( unsealed ) . toEqual ( testData ) ;
115- } ) ;
11652
117- it ( 'produces data that ironSessionEncryption can unseal ' , async ( ) => {
53+ it ( 'unseals tokens without version suffix (v1 format) ' , async ( ) => {
11854 const sealed = await encryption . sealData ( testData , {
11955 password : testPassword ,
12056 } ) ;
57+ // Strip the ~2 version suffix to simulate legacy token
58+ const legacySealed = sealed . replace ( / ~ 2 $ / , '' ) ;
12159
122- const unsealed = await ironSessionEncryption . unsealData ( sealed , {
60+ const unsealed = await encryption . unsealData ( legacySealed , {
12361 password : testPassword ,
12462 } ) ;
12563
0 commit comments