feathers/packages/authentication-local/test/hooks/hash-password.test.ts at 80d1c05633ed48f672e0e52d14501ebf7fabf287 · feathersjs/feathers · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
import assert from 'assert';
import { Application } from '@feathersjs/feathers';

import { hooks } from '../../src';
import { createApplication, ServiceTypes } from '../fixture';

const { hashPassword } = hooks;

describe('@feathersjs/authentication-local/hooks/hash-password', () => {
  let app: Application<ServiceTypes>;

  beforeEach(() => {
    app = createApplication();
  });

  it('throws error when no field provided', () => {
    try {
      // @ts-ignore
      hashPassword();
      assert.fail('Should never get here');
    } catch (error) {
      assert.strictEqual(error.message, 'The hashPassword hook requires a field name option');
    }
  });

  it('errors when authentication service does not exist', async () => {
    delete app.services.authentication;

    try {
      await app.service('users').create({
        email: 'dave@hashpassword.com',
        password: 'supersecret'
      });
      assert.fail('Should never get here');
    } catch (error) {
      assert.strictEqual(error.message,
        'Could not find an authentication service to hash password'
      );
    }
  });

  it('errors when authentication strategy does not exist', async () => {
    delete app.services.authentication.strategies.local;

    try {
      await app.service('users').create({
        email: 'dave@hashpassword.com',
        password: 'supersecret'
      });
      assert.fail('Should never get here');
    } catch (error) {
      assert.strictEqual(error.message,
        'Could not find \'local\' strategy to hash password'
      );
    }
  });

  it('errors when authentication strategy does not exist', async () => {
    const users = app.service('users');

    users.hooks({
      after: {
        create: hashPassword('password')
      }
    });

    try {
      await users.create({
        email: 'dave@hashpassword.com',
        password: 'supersecret'
      });
      assert.fail('Should never get here');
    } catch (error) {
      assert.strictEqual(error.message,
        'The \'hashPassword\' hook should only be used as a \'before\' hook'
      );
    }
  });

  it('hashes password on field', async () => {
    const password = 'supersecret';

    const user = await app.service('users').create({
      email: 'dave@hashpassword.com',
      password
    });

    assert.notStrictEqual(user.password, password);
  });

  it('hashes password on array data', async () => {
    const password = 'supersecret';

    const users = await app.service('users').create([{
      email: 'dave@hashpassword.com',
      password
    }, {
      email: 'dave2@hashpassword.com',
      password: 'secret2'
    }]);

    assert.notStrictEqual(users[0].password, password);
    assert.notStrictEqual(users[1].password, 'secret2');
  });

  it('does nothing when field is not present', async () => {
    const user = await app.service('users').create({
      email: 'dave@hashpassword.com'
    });

    assert.strictEqual(user.password, undefined);
  });
});