Jackie/rentall-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updating unit and integration tests

Browse Source
This commit is contained in:
jackiettran
2025-12-20 14:59:09 -05:00
parent 4e0a4ef019
commit bd1bd5014c
14 changed files with 2424 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
backend/tests/integration/auth.integration.test.js
View File

@@ -20,6 +20,7 @@ jest.mock('../../middleware/rateLimiter', () => ({
passwordResetRequestLimiter: (req, res, next) => next(),
verifyEmailLimiter: (req, res, next) => next(),
resendVerificationLimiter: (req, res, next) => next(),
emailVerificationLimiter: (req, res, next) => next(),
}));
// Mock CSRF protection for tests
@@ -225,7 +226,7 @@ describe('Auth Integration Tests', () => {
})
.expect(401);
expect(response.body.error).toBe('Invalid credentials');
expect(response.body.error).toBe('Unable to log in. Please check your email and password, or create an account.');
});
it('should reject login with non-existent email', async () => {
@@ -237,7 +238,7 @@ describe('Auth Integration Tests', () => {
})
.expect(401);
expect(response.body.error).toBe('Invalid credentials');
expect(response.body.error).toBe('Unable to log in. Please check your email and password, or create an account.');
});
it('should increment login attempts on failed login', async () => {
@@ -421,7 +422,8 @@ describe('Auth Integration Tests', () => {
describe('POST /auth/verify-email', () => {
let testUser;
let verificationToken;
let verificationCode;
let accessToken;
beforeEach(async () => {
testUser = await createTestUser({
@@ -430,13 +432,21 @@ describe('Auth Integration Tests', () => {
});
await testUser.generateVerificationToken();
await testUser.reload();
verificationToken = testUser.verificationToken;
verificationCode = testUser.verificationToken; // Now a 6-digit code
// Generate access token for authentication
accessToken = jwt.sign(
{ id: testUser.id, email: testUser.email, jwtVersion: testUser.jwtVersion || 0 },
process.env.JWT_ACCESS_SECRET || 'test-access-secret',
{ expiresIn: '15m' }
);
});
it('should verify email with valid token', async () => {
it('should verify email with valid code', async () => {
const response = await request(app)
.post('/auth/verify-email')
.send({ token: verificationToken })
.set('Cookie', `accessToken=${accessToken}`)
.send({ code: verificationCode })
.expect(200);
expect(response.body.message).toBe('Email verified successfully');
@@ -448,13 +458,14 @@ describe('Auth Integration Tests', () => {
expect(testUser.verificationToken).toBeNull();
});
it('should reject verification with invalid token', async () => {
it('should reject verification with invalid code', async () => {
const response = await request(app)
.post('/auth/verify-email')
.send({ token: 'invalid-token' })
.set('Cookie', `accessToken=${accessToken}`)
.send({ code: '000000' })
.expect(400);
expect(response.body.code).toBe('VERIFICATION_TOKEN_INVALID');
expect(response.body.code).toBe('VERIFICATION_INVALID');
});
it('should reject verification for already verified user', async () => {
@@ -463,10 +474,11 @@ describe('Auth Integration Tests', () => {
const response = await request(app)
.post('/auth/verify-email')
.send({ token: verificationToken })
.set('Cookie', `accessToken=${accessToken}`)
.send({ code: verificationCode })
.expect(400);
expect(response.body.code).toBe('VERIFICATION_TOKEN_INVALID');
expect(response.body.code).toBe('ALREADY_VERIFIED');
});
});