test: add initial unit tests (#56)

* chore: add initial db migration * test: add unit tests for packages auth, common, widgets * fix: deep source issues * fix: format issues * wip: add unit tests for api routers * fix: deep source issues * test: add missing unit tests for integration router * wip: board tests * test: add unit tests for board router * fix: remove unnecessary null assertions * fix: deepsource issues * fix: formatting * fix: pnpm lock * fix: lint and typecheck issues * chore: address pull request feedback * fix: non-null assertions * fix: lockfile broken
2024-02-10 19:00:08 +01:00
parent 13aae82790
commit f070a0cb0a
34 changed files with 3014 additions and 129 deletions
--- a/packages/auth/providers/credentials.ts
+++ b/packages/auth/providers/credentials.ts
@@ -1,49 +1,56 @@
 import type Credentials from "@auth/core/providers/credentials";
 import bcrypt from "bcrypt";

-import { db, eq } from "@homarr/db";
+import type { Database } from "@homarr/db";
+import { eq } from "@homarr/db";
 import { users } from "@homarr/db/schema/sqlite";
 import { validation } from "@homarr/validation";

 type CredentialsConfiguration = Parameters<typeof Credentials>[0];

-export const credentialsConfiguration = {
-  type: "credentials",
-  name: "Credentials",
-  credentials: {
-    name: {
-      label: "Username",
-      type: "text",
+export const createCredentialsConfiguration = (db: Database) =>
+  ({
+    type: "credentials",
+    name: "Credentials",
+    credentials: {
+      name: {
+        label: "Username",
+        type: "text",
+      },
+      password: {
+        label: "Password",
+        type: "password",
+      },
    },
-    password: {
-      label: "Password",
-      type: "password",
+    async authorize(credentials) {
+      const data = await validation.user.signIn.parseAsync(credentials);
+
+      const user = await db.query.users.findFirst({
+        where: eq(users.name, data.name),
+      });
+
+      if (!user?.password) {
+        return null;
+      }
+
+      console.log(
+        `user ${user.name} is trying to log in. checking password...`,
+      );
+      const isValidPassword = await bcrypt.compare(
+        data.password,
+        user.password,
+      );
+
+      if (!isValidPassword) {
+        console.log(`password for user ${user.name} was incorrect`);
+        return null;
+      }
+
+      console.log(`user ${user.name} successfully authorized`);
+
+      return {
+        id: user.id,
+        name: user.name,
+      };
    },
-  },
-  async authorize(credentials) {
-    const data = await validation.user.signIn.parseAsync(credentials);
-
-    const user = await db.query.users.findFirst({
-      where: eq(users.name, data.name),
-    });
-
-    if (!user?.password) {
-      return null;
-    }
-
-    console.log(`user ${user.name} is trying to log in. checking password...`);
-    const isValidPassword = await bcrypt.compare(data.password, user.password);
-
-    if (!isValidPassword) {
-      console.log(`password for user ${user.name} was incorrect`);
-      return null;
-    }
-
-    console.log(`user ${user.name} successfully authorized`);
-
-    return {
-      id: user.id,
-      name: user.name,
-    };
-  },
-} satisfies CredentialsConfiguration;
+  }) satisfies CredentialsConfiguration;
--- a/packages/auth/providers/test/credentials.spec.ts
+++ b/packages/auth/providers/test/credentials.spec.ts
@@ -0,0 +1,66 @@
+import { describe, expect, it } from "vitest";
+
+import { createId } from "@homarr/db";
+import { users } from "@homarr/db/schema/sqlite";
+import { createDb } from "@homarr/db/test";
+
+import { createSalt, hashPassword } from "../../security";
+import { createCredentialsConfiguration } from "../credentials";
+
+describe("Credentials authorization", () => {
+  it("should authorize user with correct credentials", async () => {
+    const db = createDb();
+    const userId = createId();
+    const salt = await createSalt();
+    await db.insert(users).values({
+      id: userId,
+      name: "test",
+      password: await hashPassword("test", salt),
+      salt,
+    });
+    const result = await createCredentialsConfiguration(db).authorize({
+      name: "test",
+      password: "test",
+    });
+
+    expect(result).toEqual({ id: userId, name: "test" });
+  });
+
+  const passwordsThatShouldNotAuthorize = [
+    "wrong",
+    "Test",
+    "test ",
+    " test",
+    " test ",
+  ];
+
+  passwordsThatShouldNotAuthorize.forEach((password) => {
+    it(`should not authorize user with incorrect credentials (${password})`, async () => {
+      const db = createDb();
+      const userId = createId();
+      const salt = await createSalt();
+      await db.insert(users).values({
+        id: userId,
+        name: "test",
+        password: await hashPassword("test", salt),
+        salt,
+      });
+      const result = await createCredentialsConfiguration(db).authorize({
+        name: "test",
+        password,
+      });
+
+      expect(result).toBeNull();
+    });
+  });
+
+  it("should not authorize user for not existing user", async () => {
+    const db = createDb();
+    const result = await createCredentialsConfiguration(db).authorize({
+      name: "test",
+      password: "test",
+    });
+
+    expect(result).toBeNull();
+  });
+});