/
index.test.js
108 lines (90 loc) · 2.51 KB
/
index.test.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
const supertest = require('supertest');
require('should');
const app = require('./index');
describe('The server', () => {
let request;
beforeEach(() => {
request = supertest.agent(app);
});
it('Login with in-memory datastore works ', async () => {
const { body } = await request
.post('/login')
.send({
username: 'max',
password: 'max',
})
.expect(200);
body.should.match({ username: 'max' });
});
it('Login with in-memory datastore works - negative test', async () => {
await request
.post('/login')
.send({
username: 'invalid',
password: 'invalid',
})
.expect(401);
});
it('Cannot access protected resource when we are not logged in', async () => {
await request
.get('/protected')
.expect(401);
});
it('Can access protected resource when we are logged in', async () => {
await request
.post('/login')
.send({
username: 'max',
password: 'max',
})
.expect(200);
await request
.get('/protected')
.expect(200);
});
describe('Rate limiting', () => {
const asUser = async (username) => {
request = supertest.agent(app);
await request
.post('/login')
.send({
username,
password: username,
})
.expect(200);
return request;
};
const expect200NTimes = async (agent, N) => {
for (let i = 0; i < N; i++) {
await agent.get('/protected').expect(200);
}
};
const expect429 = async (agent) => {
await agent.get('/protected').expect(429);
};
it('Bill has the default limit of 3', async () => {
request = await asUser('bill');
await expect200NTimes(request, 3);
await expect429(request);
});
it('Joan has the default limit of 3', async () => {
request = await asUser('joan');
await expect200NTimes(request, 3);
await expect429(request);
});
it('Max has unlimited requests since he is an admin', async () => {
request = await asUser('max');
await expect200NTimes(request, 100);
});
it('Edith has a limit of 10 since she is in account 2', async () => {
request = await asUser('edith');
await expect200NTimes(request, 10);
await expect429(request);
});
it('Alice is suspended and can only make a single', async () => {
request = await asUser('alice');
await expect200NTimes(request, 1);
await expect429(request);
});
});
});