From e3257b81a52ef7dedac49669a7a0a3fb13b9e5bd Mon Sep 17 00:00:00 2001 From: Clement Michaud Date: Sun, 21 May 2017 13:11:54 +0200 Subject: [PATCH] Move denyNotLogged function to typescript --- src/lib/routes/DenyNotLogged.ts | 18 +++++ src/lib/routes/deny_not_logged.js | 19 ----- src/lib/routes/second_factor.js | 8 +- test/unitary/mocks/express.ts | 2 +- test/unitary/routes/DenyNotLogged.test.ts | 82 ++++++++++++++++++++ test/unitary/routes/test_deny_not_logged.js | 83 --------------------- 6 files changed, 105 insertions(+), 107 deletions(-) create mode 100644 src/lib/routes/DenyNotLogged.ts delete mode 100644 src/lib/routes/deny_not_logged.js create mode 100644 test/unitary/routes/DenyNotLogged.test.ts delete mode 100644 test/unitary/routes/test_deny_not_logged.js diff --git a/src/lib/routes/DenyNotLogged.ts b/src/lib/routes/DenyNotLogged.ts new file mode 100644 index 00000000..fc30d836 --- /dev/null +++ b/src/lib/routes/DenyNotLogged.ts @@ -0,0 +1,18 @@ + +import objectPath = require("object-path"); +import express = require("express"); + +export = function denyNotLogged(callback: (req: express.Request, res: express.Response) => void) { + return function (req: express.Request, res: express.Response) { + const auth_session = req.session.auth_session; + const first_factor = objectPath.has(req, "session.auth_session.first_factor") + && req.session.auth_session.first_factor; + if (!first_factor) { + res.status(403); + res.send(); + return; + } + + callback(req, res); + }; +}; diff --git a/src/lib/routes/deny_not_logged.js b/src/lib/routes/deny_not_logged.js deleted file mode 100644 index d22faa03..00000000 --- a/src/lib/routes/deny_not_logged.js +++ /dev/null @@ -1,19 +0,0 @@ - -module.exports = denyNotLogged; - -var objectPath = require('object-path'); - -function denyNotLogged(next) { - return function(req, res) { - var auth_session = req.session.auth_session; - var first_factor = objectPath.has(req, 'session.auth_session.first_factor') - && req.session.auth_session.first_factor; - if(!first_factor) { - res.status(403); - res.send(); - return; - } - - next(req, res); - } -} diff --git a/src/lib/routes/second_factor.js b/src/lib/routes/second_factor.js index 413b4337..c84c3de2 100644 --- a/src/lib/routes/second_factor.js +++ b/src/lib/routes/second_factor.js @@ -1,18 +1,18 @@ -var denyNotLogged = require('./deny_not_logged'); +var DenyNotLogged = require('./DenyNotLogged'); var u2f = require('./u2f'); var TOTPAuthenticator = require("./TOTPAuthenticator"); module.exports = { - totp: denyNotLogged(TOTPAuthenticator), + totp: DenyNotLogged(TOTPAuthenticator), u2f: { register_request: u2f.register_request, register: u2f.register, register_handler_get: u2f.register_handler_get, register_handler_post: u2f.register_handler_post, - sign_request: denyNotLogged(u2f.sign_request), - sign: denyNotLogged(u2f.sign), + sign_request: DenyNotLogged(u2f.sign_request), + sign: DenyNotLogged(u2f.sign), } } diff --git a/test/unitary/mocks/express.ts b/test/unitary/mocks/express.ts index 009cb4a3..b06a1d5f 100644 --- a/test/unitary/mocks/express.ts +++ b/test/unitary/mocks/express.ts @@ -15,7 +15,7 @@ export interface ResponseMock { sendStatus: sinon.SinonStub; sendFile: sinon.SinonStub; sendfile: sinon.SinonStub; - status: sinon.SinonStub; + status: sinon.SinonStub | sinon.SinonSpy; json: sinon.SinonStub; links: sinon.SinonStub; jsonp: sinon.SinonStub; diff --git a/test/unitary/routes/DenyNotLogged.test.ts b/test/unitary/routes/DenyNotLogged.test.ts new file mode 100644 index 00000000..24678737 --- /dev/null +++ b/test/unitary/routes/DenyNotLogged.test.ts @@ -0,0 +1,82 @@ + +import sinon = require("sinon"); +import Promise = require("bluebird"); +import assert = require("assert"); +import express = require("express"); + +import ExpressMock = require("../mocks/express"); +import DenyNotLogged = require("../../../src/lib/routes/DenyNotLogged"); + +describe("test not logged", function () { + it("should return status code 403 when auth_session has not been previously created", function () { + return test_auth_session_not_created(); + }); + + it("should return status code 403 when auth_session has failed first factor", function () { + return test_auth_first_factor_not_validated(); + }); + + it("should return status code 204 when auth_session has succeeded first factor stage", function () { + return test_auth_with_first_factor_validated(); + }); +}); + +function test_auth_session_not_created() { + return new Promise(function (resolve, reject) { + const send = sinon.spy(resolve); + const status = sinon.spy(function (code: number) { + assert.equal(403, code); + }); + const req = ExpressMock.RequestMock(); + const res = ExpressMock.ResponseMock(); + req.session = {}; + res.send = send; + res.status = status; + + DenyNotLogged(reject)(req as any, res as any); + }); +} + +function test_auth_first_factor_not_validated() { + return new Promise(function (resolve, reject) { + const send = sinon.spy(resolve); + const status = sinon.spy(function (code: number) { + assert.equal(403, code); + }); + const req = { + session: { + auth_session: { + first_factor: false, + second_factor: false + } + } + }; + + const res = { + send: send, + status: status + }; + + DenyNotLogged(reject)(req as any, res as any); + }); +} + +function test_auth_with_first_factor_validated() { + return new Promise(function (resolve, reject) { + const req = { + session: { + auth_session: { + first_factor: true, + second_factor: false + } + } + }; + + const res = { + send: sinon.spy(), + status: sinon.spy() + }; + + DenyNotLogged(resolve)(req as any, res as any); + }); +} diff --git a/test/unitary/routes/test_deny_not_logged.js b/test/unitary/routes/test_deny_not_logged.js deleted file mode 100644 index 48a7007c..00000000 --- a/test/unitary/routes/test_deny_not_logged.js +++ /dev/null @@ -1,83 +0,0 @@ - -var sinon = require('sinon'); -var Promise = require('bluebird'); -var assert = require('assert'); - -var denyNotLogged = require('../../../src/lib/routes/deny_not_logged'); - -describe('test not logged', function() { - it('should return status code 403 when auth_session has not been previously created', function() { - return test_auth_session_not_created(); - }); - - it('should return status code 403 when auth_session has failed first factor', function() { - return test_auth_first_factor_not_validated(); - }); - - it('should return status code 204 when auth_session has succeeded first factor stage', function() { - return test_auth_with_first_factor_validated(); - }); -}); - -function test_auth_session_not_created() { - return new Promise(function(resolve, reject) { - var send = sinon.spy(resolve); - var status = sinon.spy(function(code) { - assert.equal(403, code); - }); - var req = { - session: {} - } - - var res = { - send: send, - status: status - } - - denyNotLogged(reject)(req, res); - }); -} - -function test_auth_first_factor_not_validated() { - return new Promise(function(resolve, reject) { - var send = sinon.spy(resolve); - var status = sinon.spy(function(code) { - assert.equal(403, code); - }); - var req = { - session: { - auth_session: { - first_factor: false, - second_factor: false - } - } - } - - var res = { - send: send, - status: status - } - - denyNotLogged(reject)(req, res); - }); -} - -function test_auth_with_first_factor_validated() { - return new Promise(function(resolve, reject) { - var req = { - session: { - auth_session: { - first_factor: true, - second_factor: false - } - } - } - - var res = { - send: sinon.spy(), - status: sinon.spy() - } - - denyNotLogged(resolve)(req, res); - }); -}