545563e776
- Complete NestJS TypeScript implementation with WebSocket support - Direct messaging (DM) and group chat functionality - End-to-end encryption with AES encryption and key pairs - Media file support (images, videos, audio, documents) up to 100MB - Push notifications with Firebase Cloud Messaging integration - Mention alerts and real-time typing indicators - User authentication with JWT and Passport - SQLite database with TypeORM entities and relationships - Comprehensive API documentation with Swagger/OpenAPI - File upload handling with secure access control - Online/offline status tracking and presence management - Message editing, deletion, and reply functionality - Notification management with automatic cleanup - Health check endpoint for monitoring - CORS configuration for cross-origin requests - Environment-based configuration management - Structured for Flutter SDK integration Features implemented: ✅ Real-time messaging with Socket.IO ✅ User registration and authentication ✅ Direct messages and group chats ✅ Media file uploads and management ✅ End-to-end encryption ✅ Push notifications ✅ Mention alerts ✅ Typing indicators ✅ Message read receipts ✅ Online status tracking ✅ File access control ✅ Comprehensive API documentation Ready for Flutter SDK development and production deployment.
183 lines
5.9 KiB
JavaScript
183 lines
5.9 KiB
JavaScript
var Strategy = require('../lib/strategy')
|
|
, chai = require('chai')
|
|
, test_data = require('./testdata')
|
|
, sinon = require('sinon')
|
|
, extract_jwt = require('../lib/extract_jwt');
|
|
|
|
describe('Strategy', function() {
|
|
|
|
describe('calling JWT validation function', function() {
|
|
var strategy;
|
|
|
|
before(function(done) {
|
|
verifyStub = sinon.stub();
|
|
verifyStub.callsArgWith(1, null, {}, {});
|
|
options = {};
|
|
options.issuer = "TestIssuer";
|
|
options.audience = "TestAudience";
|
|
options.secretOrKey = 'secret';
|
|
options.algorithms = ["HS256", "HS384"];
|
|
options.ignoreExpiration = false;
|
|
options.jsonWebTokenOptions = {
|
|
clockTolerance: 10,
|
|
maxAge: "1h",
|
|
};
|
|
options.jwtFromRequest = extract_jwt.fromAuthHeaderAsBearerToken();
|
|
strategy = new Strategy(options, verifyStub);
|
|
|
|
Strategy.JwtVerifier = sinon.stub();
|
|
Strategy.JwtVerifier.callsArgWith(3, null, test_data.valid_jwt.payload);
|
|
|
|
chai.passport.use(strategy)
|
|
.success(function(u, i) {
|
|
done();
|
|
})
|
|
.req(function(req) {
|
|
req.headers['authorization'] = "bearer " + test_data.valid_jwt.token;
|
|
})
|
|
.authenticate();
|
|
});
|
|
|
|
|
|
it('should call with the right secret as an argument', function() {
|
|
expect(Strategy.JwtVerifier.args[0][1]).to.equal('secret');
|
|
});
|
|
|
|
|
|
it('should call with the right issuer option', function() {
|
|
expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;
|
|
expect(Strategy.JwtVerifier.args[0][2].issuer).to.equal('TestIssuer');
|
|
});
|
|
|
|
|
|
it('should call with the right audience option', function() {
|
|
expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;
|
|
expect(Strategy.JwtVerifier.args[0][2].audience).to.equal('TestAudience');
|
|
});
|
|
|
|
it('should call with the right algorithms option', function() {
|
|
expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;
|
|
expect(Strategy.JwtVerifier.args[0][2].algorithms).to.eql(["HS256", "HS384"]);
|
|
});
|
|
|
|
it('should call with the right ignoreExpiration option', function() {
|
|
expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;
|
|
expect(Strategy.JwtVerifier.args[0][2].ignoreExpiration).to.be.false;
|
|
});
|
|
|
|
it('should call with the right maxAge option', function() {
|
|
expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;
|
|
expect(Strategy.JwtVerifier.args[0][2].maxAge).to.equal('1h');
|
|
});
|
|
|
|
it('should call with the right clockTolerance option', function() {
|
|
expect(Strategy.JwtVerifier.args[0][2]).to.be.an.object;
|
|
expect(Strategy.JwtVerifier.args[0][2].clockTolerance).to.equal(10);
|
|
});
|
|
|
|
});
|
|
|
|
|
|
describe('handling valid jwt', function() {
|
|
var strategy, payload;
|
|
|
|
before(function(done) {
|
|
strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeaderAsBearerToken(), secretOrKey: 'secret'}, function(jwt_payload, next) {
|
|
payload = jwt_payload;
|
|
next(null, {}, {});
|
|
});
|
|
|
|
// Mock successful verification
|
|
Strategy.JwtVerifier = sinon.stub();
|
|
Strategy.JwtVerifier.callsArgWith(3, null, test_data.valid_jwt.payload);
|
|
|
|
chai.passport.use(strategy)
|
|
.success(function(u, i) {
|
|
done();
|
|
})
|
|
.req(function(req) {
|
|
req.headers['authorization'] = "bearer " + test_data.valid_jwt.token;
|
|
})
|
|
.authenticate();
|
|
});
|
|
|
|
|
|
it('should call verify with the correct payload', function() {
|
|
expect(payload).to.deep.equal(test_data.valid_jwt.payload);
|
|
});
|
|
|
|
|
|
});
|
|
|
|
|
|
describe('handling failing jwt', function() {
|
|
var strategy, info;
|
|
var verify_spy = sinon.spy();
|
|
|
|
before(function(done) {
|
|
|
|
strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeaderAsBearerToken(), secretOrKey: 'secret'}, verify_spy);
|
|
|
|
// Mock errored verification
|
|
Strategy.JwtVerifier = sinon.stub();
|
|
Strategy.JwtVerifier.callsArgWith(3, new Error("jwt expired"), false);
|
|
|
|
chai.passport.use(strategy)
|
|
.fail(function(i) {
|
|
info = i;
|
|
done();
|
|
})
|
|
.req(function(req) {
|
|
req.headers['authorization'] = "bearer " + test_data.valid_jwt.token;
|
|
})
|
|
.authenticate();
|
|
});
|
|
|
|
|
|
it('should not call verify', function() {
|
|
sinon.assert.notCalled(verify_spy);
|
|
});
|
|
|
|
|
|
it('should fail with error message.', function() {
|
|
expect(info).to.be.an.object;
|
|
expect(info.message).to.equal('jwt expired');
|
|
});
|
|
|
|
});
|
|
|
|
|
|
describe('handling an invalid authentication header', function() {
|
|
var strategy, info;
|
|
var verify_spy = sinon.spy();
|
|
|
|
before(function(done) {
|
|
|
|
strategy = new Strategy({jwtFromRequest: extract_jwt.fromAuthHeaderAsBearerToken(), secretOrKey: 'secret'}, verify_spy);
|
|
|
|
chai.passport.use(strategy)
|
|
.fail(function(i) {
|
|
info = i;
|
|
done();
|
|
})
|
|
.req(function(req) {
|
|
req.headers['authorization'] = "malformed";
|
|
})
|
|
.authenticate();
|
|
});
|
|
|
|
|
|
it('should not call verify', function() {
|
|
sinon.assert.notCalled(verify_spy);
|
|
});
|
|
|
|
|
|
it('should fail with error message.', function() {
|
|
expect(info).to.be.an.object;
|
|
expect(info).to.be.an.instanceof(Error);
|
|
});
|
|
|
|
});
|
|
|
|
});
|