middleware/authorize

1. import { User } from '../../../database/models'
2. import authorize from '../../../middleware/authorize'
3.  
4. describe('The authorize module', () => {
5. test('next function called if req.currentRecipe.userId === req.authUser.id', async () => {
6. await User.destroy({ where: {} })
7.  
8. const user = await User.create({
9. name: 'bahdcoder',
10. email: 'bahdcoder@gmail.com',
11. password: 'password'
12. })
13.  
14. const req = {
15. currentRecipe: {
16. userId: user.id
17. },
18. authUser: {
19. id: user.id
20. }
21. }
22.  
23. const next = jest.fn()
24.  
25. const res = {
26. sendFailureResponse: jest.fn()
27. }
28.  
29. await authorize(req, res, next)
30.  
31. expect(next).toHaveBeenCalled()
32. })
33.  
34. test('error if req.currentRecipe.userId !== req.authUser.id', async () => {
35. await User.destroy({ where: {} })
36.  
37. const user = await User.create({
38. name: 'bahdcoder',
39. email: 'bahdcoder@gmail.com',
40. password: 'password'
41. })
42.  
43. const req = {
44. currentRecipe: {
45. userId: user.id
46. },
47. authUser: {
48. id: ''
49. }
50. }
51.  
52. const next = jest.fn()
53.  
54. const res = {
55. sendFailureResponse: jest.fn()
56. }
57.  
58. await authorize(req, res, next)
59.  
60. expect(res.sendFailureResponse).toHaveBeenCalledWith({
61. message: 'Unauthorized.'
62. }, 401)
63.  
64. expect(next).not.toHaveBeenCalled()
65.  
66. })
67. })