wsh5485/i
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d7dab31f196e5e3f09afada2646374479214b21f
i/server/test/middleware.auth.test.js
T
wsh5485 65b0bb04f8 feat: import CarLog v2.8 code + dev plan 
把 CarLog v2.8 全套源码 + 配置导入到 i 仓库作为 baseline:
- server/src/ (13 个路由 + middleware + services + config)
- server/migrations/ (0001~0018 共 18 个迁移 + mysql)
- server/test/ (12 文件 101 测试)
- client/src/ (20 个 view + components + stores + api + composables)
- client/public/ + client/scripts/
- 全部配置文件 (.editorconfig, .eslintrc.json, .prettierrc.json, vitest.config.js, lighthouserc.json, .pa11yci.json, package.json, carlog-init.sql)
- .husky/pre-commit (git hooks)
- docs/install/ (宝塔部署文档)

不含:
- node_modules/ (本地 npm install)
- .env (敏感, 走 .env.example)
- *.zip / *.log / *.sqlite / .DS_Store

新增文档 docs/DEV-PLAN.md:
- Phase 1: 平台基座 (019 migration + 3 个 platform 路由 + 3 个 view)
- Phase 2: CarLog 子系统化 (后端 routes/ → subsystems/carlog/ + 前端 views/ → views/subsystems/carlog/ + 元数据驱动菜单)
- Phase 3: 验证 (测试 + E2E + DB 完整性)
- 交付清单 + commit 模板 + 给 Mavis review 的材料

后续 Trae 实施, 提交后我 code review + 跑测试。
2026-06-20 22:30:19 +08:00

67 lines
2.4 KiB
JavaScript
Raw Blame History

// server/test/middleware.auth.test.js
import { describe, it, expect, vi } from 'vitest';
import { requireAuth } from '../src/middleware/auth.js';
function mockRes() {
return {
statusCode: 200,
body: null,
headers: {},
status(c) { this.statusCode = c; return this; },
json(b) { this.body = b; return this; },
redirect(url) { this.headers.location = url; this.statusCode = 302; return this; },
};
}
describe('middleware/requireAuth', () => {
it('已登录 → 放行', () => {
const req = { session: { userId: 1 } };
const next = vi.fn();
requireAuth(req, mockRes(), next);
expect(next).toHaveBeenCalledOnce();
});
it('未登录 + /api/ 路径 → 401 JSON', () => {
const req = { session: {}, path: '/api/washes', originalUrl: '/api/washes' };
const res = mockRes();
const next = vi.fn();
requireAuth(req, res, next);
expect(next).not.toHaveBeenCalled();
expect(res.statusCode).toBe(401);
expect(res.body.error.code).toBe('UNAUTHORIZED');
});
it('未登录 + 非 /api 路径 → 302 redirect 到 /login?return_to=', () => {
const req = { session: {}, path: '/settings', originalUrl: '/settings?tab=profile' };
const res = mockRes();
const next = vi.fn();
requireAuth(req, res, next);
expect(next).not.toHaveBeenCalled();
expect(res.statusCode).toBe(302);
expect(res.headers.location).toMatch(/^\/login\?return_to=/);
});
it('未登录 + originalUrl 含特殊字符 → URL 编码', () => {
const req = { session: {}, path: '/foo', originalUrl: '/foo?x=1&y=2' };
const res = mockRes();
requireAuth(req, res, vi.fn());
expect(decodeURIComponent(res.headers.location.split('return_to=')[1])).toBe('/foo?x=1&y=2');
});
it('未登录 + 无 session 对象 → 401', () => {
const req = { path: '/api/x' };
const res = mockRes();
requireAuth(req, res, vi.fn());
expect(res.statusCode).toBe(401);
});
it('session.userId = 0/false/空 → 视为未登录', () => {
for (const uid of [0, false, null, '']) {
const req = { session: { userId: uid }, path: '/api/x' };
const res = mockRes();
requireAuth(req, res, vi.fn());
expect(res.statusCode).toBe(401);
}
});
});
Reference in New Issue View Git Blame Copy Permalink