115 lines
3.4 KiB
JavaScript
115 lines
3.4 KiB
JavaScript
// The Lucia project.
|
|
// Copyright 2026-2026 DSP, inc. All rights reserved.
|
|
// Authors:
|
|
// imacat.yang@dsp.im (imacat), 2026/03/06
|
|
|
|
import { describe, it, expect, beforeEach } from "vitest";
|
|
import { decodeReturnTo } from "@/utils/returnToEncoding";
|
|
import { evaluateAuthNavigation } from "@/router/authGuard";
|
|
|
|
describe("router beforeEach guard logic", () => {
|
|
beforeEach(() => {
|
|
// Clear cookies
|
|
document.cookie.split(";").forEach((c) => {
|
|
const name = c.split("=")[0].trim();
|
|
if (name) {
|
|
document.cookie = name + "=; Max-Age=-99999999; path=/";
|
|
}
|
|
});
|
|
});
|
|
|
|
// Run the real auth guard decision logic from src/router/authGuard.ts
|
|
async function runGuard(to, options = {}) {
|
|
const { refreshSucceeds = true } = options;
|
|
return evaluateAuthNavigation(to, {
|
|
getCookie: (name) => {
|
|
const cookieArr = document.cookie.split(";");
|
|
for (const cookie of cookieArr) {
|
|
const c = cookie.trim();
|
|
if (c.startsWith(`${name}=`)) {
|
|
return c.slice(name.length + 1);
|
|
}
|
|
}
|
|
return null;
|
|
},
|
|
refreshSession: async () => {
|
|
if (!refreshSucceeds) {
|
|
throw new Error("refresh failed");
|
|
}
|
|
},
|
|
setLoginMarker: () => {
|
|
document.cookie = "isLuciaLoggedIn=true";
|
|
},
|
|
encodeReturnTo: (path) => btoa(path),
|
|
});
|
|
}
|
|
|
|
it("redirects logged-in user from Login to Files", () => {
|
|
document.cookie = "isLuciaLoggedIn=true";
|
|
document.cookie = "luciaToken=token";
|
|
return expect(runGuard({ name: "Login" })).resolves.toEqual({
|
|
name: "Files",
|
|
});
|
|
});
|
|
|
|
it("allows unauthenticated user to visit Login", () => {
|
|
return expect(runGuard({ name: "Login" })).resolves.toBeUndefined();
|
|
});
|
|
|
|
it("redirects unauthenticated user when route requiresAuth", async () => {
|
|
const result = await runGuard({
|
|
name: "Files",
|
|
path: "/files",
|
|
fullPath: "/files",
|
|
matched: [{ meta: { requiresAuth: true } }],
|
|
});
|
|
expect(result.path).toBe("/login");
|
|
expect(decodeReturnTo(result.query["return-to"])).toBe("/files");
|
|
});
|
|
|
|
it("allows requiresAuth route when refresh token can refresh session", () => {
|
|
document.cookie = "luciaRefreshToken=refresh-token";
|
|
return expect(
|
|
runGuard(
|
|
{
|
|
name: "Files",
|
|
path: "/files",
|
|
fullPath: "/files",
|
|
matched: [{ meta: { requiresAuth: true } }],
|
|
},
|
|
{ refreshSucceeds: true },
|
|
),
|
|
).resolves.toBeUndefined();
|
|
});
|
|
|
|
it("redirects to login with return-to when refresh fails", async () => {
|
|
document.cookie = "luciaRefreshToken=refresh-token";
|
|
const result = await runGuard(
|
|
{
|
|
name: "Map",
|
|
path: "/discover/log/1/map",
|
|
fullPath: "/discover/log/1/map?view=summary#node-2",
|
|
matched: [{ meta: { requiresAuth: true } }],
|
|
},
|
|
{ refreshSucceeds: false },
|
|
);
|
|
expect(result.path).toBe("/login");
|
|
expect(decodeReturnTo(result.query["return-to"])).toBe(
|
|
"/discover/log/1/map?view=summary#node-2",
|
|
);
|
|
});
|
|
|
|
it("does not interfere with non-Login routes", () => {
|
|
document.cookie = "isLuciaLoggedIn=true";
|
|
document.cookie = "luciaToken=token";
|
|
return expect(
|
|
runGuard({
|
|
name: "Files",
|
|
path: "/files",
|
|
fullPath: "/files",
|
|
matched: [{ meta: { requiresAuth: true } }],
|
|
}),
|
|
).resolves.toBeUndefined();
|
|
});
|
|
});
|