ChatGPT/FastGPT
1
0
Fork 0
mirror of https://github.com/labring/FastGPT.git synced 2026-02-28 01:02:28 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
1bca18ae8574bd457cea99564112757b09b87ea0
FastGPT/projects/sandbox_server/test/middleware/auth.test.ts
Archer 44d64ce40e Sandbox server (#6383) 
* feat: sandbox_server

* docker build

* action
2026-02-04 20:49:26 +08:00

94 lines
3.1 KiB
TypeScript
Raw Blame History

import { describe, it, expect } from 'vitest';
import { Hono } from 'hono';
import { authMiddleware } from '../../src/middleware/auth';
import { errorHandler } from '../../src/middleware/error';
describe('Auth Middleware', () => {
const createTestApp = () => {
const app = new Hono();
app.onError(errorHandler);
app.use('*', authMiddleware);
app.get('/protected', (c) => c.json({ success: true }));
return app;
};
describe('Authorization header validation', () => {
it('should return 401 when Authorization header is missing', async () => {
const app = createTestApp();
const res = await app.request('/protected');
expect(res.status).toBe(401);
const data = (await res.json()) as { message: string };
expect(data.message).toBe('Authorization header is required');
});
it('should return 401 when Authorization format is invalid (no Bearer prefix)', async () => {
const app = createTestApp();
const res = await app.request('/protected', {
headers: {
Authorization: 'test-token'
}
});
expect(res.status).toBe(401);
const data = (await res.json()) as { message: string };
expect(data.message).toBe('Invalid authorization format. Expected: Bearer <token>');
});
it('should return 401 when Authorization format is invalid (wrong prefix)', async () => {
const app = createTestApp();
const res = await app.request('/protected', {
headers: {
Authorization: 'Basic test-token'
}
});
expect(res.status).toBe(401);
const data = (await res.json()) as { message: string };
expect(data.message).toBe('Invalid authorization format. Expected: Bearer <token>');
});
});
describe('Token validation', () => {
it('should return 401 when token is invalid', async () => {
const app = createTestApp();
const res = await app.request('/protected', {
headers: {
Authorization: 'Bearer invalid-token'
}
});
expect(res.status).toBe(401);
const data = (await res.json()) as { message: string };
expect(data.message).toBe('Invalid token');
});
it('should return 401 when token is empty', async () => {
const app = createTestApp();
const res = await app.request('/protected', {
headers: {
Authorization: 'Bearer '
}
});
expect(res.status).toBe(401);
const data = (await res.json()) as { message: string };
// Note: 'Bearer ' (with trailing space but no token) is treated as invalid format
expect(data.message).toBe('Invalid authorization format. Expected: Bearer <token>');
});
it('should allow request with valid token', async () => {
const app = createTestApp();
const res = await app.request('/protected', {
headers: {
Authorization: 'Bearer test-token' // matches env.TOKEN in test mode
}
});
expect(res.status).toBe(200);
const data = (await res.json()) as { success: boolean };
expect(data.success).toBe(true);
});
});
});
Reference in New Issue View Git Blame Copy Permalink