diff --git a/packages/auth-providers/dbAuth/api/src/DbAuthHandler.ts b/packages/auth-providers/dbAuth/api/src/DbAuthHandler.ts index 98c07bca9e69..772f49e60ab0 100644 --- a/packages/auth-providers/dbAuth/api/src/DbAuthHandler.ts +++ b/packages/auth-providers/dbAuth/api/src/DbAuthHandler.ts @@ -540,8 +540,6 @@ export class DbAuthHandler< ) } - await this.init() - const { username } = this.normalizedRequest.jsonBody || {} // was the username sent in at all? if (!username || username.trim() === '') { @@ -640,7 +638,6 @@ export class DbAuthHandler< ) } - await this.init() const { username, password } = this.normalizedRequest.jsonBody || {} const dbUser = await this._verifyUser(username, password) const handlerUser = await (this.options.login as LoginFlowOptions).handler( @@ -670,7 +667,6 @@ export class DbAuthHandler< ) } - await this.init() const { password, resetToken } = this.normalizedRequest.jsonBody || {} // is the resetToken present? @@ -743,7 +739,6 @@ export class DbAuthHandler< `Signup flow is not enabled` ) } - await this.init() // check if password is valid const { password } = this.normalizedRequest.jsonBody || {} @@ -766,7 +761,6 @@ export class DbAuthHandler< } async validateResetToken() { - await this.init() const { resetToken } = this.normalizedRequest.jsonBody || {} // is token present at all? if (!resetToken || String(resetToken).trim() === '') { @@ -791,7 +785,6 @@ export class DbAuthHandler< async webAuthnAuthenticate() { const { verifyAuthenticationResponse } = require('@simplewebauthn/server') const webAuthnOptions = this.options.webAuthn - await this.init() const { rawId } = this.normalizedRequest.jsonBody || {} @@ -884,7 +877,6 @@ export class DbAuthHandler< if (this.options.webAuthn === undefined || !this.options.webAuthn.enabled) { throw new DbAuthError.WebAuthnError('WebAuthn is not enabled') } - await this.init() const webAuthnOptions = this.options.webAuthn @@ -951,7 +943,6 @@ export class DbAuthHandler< if (!this.options?.webAuthn?.enabled) { throw new DbAuthError.WebAuthnError('WebAuthn is not enabled') } - await this.init() const webAuthnOptions = this.options.webAuthn @@ -996,7 +987,6 @@ export class DbAuthHandler< if (this.options.webAuthn === undefined || !this.options.webAuthn.enabled) { throw new DbAuthError.WebAuthnError('WebAuthn is not enabled') } - await this.init() const user = await this._getCurrentUser() @@ -1237,7 +1227,6 @@ export class DbAuthHandler< // checks the CSRF token in the header against the CSRF token in the session // and throw an error if they are not the same (not used yet) async _validateCsrf() { - await this.init() if ( this.sessionCsrfToken !== this.normalizedRequest.headers.get('csrf-token') ) { @@ -1395,8 +1384,6 @@ export class DbAuthHandler< // gets the user from the database and returns only its ID async _getCurrentUser() { - await this.init() - if (!this.session?.id) { throw new DbAuthError.NotLoggedInError() } @@ -1431,7 +1418,6 @@ export class DbAuthHandler< // creates and returns a user, first checking that the username/password // values pass validation async _createUser() { - await this.init() const { username, password, ...userAttributes } = this.normalizedRequest.jsonBody || {} if ( @@ -1469,7 +1455,6 @@ export class DbAuthHandler< // figure out which auth method we're trying to call async _getAuthMethod() { - await this.init() // try getting it from the query string, /.redwood/functions/auth?method=[methodName] let methodName = this.normalizedRequest.query.method as AuthMethodNames diff --git a/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.fetch.test.js b/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.fetch.test.js index ef7db878de6a..71f48c227f6f 100644 --- a/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.fetch.test.js +++ b/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.fetch.test.js @@ -250,22 +250,25 @@ describe('dbAuth', () => { }) describe('dbAccessor', () => { - it('returns the prisma db accessor for a model', () => { + it('returns the prisma db accessor for a model', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(dbAuth.dbAccessor).toEqual(db.user) }) }) describe('dbCredentialAccessor', () => { - it('returns the prisma db accessor for a UserCredential model', () => { + it('returns the prisma db accessor for a UserCredential model', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(dbAuth.dbCredentialAccessor).toEqual(db.userCredential) }) }) describe('sessionExpiresDate', () => { - it('returns a date in the future as a UTCString', () => { + it('returns a date in the future as a UTCString', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const expiresAt = new Date() expiresAt.setSeconds(expiresAt.getSeconds() + options.login.expires) @@ -274,8 +277,9 @@ describe('dbAuth', () => { }) describe('webAuthnExpiresDate', () => { - it('returns a date in the future as a UTCString', () => { + it('returns a date in the future as a UTCString', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const expiresAt = new Date() expiresAt.setSeconds(expiresAt.getSeconds() + options.webAuthn.expires) @@ -284,8 +288,9 @@ describe('dbAuth', () => { }) describe('_deleteSessionHeader', () => { - it('returns a Set-Cookie header to delete the session cookie', () => { + it('returns a Set-Cookie header to delete the session cookie', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const headers = dbAuth._deleteSessionHeader expect(Object.keys(headers).length).toEqual(1) @@ -295,7 +300,7 @@ describe('dbAuth', () => { }) describe('constructor', () => { - it('initializes some variables with passed values', () => { + it('initializes some variables with passed values', async () => { req = { headers: {} } context = { foo: 'bar' } options = { @@ -315,6 +320,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(dbAuth.event).toEqual(req) expect(dbAuth.options).toEqual(options) @@ -513,6 +519,7 @@ describe('dbAuth', () => { it('parses params from a plain text body', async () => { req = { headers: {}, body: `{"foo":"bar", "baz":123}` } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() // Need to wait for reqq to be parsed await dbAuth.init() @@ -532,6 +539,7 @@ describe('dbAuth', () => { context = { foo: 'bar' } const dbAuth = new DbAuthHandler(req, context, options) await dbAuth.init() + await dbAuth.init() expect(dbAuth.normalizedRequest.jsonBody).toEqual({}) }) @@ -544,6 +552,7 @@ describe('dbAuth', () => { context = { foo: 'bar' } const dbAuth = new DbAuthHandler(req, context, options) await dbAuth.init() + await dbAuth.init() expect(dbAuth.normalizedRequest.jsonBody).toEqual({}) }) @@ -552,20 +561,22 @@ describe('dbAuth', () => { req = { headers: { 'csrf-token': 'qwerty' } } const dbAuth = new DbAuthHandler(req, context, options) await dbAuth.init() + await dbAuth.init() expect(dbAuth.normalizedRequest.headers.get('csrf-token')).toEqual( 'qwerty' ) }) - it('sets session variables to nothing if session cannot be decrypted', () => { + it('sets session variables to nothing if session cannot be decrypted', async () => { req = { headers: { 'csrf-token': 'qwerty' } } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(dbAuth.session).toBeUndefined() expect(dbAuth.sessionCsrfToken).toBeUndefined() }) - it('sets session variables to valid session data', () => { + it('sets session variables to valid session data', async () => { req = { headers: { cookie: @@ -573,6 +584,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(dbAuth.session).toEqual({ foo: 'bar' }) expect(dbAuth.sessionCsrfToken).toEqual('abcd') @@ -618,6 +630,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(fetchEvent, context, options) + await dbAuth.init() const response = await dbAuth.invoke() expect(response.statusCode).toEqual(404) @@ -633,6 +646,7 @@ describe('dbAuth', () => { body: JSON.stringify({ method: 'foobar' }), }) const dbAuth = new DbAuthHandler(fetchEvent, context, options) + const response = await dbAuth.invoke() expect(response.statusCode).toEqual(404) @@ -649,6 +663,8 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(fetchEvent, context, options) + await dbAuth.init() + dbAuth.logout = jest.fn(() => { throw Error('Logout error') }) @@ -694,6 +710,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(fetchEvent, context, options) + await dbAuth.init() dbAuth.logout = jest.fn(() => ['body', { foo: 'bar' }]) const response = await dbAuth.invoke() @@ -722,6 +739,7 @@ describe('dbAuth', () => { options.forgotPassword.enabled = false const dbAuth = new DbAuthHandler(fetchEvent, context, options) + await dbAuth.init() try { await dbAuth.forgotPassword() @@ -749,6 +767,7 @@ describe('dbAuth', () => { flowNotEnabled: 'Custom flow not enabled error', } const dbAuth = new DbAuthHandler(fetchEvent, context, options) + await dbAuth.init() try { await dbAuth.forgotPassword() @@ -766,6 +785,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(emptyBodyReq, context, options) + await dbAuth.init() try { await dbAuth.forgotPassword() @@ -780,6 +800,7 @@ describe('dbAuth', () => { }) dbAuth = new DbAuthHandler(emptyStringReq, context, options) + await dbAuth.init() try { await dbAuth.forgotPassword() @@ -802,6 +823,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.forgotPassword() @@ -824,6 +846,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(user.resetToken).toEqual(undefined) expect(user.resetTokenExpiresAt).toEqual(undefined) @@ -861,6 +884,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.forgotPassword() expectLoggedOutResponse(response) @@ -881,6 +905,7 @@ describe('dbAuth', () => { expect(handlerUser.id).toEqual(user.id) } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await dbAuth.forgotPassword() expect.assertions(1) }) @@ -903,6 +928,7 @@ describe('dbAuth', () => { expect(token).toMatch(/^[A-Za-z0-9/+]{16}$/) } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await dbAuth.forgotPassword() expect.assertions(2) }) @@ -922,6 +948,7 @@ describe('dbAuth', () => { return handlerUser } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.forgotPassword() const jsonResponse = JSON.parse(response[0]) @@ -942,6 +969,7 @@ describe('dbAuth', () => { // invalid db client const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() dbAuth.dbAccessor = undefined try { @@ -969,6 +997,7 @@ describe('dbAuth', () => { options.login.enabled = false const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -996,6 +1025,7 @@ describe('dbAuth', () => { flowNotEnabled: 'Custom flow not enabled error', } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -1019,6 +1049,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -1040,6 +1071,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -1064,6 +1096,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -1089,6 +1122,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await dbAuth.login() }) @@ -1106,6 +1140,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.login() } catch (e) { @@ -1129,6 +1164,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.login() } catch (e) { @@ -1148,6 +1184,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.login() @@ -1165,6 +1202,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.login() expect(response[1]['csrf-token']).toMatch(UUID_REGEX) @@ -1181,6 +1219,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.login() @@ -1198,6 +1237,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.login() @@ -1223,6 +1263,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -1256,6 +1297,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await dbAuth.login() @@ -1270,6 +1312,7 @@ describe('dbAuth', () => { describe('logout', () => { it('returns set-cookie header for removing session', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = dbAuth.logout() expectLoggedOutResponse(response) @@ -1291,6 +1334,7 @@ describe('dbAuth', () => { options.resetPassword.enabled = false const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1318,6 +1362,7 @@ describe('dbAuth', () => { flowNotEnabled: 'Custom flow not enabled error', } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1334,6 +1379,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(emptyBody, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1347,6 +1393,7 @@ describe('dbAuth', () => { body: JSON.stringify({ resetToken: ' ' }), }) dbAuth = new DbAuthHandler(emptyString, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1364,6 +1411,7 @@ describe('dbAuth', () => { body: JSON.stringify({ resetToken: '1234' }), }) let dbAuth = new DbAuthHandler(noPwd, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1377,6 +1425,7 @@ describe('dbAuth', () => { body: JSON.stringify({ resetToken: '1234', password: ' ' }), }) dbAuth = new DbAuthHandler(pwdEmpty, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1395,6 +1444,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1421,6 +1471,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1450,6 +1501,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1484,6 +1536,7 @@ describe('dbAuth', () => { options.resetPassword.allowReusedPassword = false let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await expect(dbAuth.resetPassword()).rejects.toThrow( dbAuthError.ReusedPasswordError @@ -1511,6 +1564,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await expect(dbAuth.resetPassword()).resolves.not.toThrow() }) @@ -1534,6 +1588,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await expect(dbAuth.resetPassword()).resolves.not.toThrow() @@ -1565,6 +1620,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await expect(dbAuth.resetPassword()).resolves.not.toThrow() @@ -1598,6 +1654,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await dbAuth.resetPassword() expect.assertions(1) @@ -1623,6 +1680,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.resetPassword() @@ -1649,6 +1707,7 @@ describe('dbAuth', () => { }) let dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.resetPassword() @@ -1672,6 +1731,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect.assertions(1) await expect(dbAuth.signup()).rejects.toThrow('Cannot signup') @@ -1690,6 +1750,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.signup() @@ -1716,6 +1777,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.signup() @@ -1742,6 +1804,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.signup() @@ -1768,6 +1831,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(() => dbAuth.signup()).not.toThrow() }) @@ -1785,6 +1849,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(() => dbAuth.signup()).not.toThrow() }) @@ -1802,6 +1867,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.signup() const newUserCount = await db.user.count() @@ -1829,6 +1895,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.signup() @@ -1859,6 +1926,7 @@ describe('dbAuth', () => { req.headers.get('cookie') const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.getToken() expect(response[0]).toEqual(user.id) @@ -1866,6 +1934,7 @@ describe('dbAuth', () => { it('returns nothing if user is not logged in', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.getToken() expect(response[0]).toEqual('') @@ -1881,6 +1950,7 @@ describe('dbAuth', () => { } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.getToken() expect(response[0]).toEqual('{"error":"User not found"}') @@ -1898,6 +1968,7 @@ describe('dbAuth', () => { 'QKxN2vFSHAf94XYynK8LUALfDuDSdFowG6evfkFX8uszh4YZqhTiqEdshrhWbwbw' const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const [userId, headers] = await dbAuth.getToken() expect(userId).toEqual(7) @@ -1939,6 +2010,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const user = await dbAuth._getCurrentUser() expect(user.id).toEqual(dbUser.id) }) @@ -1963,6 +2035,7 @@ describe('dbAuth', () => { // should read session from graphiQL header, not from cookie const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const user = await dbAuth._getCurrentUser() expect(user.id).toEqual(dbUserId) }) @@ -1986,6 +2059,7 @@ describe('dbAuth', () => { try { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await dbAuth._getCurrentUser() } catch (e) { expect(e.message).toEqual( @@ -2019,6 +2093,7 @@ describe('dbAuth', () => { options.webAuthn.enabled = false const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect.assertions(1) await expect(dbAuth.webAuthnAuthenticate()).rejects.toThrow( @@ -2037,6 +2112,7 @@ describe('dbAuth', () => { headers, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect.assertions(1) await expect(dbAuth.webAuthnAuthenticate()).rejects.toThrow( @@ -2064,6 +2140,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect.assertions(1) await expect(dbAuth.webAuthnAuthenticate()).rejects.toThrow( @@ -2091,6 +2168,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect.assertions(1) try { @@ -2129,6 +2207,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const [body, headers] = await dbAuth.webAuthnAuthenticate() @@ -2146,6 +2225,7 @@ describe('dbAuth', () => { headers: {}, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.webAuthnAuthOptions() @@ -2161,6 +2241,7 @@ describe('dbAuth', () => { } options.webAuthn.enabled = false const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.webAuthnAuthOptions() @@ -2180,6 +2261,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.webAuthnAuthOptions() const regOptions = response[0] @@ -2207,6 +2289,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.webAuthnAuthOptions() const regOptions = response[0] @@ -2228,6 +2311,7 @@ describe('dbAuth', () => { headers: {}, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.webAuthnRegOptions() @@ -2245,6 +2329,7 @@ describe('dbAuth', () => { options.webAuthn.enabled = false const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth.webAuthnRegOptions() @@ -2268,6 +2353,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.webAuthnRegOptions() const regOptions = response[0] @@ -2299,6 +2385,7 @@ describe('dbAuth', () => { options.webAuthn.timeout = null const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.webAuthnRegOptions() expect(response[0].timeout).toEqual(60000) @@ -2318,6 +2405,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = await dbAuth.webAuthnRegOptions() user = await db.user.findFirst({ where: { id: user.id } }) @@ -2340,6 +2428,7 @@ describe('dbAuth', () => { body: '{"method":"webAuthnRegister","id":"GqjZOuYYppObBDeVknbrcBLkaa9imS5EJJwtCV740asUz24sdAmGFg","rawId":"GqjZOuYYppObBDeVknbrcBLkaa9imS5EJJwtCV740asUz24sdAmGFg","response":{"attestationObject":"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVisSZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2NFAAAAAK3OAAI1vMYKZIsLJfHwVQMAKBqo2TrmGKaTmwQ3lZJ263AS5GmvYpkuRCScLQle-NGrFM9uLHQJhhalAQIDJiABIVggGIipTQt-gcoDPOpW6Zje_Av9C0-jWb2R2PBmXJJL-c8iWCC76wxo3uzG8cPqb0A8Vij-dqMbrEytEHjuFOtiQ2dt8A","clientDataJSON":"eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiSHVHUHJRcUs3ZjUzTkx3TVpNc3RfREw5RGlnMkJCaXZEWVdXcGF3SVBWTSIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODkxMCIsImNyb3NzT3JpZ2luIjpmYWxzZSwib3RoZXJfa2V5c19jYW5fYmVfYWRkZWRfaGVyZSI6ImRvIG5vdCBjb21wYXJlIGNsaWVudERhdGFKU09OIGFnYWluc3QgYSB0ZW1wbGF0ZS4gU2VlIGh0dHBzOi8vZ29vLmdsL3lhYlBleCJ9"},"type":"public-key","clientExtensionResults":{},"transports":["internal"]}', } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await dbAuth.webAuthnRegister() @@ -2371,6 +2460,7 @@ describe('dbAuth', () => { ), } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await dbAuth.webAuthnRegister() @@ -2457,6 +2547,7 @@ describe('dbAuth', () => { ...options, cookie: { Secure: true }, }) + const attributes = dbAuth._cookieAttributes({}) expect(attributes[0]).toEqual('Secure') @@ -2503,8 +2594,9 @@ describe('dbAuth', () => { }) describe('_createSessionHeader()', () => { - it('returns a Set-Cookie header', () => { + it('returns a Set-Cookie header', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const headers = dbAuth._createSessionHeader({ foo: 'bar' }, 'abcd') expect(Object.keys(headers).length).toEqual(1) @@ -2534,12 +2626,13 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const output = await dbAuth._validateCsrf() expect(output).toEqual(true) }) - it('throws an error if session and header token do not match', () => { + it('throws an error if session and header token do not match', async () => { const data = { foo: 'bar' } const token = 'abcd' req = { @@ -2549,6 +2642,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(async () => { await dbAuth._validateCsrf() @@ -2559,6 +2653,7 @@ describe('dbAuth', () => { describe('_verifyUser()', () => { it('throws an error if username is missing', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._verifyUser(null, 'password') @@ -2580,6 +2675,7 @@ describe('dbAuth', () => { it('throws an error if password is missing', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._verifyUser('username') @@ -2613,6 +2709,7 @@ describe('dbAuth', () => { const defaultMessage = options.login.errors.usernameOrPasswordMissing delete options.login.errors.usernameOrPasswordMissing const dbAuth1 = new DbAuthHandler(req, context, options) + await dbAuth1.init() try { await dbAuth1._verifyUser(null, 'password') } catch (e) { @@ -2635,6 +2732,7 @@ describe('dbAuth', () => { it('throws a default error message if user is not found', async () => { delete options.login.errors.usernameNotFound const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._verifyUser('username', 'password') } catch (e) { @@ -2648,6 +2746,7 @@ describe('dbAuth', () => { it('throws a custom error message if user is not found', async () => { options.login.errors.usernameNotFound = 'Cannot find ${username}' const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._verifyUser('Alice', 'password') @@ -2663,6 +2762,7 @@ describe('dbAuth', () => { delete options.login.errors.incorrectPassword const dbUser = await createDbUser() const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._verifyUser(dbUser.email, 'incorrect') @@ -2678,6 +2778,7 @@ describe('dbAuth', () => { options.login.errors.incorrectPassword = 'Wrong password for ${username}' const dbUser = await createDbUser() const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._verifyUser(dbUser.email, 'incorrect') @@ -2693,6 +2794,7 @@ describe('dbAuth', () => { const dbUser = await createDbUser() // invalid db client const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() dbAuth.dbAccessor = undefined try { @@ -2707,6 +2809,7 @@ describe('dbAuth', () => { it('returns the user with matching username and password', async () => { const dbUser = await createDbUser() const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const user = await dbAuth._verifyUser(dbUser.email, 'password') expect(user.id).toEqual(dbUser.id) @@ -2720,6 +2823,7 @@ describe('dbAuth', () => { salt: '2ef27f4073c603ba8b7807c6de6d6a89', }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const user = await dbAuth._verifyUser(dbUser.email, 'password') expect(user.id).toEqual(dbUser.id) @@ -2733,6 +2837,7 @@ describe('dbAuth', () => { salt: '2ef27f4073c603ba8b7807c6de6d6a89', }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await dbAuth._verifyUser(dbUser.email, 'password') const user = await db.user.findFirst({ where: { id: dbUser.id } }) @@ -2748,6 +2853,7 @@ describe('dbAuth', () => { describe('_getCurrentUser()', () => { it('throw an error if user is not logged in', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._getCurrentUser() @@ -2770,6 +2876,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._getCurrentUser() @@ -2795,6 +2902,7 @@ describe('dbAuth', () => { // invalid db client const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() dbAuth.dbAccessor = undefined try { @@ -2820,6 +2928,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const user = await dbAuth._getCurrentUser() expect(user.id).toEqual(dbUser.id) @@ -2843,6 +2952,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -2870,6 +2980,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -2895,6 +3006,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() await dbAuth._createUser() expect(spy).toHaveBeenCalled() @@ -2924,6 +3036,7 @@ describe('dbAuth', () => { body, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -2955,6 +3068,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -2980,6 +3094,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -3004,6 +3119,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._createUser() } catch (e) { @@ -3027,6 +3143,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -3053,6 +3170,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() try { const user = await dbAuth._createUser() @@ -3074,6 +3192,7 @@ describe('dbAuth', () => { headers: {}, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(await dbAuth._getAuthMethod()).toEqual('logout') }) @@ -3086,6 +3205,7 @@ describe('dbAuth', () => { headers: {}, } const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(await dbAuth._getAuthMethod()).toEqual('signup') }) @@ -3097,14 +3217,16 @@ describe('dbAuth', () => { headers: {}, }) const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(await dbAuth._getAuthMethod()).toBeUndefined() }) }) describe('validateField', () => { - it('checks for the presence of a field', () => { + it('checks for the presence of a field', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(() => { dbAuth._validateField('username', null) @@ -3117,24 +3239,27 @@ describe('dbAuth', () => { }).toThrow(dbAuth.FieldRequiredError) }) - it('passes validation if everything is present', () => { + it('passes validation if everything is present', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() expect(dbAuth._validateField('username', 'cannikin')).toEqual(true) }) }) describe('logoutResponse', () => { - it('returns the response array necessary to log user out', () => { + it('returns the response array necessary to log user out', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const [body, headers] = dbAuth._logoutResponse() expect(body).toEqual('') expect(headers['set-cookie']).toMatch(/^session=;/) }) - it('can accept an object to return in the body', () => { + it('can accept an object to return in the body', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const [body, _headers] = dbAuth._logoutResponse({ error: 'error message', }) @@ -3144,29 +3269,33 @@ describe('dbAuth', () => { }) describe('ok', () => { - it('returns a 200 response by default', () => { + it('returns a 200 response by default', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = dbAuth._ok('', {}) expect(response.statusCode).toEqual(200) }) - it('can return other status codes', () => { + it('can return other status codes', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = dbAuth._ok('', {}, { statusCode: 201 }) expect(response.statusCode).toEqual(201) }) - it('stringifies a JSON body', () => { + it('stringifies a JSON body', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = dbAuth._ok({ foo: 'bar' }, {}, { statusCode: 201 }) expect(response.body).toEqual('{"foo":"bar"}') }) - it('does not stringify a body that is a string already', () => { + it('does not stringify a body that is a string already', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = dbAuth._ok('{"foo":"bar"}', {}, { statusCode: 201 }) expect(response.body).toEqual('{"foo":"bar"}') @@ -3174,8 +3303,9 @@ describe('dbAuth', () => { }) describe('_notFound', () => { - it('returns a 404 response', () => { + it('returns a 404 response', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = dbAuth._notFound() expect(response.statusCode).toEqual(404) @@ -3184,8 +3314,9 @@ describe('dbAuth', () => { }) describe('_badRequest', () => { - it('returns a 400 response', () => { + it('returns a 400 response', async () => { const dbAuth = new DbAuthHandler(req, context, options) + await dbAuth.init() const response = dbAuth._badRequest('bad') expect(response.statusCode).toEqual(400) diff --git a/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.test.js b/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.test.js index 1c4caeb537bc..fb1a0a6ba380 100644 --- a/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.test.js +++ b/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.test.js @@ -250,22 +250,25 @@ describe('dbAuth', () => { }) describe('dbAccessor', () => { - it('returns the prisma db accessor for a model', () => { + it('returns the prisma db accessor for a model', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(dbAuth.dbAccessor).toEqual(db.user) }) }) describe('dbCredentialAccessor', () => { - it('returns the prisma db accessor for a UserCredential model', () => { + it('returns the prisma db accessor for a UserCredential model', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(dbAuth.dbCredentialAccessor).toEqual(db.userCredential) }) }) describe('sessionExpiresDate', () => { - it('returns a date in the future as a UTCString', () => { + it('returns a date in the future as a UTCString', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const expiresAt = new Date() expiresAt.setSeconds(expiresAt.getSeconds() + options.login.expires) @@ -274,8 +277,9 @@ describe('dbAuth', () => { }) describe('webAuthnExpiresDate', () => { - it('returns a date in the future as a UTCString', () => { + it('returns a date in the future as a UTCString', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const expiresAt = new Date() expiresAt.setSeconds(expiresAt.getSeconds() + options.webAuthn.expires) @@ -284,8 +288,9 @@ describe('dbAuth', () => { }) describe('_deleteSessionHeader', () => { - it('returns a Set-Cookie header to delete the session cookie', () => { + it('returns a Set-Cookie header to delete the session cookie', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const headers = dbAuth._deleteSessionHeader expect(Object.keys(headers).length).toEqual(1) @@ -295,7 +300,7 @@ describe('dbAuth', () => { }) describe('constructor', () => { - it('initializes some variables with passed values', () => { + it('initializes some variables with passed values', async () => { event = { headers: {} } context = { foo: 'bar' } options = { @@ -315,6 +320,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(dbAuth.event).toEqual(event) expect(dbAuth.options).toEqual(options) @@ -524,7 +530,13 @@ describe('dbAuth', () => { }) it('parses an empty plain text body and still sets params', async () => { - event = { isBase64Encoded: false, headers: {}, body: '' } + event = { + isBase64Encoded: false, + headers: { + bazomga: 'yo', + }, + body: '', + } context = { foo: 'bar' } const dbAuth = new DbAuthHandler(event, context, options) await dbAuth.init() @@ -552,6 +564,7 @@ describe('dbAuth', () => { } const dbAuth = new DbAuthHandler(event, context, options) await dbAuth.init() + expect(dbAuth.normalizedRequest.jsonBody).toEqual({ foo: 'bar', baz: 123, @@ -592,15 +605,16 @@ describe('dbAuth', () => { ) }) - it('sets session variables to nothing if session cannot be decrypted', () => { + it('sets session variables to nothing if session cannot be decrypted', async () => { event = { headers: { 'csrf-token': 'qwerty' } } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(dbAuth.session).toBeUndefined() expect(dbAuth.sessionCsrfToken).toBeUndefined() }) - it('sets session variables to valid session data', () => { + it('sets session variables to valid session data', async () => { event = { headers: { cookie: @@ -608,6 +622,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(dbAuth.session).toEqual({ foo: 'bar' }) expect(dbAuth.sessionCsrfToken).toEqual('abcd') @@ -628,6 +643,7 @@ describe('dbAuth', () => { event.httpMethod = 'GET' event.headers.cookie = 'session=invalid' const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.invoke() expect(response.headers['set-cookie']).toEqual(LOGOUT_COOKIE) @@ -639,6 +655,7 @@ describe('dbAuth', () => { event.headers.cookie = 'session=ko6iXKV11DSjb6kFJ4iwcf1FEqa5wPpbL1sdtKiV51Y=|cQaYkOPG/r3ILxWiFiz90w==' const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.invoke() expect(response.statusCode).toEqual(404) @@ -650,6 +667,7 @@ describe('dbAuth', () => { event.headers.cookie = 'session=ko6iXKV11DSjb6kFJ4iwcf1FEqa5wPpbL1sdtKiV51Y=|cQaYkOPG/r3ILxWiFiz90w==' const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.invoke() expect(response.statusCode).toEqual(404) @@ -661,6 +679,7 @@ describe('dbAuth', () => { event.headers.cookie = 'session=ko6iXKV11DSjb6kFJ4iwcf1FEqa5wPpbL1sdtKiV51Y=|cQaYkOPG/r3ILxWiFiz90w==' const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() dbAuth.logout = jest.fn(() => { throw Error('Logout error') }) @@ -681,6 +700,8 @@ describe('dbAuth', () => { credentials: true, }, }) + await dbAuth.init() + dbAuth.logout = jest.fn(() => { throw Error('Logout error') }) @@ -699,6 +720,7 @@ describe('dbAuth', () => { event.headers.cookie = 'session=ko6iXKV11DSjb6kFJ4iwcf1FEqa5wPpbL1sdtKiV51Y=|cQaYkOPG/r3ILxWiFiz90w==' const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() dbAuth.logout = jest.fn(() => ['body', { foo: 'bar' }]) const response = await dbAuth.invoke() @@ -721,6 +743,7 @@ describe('dbAuth', () => { }) options.forgotPassword.enabled = false const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.forgotPassword() @@ -742,6 +765,7 @@ describe('dbAuth', () => { flowNotEnabled: 'Custom flow not enabled error', } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.forgotPassword() @@ -754,7 +778,8 @@ describe('dbAuth', () => { it('throws an error if username is blank', async () => { // missing completely event.body = JSON.stringify({}) - let dbAuth = new DbAuthHandler(event, context, options) + const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.forgotPassword() @@ -764,10 +789,10 @@ describe('dbAuth', () => { // empty string event.body = JSON.stringify({ username: ' ' }) - dbAuth = new DbAuthHandler(event, context, options) - + const dbAuth2 = new DbAuthHandler(event, context, options) + await dbAuth2.init() try { - await dbAuth.forgotPassword() + await dbAuth2.forgotPassword() } catch (e) { expect(e).toBeInstanceOf(dbAuthError.UsernameRequiredError) } @@ -781,6 +806,7 @@ describe('dbAuth', () => { username: 'notfound', }) let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.forgotPassword() @@ -797,6 +823,7 @@ describe('dbAuth', () => { username: user.email, }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(user.resetToken).toEqual(undefined) expect(user.resetTokenExpiresAt).toEqual(undefined) @@ -829,6 +856,7 @@ describe('dbAuth', () => { username: user.email, }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.forgotPassword() expectLoggedOutResponse(response) @@ -844,6 +872,7 @@ describe('dbAuth', () => { expect(token).toMatch(/^[A-Za-z0-9/+]{16}$/) } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await dbAuth.forgotPassword() expect.assertions(2) }) @@ -860,6 +889,7 @@ describe('dbAuth', () => { expect(token).toMatch(/^[A-Za-z0-9/+]{16}$/) } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await dbAuth.forgotPassword() expect.assertions(2) }) @@ -873,6 +903,7 @@ describe('dbAuth', () => { return handlerUser } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.forgotPassword() const jsonResponse = JSON.parse(response[0]) @@ -887,6 +918,7 @@ describe('dbAuth', () => { }) // invalid db client const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() dbAuth.dbAccessor = undefined try { @@ -908,6 +940,7 @@ describe('dbAuth', () => { }) options.login.enabled = false const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -929,6 +962,7 @@ describe('dbAuth', () => { flowNotEnabled: 'Custom flow not enabled error', } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -947,6 +981,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -964,6 +999,7 @@ describe('dbAuth', () => { password: 'incorrect', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -984,6 +1020,7 @@ describe('dbAuth', () => { throw new Error('Cannot log in') } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -1005,6 +1042,7 @@ describe('dbAuth', () => { return user } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await dbAuth.login() }) @@ -1018,6 +1056,7 @@ describe('dbAuth', () => { return null } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.login() } catch (e) { @@ -1037,6 +1076,7 @@ describe('dbAuth', () => { return { name: 'Rob' } } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.login() } catch (e) { @@ -1052,6 +1092,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.login() @@ -1065,6 +1106,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.login() expect(response[1]['csrf-token']).toMatch(UUID_REGEX) @@ -1077,6 +1119,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.login() @@ -1090,6 +1133,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.login() @@ -1110,6 +1154,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.login() @@ -1138,6 +1183,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await dbAuth.login() @@ -1152,6 +1198,7 @@ describe('dbAuth', () => { describe('logout', () => { it('returns set-cookie header for removing session', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = dbAuth.logout() expectLoggedOutResponse(response) @@ -1167,6 +1214,7 @@ describe('dbAuth', () => { }) options.resetPassword.enabled = false const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1188,6 +1236,7 @@ describe('dbAuth', () => { flowNotEnabled: 'Custom flow not enabled error', } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1200,7 +1249,7 @@ describe('dbAuth', () => { // missing completely event.body = JSON.stringify({}) let dbAuth = new DbAuthHandler(event, context, options) - + await dbAuth.init() try { await dbAuth.resetPassword() } catch (e) { @@ -1210,6 +1259,7 @@ describe('dbAuth', () => { // empty string event.body = JSON.stringify({ resetToken: ' ' }) dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1224,6 +1274,7 @@ describe('dbAuth', () => { // missing completely event.body = JSON.stringify({ resetToken: '1234' }) let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1234,6 +1285,7 @@ describe('dbAuth', () => { // empty string event.body = JSON.stringify({ resetToken: '1234', password: ' ' }) dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1247,6 +1299,7 @@ describe('dbAuth', () => { it('throws an error if no user found with resetToken', async () => { event.body = JSON.stringify({ resetToken: '1234', password: 'password' }) let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1268,6 +1321,7 @@ describe('dbAuth', () => { event.body = JSON.stringify({ resetToken: '1234', password: 'password1' }) let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1292,6 +1346,7 @@ describe('dbAuth', () => { password: 'password1', }) let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.resetPassword() @@ -1321,6 +1376,7 @@ describe('dbAuth', () => { }) options.resetPassword.allowReusedPassword = false let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await expect(dbAuth.resetPassword()).rejects.toThrow( dbAuthError.ReusedPasswordError @@ -1343,6 +1399,7 @@ describe('dbAuth', () => { }) options.resetPassword.allowReusedPassword = true let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await expect(dbAuth.resetPassword()).resolves.not.toThrow() }) @@ -1361,6 +1418,7 @@ describe('dbAuth', () => { password: 'new-password', }) let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await expect(dbAuth.resetPassword()).resolves.not.toThrow() @@ -1387,6 +1445,7 @@ describe('dbAuth', () => { password: 'new-password', }) let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await expect(dbAuth.resetPassword()).resolves.not.toThrow() @@ -1415,6 +1474,7 @@ describe('dbAuth', () => { expect(handlerUser.id).toEqual(user.id) } let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await dbAuth.resetPassword() expect.assertions(1) @@ -1435,6 +1495,7 @@ describe('dbAuth', () => { }) options.resetPassword.handler = () => false let dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.resetPassword() @@ -1456,7 +1517,7 @@ describe('dbAuth', () => { }) options.resetPassword.handler = () => true let dbAuth = new DbAuthHandler(event, context, options) - + await dbAuth.init() const response = await dbAuth.resetPassword() expectLoggedInResponse(response) @@ -1474,6 +1535,7 @@ describe('dbAuth', () => { throw Error('Cannot signup') } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect.assertions(1) await expect(dbAuth.signup()).rejects.toThrow('Cannot signup') @@ -1487,6 +1549,7 @@ describe('dbAuth', () => { }) options.signup.enabled = false const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.signup() @@ -1508,6 +1571,7 @@ describe('dbAuth', () => { flowNotEnabled: 'Custom flow not enabled error', } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.signup() @@ -1529,6 +1593,7 @@ describe('dbAuth', () => { } } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.signup() @@ -1550,6 +1615,7 @@ describe('dbAuth', () => { } } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(() => dbAuth.signup()).not.toThrow() }) @@ -1562,6 +1628,7 @@ describe('dbAuth', () => { }) delete options.signup.passwordValidation const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(() => dbAuth.signup()).not.toThrow() }) @@ -1574,6 +1641,7 @@ describe('dbAuth', () => { }) const oldUserCount = await db.user.count() const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.signup() const newUserCount = await db.user.count() @@ -1596,6 +1664,7 @@ describe('dbAuth', () => { return 'Hello, world' } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.signup() @@ -1621,6 +1690,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.getToken() expect(response[0]).toEqual(user.id) @@ -1628,6 +1698,7 @@ describe('dbAuth', () => { it('returns nothing if user is not logged in', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.getToken() expect(response[0]).toEqual('') @@ -1643,6 +1714,7 @@ describe('dbAuth', () => { } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.getToken() expect(response[0]).toEqual('{"error":"User not found"}') @@ -1660,6 +1732,7 @@ describe('dbAuth', () => { 'QKxN2vFSHAf94XYynK8LUALfDuDSdFowG6evfkFX8uszh4YZqhTiqEdshrhWbwbw' const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const [userId, headers] = await dbAuth.getToken() expect(userId).toEqual(7) @@ -1698,6 +1771,7 @@ describe('dbAuth', () => { }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const user = await dbAuth._getCurrentUser() expect(user.id).toEqual(dbUser.id) }) @@ -1724,6 +1798,7 @@ describe('dbAuth', () => { // should read session from graphiQL header, not from cookie const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const user = await dbAuth._getCurrentUser() expect(user.id).toEqual(dbUserId) }) @@ -1746,6 +1821,7 @@ describe('dbAuth', () => { try { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await dbAuth._getCurrentUser() } catch (e) { expect(e.message).toEqual( @@ -1777,6 +1853,7 @@ describe('dbAuth', () => { } options.webAuthn.enabled = false const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect.assertions(1) await expect(dbAuth.webAuthnAuthenticate()).rejects.toThrow( @@ -1790,6 +1867,7 @@ describe('dbAuth', () => { body: '{"method":"webAuthnAuthenticate","id":"CxMJqILwYufSaEQsJX6rKHw_LkMXAGU64PaKU55l6ejZ4FNO5kBLiA","rawId":"CxMJqILwYufSaEQsJX6rKHw_LkMXAGU64PaKU55l6ejZ4FNO5kBLiA","response":{"authenticatorData":"SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAAAA","clientDataJSON":"eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiTHRnV3BoWUtfZU41clhjX0hkdlVMdk9xcFBXeW9SdmJtbDJQbzAwVUhhZyIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODkxMCIsImNyb3NzT3JpZ2luIjpmYWxzZSwib3RoZXJfa2V5c19jYW5fYmVfYWRkZWRfaGVyZSI6ImRvIG5vdCBjb21wYXJlIGNsaWVudERhdGFKU09OIGFnYWluc3QgYSB0ZW1wbGF0ZS4gU2VlIGh0dHBzOi8vZ29vLmdsL3lhYlBleCJ9","signature":"MEUCIQD3NOM7Aw0HxPw6EFGf86iwf2yd3p4NncNNLcjd-86zgwIgHuh80bLNV7EcwBi4IAcH57iueLg0X2gLtO5_Y6PMCFE","userHandle":"2"},"type":"public-key","clientExtensionResults":{}}', } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect.assertions(1) await expect(dbAuth.webAuthnAuthenticate()).rejects.toThrow( @@ -1814,6 +1892,7 @@ describe('dbAuth', () => { body: '{"method":"webAuthnAuthenticate","id":"CxMJqILwYufSaEQsJX6rKHw_LkMXAGU64PaKU55l6ejZ4FNO5kBLiA","rawId":"CxMJqILwYufSaEQsJX6rKHw_LkMXAGU64PaKU55l6ejZ4FNO5kBLiA","response":{"authenticatorData":"SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAAAA","clientDataJSON":"eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiTHRnV3BoWUtfZU41clhjX0hkdlVMdk9xcFBXeW9SdmJtbDJQbzAwVUhhZyIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODkxMCIsImNyb3NzT3JpZ2luIjpmYWxzZSwib3RoZXJfa2V5c19jYW5fYmVfYWRkZWRfaGVyZSI6ImRvIG5vdCBjb21wYXJlIGNsaWVudERhdGFKU09OIGFnYWluc3QgYSB0ZW1wbGF0ZS4gU2VlIGh0dHBzOi8vZ29vLmdsL3lhYlBleCJ9","signature":"MEUCIQD3NOM7Aw0HxPw6EFGf86iwf2yd3p4NncNNLcjd-86zgwIgHuh80bLNV7EcwBi4IAcH57iueLg0X2gLtO5_Y6PMCFE","userHandle":"2"},"type":"public-key","clientExtensionResults":{}}', } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect.assertions(1) await expect(dbAuth.webAuthnAuthenticate()).rejects.toThrow( @@ -1838,6 +1917,7 @@ describe('dbAuth', () => { body: '{"method":"webAuthnAuthenticate","id":"CxMJqILwYufSaEQsJX6rKHw_LkMXAGU64PaKU55l6ejZ4FNO5kBLiA","rawId":"CxMJqILwYufSaEQsJX6rKHw_LkMXAGU64PaKU55l6ejZ4FNO5kBLiA","response":{"authenticatorData":"SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAAAA","clientDataJSON":"eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiTHRnV3BoWUtfZU41clhjX0hkdlVMdk9xcFBXeW9SdmJtbDJQbzAwVUhhZyIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODkxMCIsImNyb3NzT3JpZ2luIjpmYWxzZSwib3RoZXJfa2V5c19jYW5fYmVfYWRkZWRfaGVyZSI6ImRvIG5vdCBjb21wYXJlIGNsaWVudERhdGFKU09OIGFnYWluc3QgYSB0ZW1wbGF0ZS4gU2VlIGh0dHBzOi8vZ29vLmdsL3lhYlBleCJ9","signature":"MEUCIQD3NOM7Aw0HxPw6EFGf86iwf2yd3p4NncNNLcjd-86zgwIgHuh80bLNV7EcwBi4IAcH57iueLg0X2gLtO5_Y6PMCFE","userHandle":"2"},"type":"public-key","clientExtensionResults":{}}', } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect.assertions(1) try { @@ -1874,6 +1954,7 @@ describe('dbAuth', () => { body: '{"method":"webAuthnAuthenticate","id":"CxMJqILwYufSaEQsJX6rKHw_LkMXAGU64PaKU55l6ejZ4FNO5kBLiA","rawId":"CxMJqILwYufSaEQsJX6rKHw_LkMXAGU64PaKU55l6ejZ4FNO5kBLiA","response":{"authenticatorData":"SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAAAA","clientDataJSON":"eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiTHRnV3BoWUtfZU41clhjX0hkdlVMdk9xcFBXeW9SdmJtbDJQbzAwVUhhZyIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODkxMCIsImNyb3NzT3JpZ2luIjpmYWxzZSwib3RoZXJfa2V5c19jYW5fYmVfYWRkZWRfaGVyZSI6ImRvIG5vdCBjb21wYXJlIGNsaWVudERhdGFKU09OIGFnYWluc3QgYSB0ZW1wbGF0ZS4gU2VlIGh0dHBzOi8vZ29vLmdsL3lhYlBleCJ9","signature":"MEUCIQD3NOM7Aw0HxPw6EFGf86iwf2yd3p4NncNNLcjd-86zgwIgHuh80bLNV7EcwBi4IAcH57iueLg0X2gLtO5_Y6PMCFE","userHandle":"2"},"type":"public-key","clientExtensionResults":{}}', } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const [body, headers] = await dbAuth.webAuthnAuthenticate() @@ -1890,6 +1971,7 @@ describe('dbAuth', () => { headers: {}, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.webAuthnAuthOptions() @@ -1905,6 +1987,7 @@ describe('dbAuth', () => { } options.webAuthn.enabled = false const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.webAuthnAuthOptions() @@ -1924,6 +2007,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.webAuthnAuthOptions() const regOptions = response[0] @@ -1951,6 +2035,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.webAuthnAuthOptions() const regOptions = response[0] @@ -1971,6 +2056,7 @@ describe('dbAuth', () => { headers: {}, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.webAuthnRegOptions() @@ -1986,6 +2072,7 @@ describe('dbAuth', () => { } options.webAuthn.enabled = false const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth.webAuthnRegOptions() @@ -2005,6 +2092,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.webAuthnRegOptions() const regOptions = response[0] @@ -2032,6 +2120,7 @@ describe('dbAuth', () => { } options.webAuthn.timeout = null const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.webAuthnRegOptions() expect(response[0].timeout).toEqual(60000) @@ -2047,6 +2136,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = await dbAuth.webAuthnRegOptions() user = await db.user.findFirst({ where: { id: user.id } }) @@ -2069,6 +2159,7 @@ describe('dbAuth', () => { body: '{"method":"webAuthnRegister","id":"GqjZOuYYppObBDeVknbrcBLkaa9imS5EJJwtCV740asUz24sdAmGFg","rawId":"GqjZOuYYppObBDeVknbrcBLkaa9imS5EJJwtCV740asUz24sdAmGFg","response":{"attestationObject":"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVisSZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2NFAAAAAK3OAAI1vMYKZIsLJfHwVQMAKBqo2TrmGKaTmwQ3lZJ263AS5GmvYpkuRCScLQle-NGrFM9uLHQJhhalAQIDJiABIVggGIipTQt-gcoDPOpW6Zje_Av9C0-jWb2R2PBmXJJL-c8iWCC76wxo3uzG8cPqb0A8Vij-dqMbrEytEHjuFOtiQ2dt8A","clientDataJSON":"eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiSHVHUHJRcUs3ZjUzTkx3TVpNc3RfREw5RGlnMkJCaXZEWVdXcGF3SVBWTSIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODkxMCIsImNyb3NzT3JpZ2luIjpmYWxzZSwib3RoZXJfa2V5c19jYW5fYmVfYWRkZWRfaGVyZSI6ImRvIG5vdCBjb21wYXJlIGNsaWVudERhdGFKU09OIGFnYWluc3QgYSB0ZW1wbGF0ZS4gU2VlIGh0dHBzOi8vZ29vLmdsL3lhYlBleCJ9"},"type":"public-key","clientExtensionResults":{},"transports":["internal"]}', } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await dbAuth.webAuthnRegister() @@ -2100,6 +2191,7 @@ describe('dbAuth', () => { ), } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await dbAuth.webAuthnRegister() @@ -2136,14 +2228,16 @@ describe('dbAuth', () => { }) describe('_webAuthnCookie', () => { - it('returns the parts needed for the webAuthn cookie, defaulted to future expire', () => { + it('returns the parts needed for the webAuthn cookie, defaulted to future expire', async () => { const dbAuth = new DbAuthHandler({ headers: {} }, context, options) + await dbAuth.init() expect(dbAuth._webAuthnCookie('1234')).toMatch('webAuthn=1234;Expires=') }) - it('returns the parts needed for the expire the webAuthn cookie', () => { + it('returns the parts needed for the expire the webAuthn cookie', async () => { const dbAuth = new DbAuthHandler({ headers: {} }, context, options) + await dbAuth.init() expect(dbAuth._webAuthnCookie('1234', 'now')).toMatch( 'webAuthn=1234;Expires=Thu, 01 Jan 1970 00:00:00 GMT' @@ -2169,6 +2263,7 @@ describe('dbAuth', () => { }, } ) + const attributes = dbAuth._cookieAttributes({}) expect(attributes.length).toEqual(6) @@ -2232,8 +2327,9 @@ describe('dbAuth', () => { }) describe('_createSessionHeader()', () => { - it('returns a Set-Cookie header', () => { + it('returns a Set-Cookie header', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const headers = dbAuth._createSessionHeader({ foo: 'bar' }, 'abcd') expect(Object.keys(headers).length).toEqual(1) @@ -2260,13 +2356,14 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const output = await dbAuth._validateCsrf() expect(output).toEqual(true) }) - it('throws an error if session and header token do not match', () => { + it('throws an error if session and header token do not match', async () => { const data = { foo: 'bar' } const token = 'abcd' event = { @@ -2276,6 +2373,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(async () => { await dbAuth._validateCsrf() @@ -2286,6 +2384,7 @@ describe('dbAuth', () => { describe('_verifyUser()', () => { it('throws an error if username is missing', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._verifyUser(null, 'password') @@ -2307,6 +2406,7 @@ describe('dbAuth', () => { it('throws an error if password is missing', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._verifyUser('username') @@ -2340,6 +2440,7 @@ describe('dbAuth', () => { const defaultMessage = options.login.errors.usernameOrPasswordMissing delete options.login.errors.usernameOrPasswordMissing const dbAuth1 = new DbAuthHandler(event, context, options) + await dbAuth1.init() try { await dbAuth1._verifyUser(null, 'password') } catch (e) { @@ -2362,6 +2463,7 @@ describe('dbAuth', () => { it('throws a default error message if user is not found', async () => { delete options.login.errors.usernameNotFound const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._verifyUser('username', 'password') } catch (e) { @@ -2375,6 +2477,7 @@ describe('dbAuth', () => { it('throws a custom error message if user is not found', async () => { options.login.errors.usernameNotFound = 'Cannot find ${username}' const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._verifyUser('Alice', 'password') @@ -2390,6 +2493,7 @@ describe('dbAuth', () => { delete options.login.errors.incorrectPassword const dbUser = await createDbUser() const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._verifyUser(dbUser.email, 'incorrect') @@ -2405,6 +2509,7 @@ describe('dbAuth', () => { options.login.errors.incorrectPassword = 'Wrong password for ${username}' const dbUser = await createDbUser() const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._verifyUser(dbUser.email, 'incorrect') @@ -2420,6 +2525,7 @@ describe('dbAuth', () => { const dbUser = await createDbUser() // invalid db client const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() dbAuth.dbAccessor = undefined try { @@ -2434,6 +2540,7 @@ describe('dbAuth', () => { it('returns the user with matching username and password', async () => { const dbUser = await createDbUser() const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const user = await dbAuth._verifyUser(dbUser.email, 'password') expect(user.id).toEqual(dbUser.id) @@ -2447,6 +2554,7 @@ describe('dbAuth', () => { salt: '2ef27f4073c603ba8b7807c6de6d6a89', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const user = await dbAuth._verifyUser(dbUser.email, 'password') expect(user.id).toEqual(dbUser.id) @@ -2460,6 +2568,7 @@ describe('dbAuth', () => { salt: '2ef27f4073c603ba8b7807c6de6d6a89', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await dbAuth._verifyUser(dbUser.email, 'password') const user = await db.user.findFirst({ where: { id: dbUser.id } }) @@ -2475,6 +2584,7 @@ describe('dbAuth', () => { describe('_getCurrentUser()', () => { it('throw an error if user is not logged in', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._getCurrentUser() @@ -2493,6 +2603,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._getCurrentUser() @@ -2514,6 +2625,7 @@ describe('dbAuth', () => { } // invalid db client const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() dbAuth.dbAccessor = undefined try { @@ -2535,6 +2647,7 @@ describe('dbAuth', () => { }, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const user = await dbAuth._getCurrentUser() expect(user.id).toEqual(dbUser.id) @@ -2551,6 +2664,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -2572,6 +2686,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -2593,6 +2708,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() await dbAuth._createUser() expect(spy).toHaveBeenCalled() @@ -2617,6 +2733,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -2642,6 +2759,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -2661,6 +2779,7 @@ describe('dbAuth', () => { password: 'password', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -2679,6 +2798,7 @@ describe('dbAuth', () => { username: 'user@redwdoodjs.com', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._createUser() } catch (e) { @@ -2697,6 +2817,7 @@ describe('dbAuth', () => { username: 'user@redwdoodjs.com', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { await dbAuth._createUser() @@ -2716,6 +2837,7 @@ describe('dbAuth', () => { name: 'Rob', }) const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() try { const user = await dbAuth._createUser() @@ -2738,6 +2860,7 @@ describe('dbAuth', () => { headers: {}, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const method = await dbAuth._getAuthMethod() expect(method).toEqual('logout') }) @@ -2750,6 +2873,7 @@ describe('dbAuth', () => { headers: {}, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const method = await dbAuth._getAuthMethod() expect(method).toEqual('signup') @@ -2763,6 +2887,7 @@ describe('dbAuth', () => { headers: {}, } const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const method = await dbAuth._getAuthMethod() expect(method).toBeUndefined() @@ -2770,8 +2895,9 @@ describe('dbAuth', () => { }) describe('validateField', () => { - it('checks for the presence of a field', () => { + it('checks for the presence of a field', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(() => { dbAuth._validateField('username', null) @@ -2784,24 +2910,27 @@ describe('dbAuth', () => { }).toThrow(dbAuth.FieldRequiredError) }) - it('passes validation if everything is present', () => { + it('passes validation if everything is present', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() expect(dbAuth._validateField('username', 'cannikin')).toEqual(true) }) }) describe('logoutResponse', () => { - it('returns the response array necessary to log user out', () => { + it('returns the response array necessary to log user out', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const [body, headers] = dbAuth._logoutResponse() expect(body).toEqual('') expect(headers['set-cookie']).toMatch(/^session=;/) }) - it('can accept an object to return in the body', () => { + it('can accept an object to return in the body', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const [body, _headers] = dbAuth._logoutResponse({ error: 'error message', }) @@ -2811,29 +2940,33 @@ describe('dbAuth', () => { }) describe('ok', () => { - it('returns a 200 response by default', () => { + it('returns a 200 response by default', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = dbAuth._ok('', {}) expect(response.statusCode).toEqual(200) }) - it('can return other status codes', () => { + it('can return other status codes', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = dbAuth._ok('', {}, { statusCode: 201 }) expect(response.statusCode).toEqual(201) }) - it('stringifies a JSON body', () => { + it('stringifies a JSON body', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = dbAuth._ok({ foo: 'bar' }, {}, { statusCode: 201 }) expect(response.body).toEqual('{"foo":"bar"}') }) - it('does not stringify a body that is a string already', () => { + it('does not stringify a body that is a string already', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = dbAuth._ok('{"foo":"bar"}', {}, { statusCode: 201 }) expect(response.body).toEqual('{"foo":"bar"}') @@ -2841,8 +2974,9 @@ describe('dbAuth', () => { }) describe('_notFound', () => { - it('returns a 404 response', () => { + it('returns a 404 response', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = dbAuth._notFound() expect(response.statusCode).toEqual(404) @@ -2851,8 +2985,9 @@ describe('dbAuth', () => { }) describe('_badRequest', () => { - it('returns a 400 response', () => { + it('returns a 400 response', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const response = dbAuth._badRequest('bad') expect(response.statusCode).toEqual(400) @@ -2861,8 +2996,9 @@ describe('dbAuth', () => { }) describe('_sanitizeUser', () => { - it('removes all but the default fields [id, email] on user', () => { + it('removes all but the default fields [id, email] on user', async () => { const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const user = { id: 1, email: 'rob@redwoodjs.com', @@ -2874,9 +3010,10 @@ describe('dbAuth', () => { expect(dbAuth._sanitizeUser(user).secret).toBeUndefined() }) - it('removes any fields not explictly allowed in allowedUserFields', () => { + it('removes any fields not explictly allowed in allowedUserFields', async () => { options.allowedUserFields = ['foo'] const dbAuth = new DbAuthHandler(event, context, options) + await dbAuth.init() const user = { id: 1, email: 'rob@redwoodjs.com',