diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 6cab366..5e48d4e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,8 +1,12 @@ version: 2 updates: + - package-ecosystem: github-actions + directory: '/' + schedule: + interval: daily + open-pull-requests-limit: 10 - package-ecosystem: npm directory: '/' schedule: interval: daily open-pull-requests-limit: 10 - diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8680add..84d234b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,5 +1,13 @@ name: CI -on: [push, pull_request] +on: + push: + paths-ignore: + - 'docs/**' + - '*.md' + pull_request: + paths-ignore: + - 'docs/**' + - '*.md' jobs: test: name: ${{ matrix.node-version }} ${{ matrix.os }} @@ -15,10 +23,26 @@ jobs: uses: actions/setup-node@v1 with: node-version: ${{ matrix.node-version }} - - name: Install - run: npm i + - name: Install Dependencies + run: npm install --ignore-scripts - name: Tests - run: npm test + run: npm run test:ci + - name: Coveralls Parallel + uses: coverallsapp/github-action@v1.1.2 + with: + github-token: ${{ secrets.github_token }} + parallel: true + flag-name: run-${{ matrix.node-version }}-${{ matrix.os }} + + coverage: + needs: test + runs-on: ubuntu-latest + steps: + - name: Coveralls Finished + uses: coverallsapp/github-action@v1.1.2 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + parallel-finished: true automerge: needs: test diff --git a/README.md b/README.md index 4d25b88..2883068 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,10 @@ # fastify-auth ![CI](https://github.com/fastify/fastify-auth/workflows/CI/badge.svg) -[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](http://standardjs.com/) +[![NPM version](https://img.shields.io/npm/v/fastify-auth.svg?style=flat)](https://www.npmjs.com/package/fastify-auth) +[![Known Vulnerabilities](https://snyk.io/test/github/fastify/fastify-auth/badge.svg)](https://snyk.io/test/github/fastify/fastify-auth) +[![Coverage Status](https://coveralls.io/repos/github/fastify/fastify-auth/badge.svg?branch=master)](https://coveralls.io/github/fastify/fastify-auth?branch=master) +[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](https://standardjs.com/) This module does not provide an authentication strategy, but it provides a very fast utility to handle authentication (also multiple strategies) in your routes, without adding overhead. Check out the complete example [here](https://github.com/fastify/fastify-auth/blob/master/example.js). diff --git a/auth.js b/auth.js index d22bd25..6f6bf73 100644 --- a/auth.js +++ b/auth.js @@ -28,14 +28,15 @@ function auth (functions, opts) { throw new Error('The value of options.run must be \'all\'') } + /* eslint-disable-next-line no-var */ for (var i = 0; i < functions.length; i++) { functions[i] = functions[i].bind(this) } - var instance = reusify(Auth) + const instance = reusify(Auth) function _auth (request, reply, done) { - var obj = instance.get() + const obj = instance.get() obj.request = request obj.reply = reply @@ -62,17 +63,17 @@ function auth (functions, opts) { this.done = null this.firstResult = null - var that = this + const that = this this.nextAuth = function nextAuth (err) { - var func = that.functions[that.i++] + const func = that.functions[that.i++] if (!func) { that.completeAuth(err) return } - var maybePromise = func(that.request, that.reply, that.onAuth) + const maybePromise = func(that.request, that.reply, that.onAuth) if (maybePromise && typeof maybePromise.then === 'function') { maybePromise.then(results => that.onAuth(null, results), that.onAuth) diff --git a/package.json b/package.json index ffeed10..bbf71d2 100644 --- a/package.json +++ b/package.json @@ -10,10 +10,11 @@ "types": "auth.d.ts", "scripts": { "clean": "rimraf authdb", - "test": "npm run test:unit && npm run test:typescript", "standard": "standard", - "test:unit": "tap -J ./test/*.test.js", - "test:typescript": "tsd" + "test": "npm run test:unit && npm run test:typescript", + "test:ci": "standard && tap -J ./test/*.test.js --coverage-report=lcovonly && npm run test:typescript", + "test:typescript": "tsd", + "test:unit": "tap -J ./test/*.test.js" }, "keywords": [ "fastify", diff --git a/test/example-async.test.js b/test/example-async.test.js index 0010fb9..9d1abba 100644 --- a/test/example-async.test.js +++ b/test/example-async.test.js @@ -5,8 +5,8 @@ const test = t.test const rimraf = require('rimraf') const build = require('../example-async') -var fastify = null -var token = null +let fastify = null +let token = null t.tearDown(() => { fastify.close() @@ -31,7 +31,7 @@ test('Route without auth', t => { url: '/no-auth' }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -45,7 +45,7 @@ test('Missing header', t => { headers: {} }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'Missing token header', @@ -66,7 +66,7 @@ test('Register user', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.equal(res.statusCode, 200) token = payload.token t.is(typeof payload.token, 'string') @@ -84,7 +84,7 @@ test('Auth succesful', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -101,7 +101,7 @@ test('Auth succesful (multiple)', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -117,7 +117,7 @@ test('Auth not succesful', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'Token not valid', @@ -138,7 +138,7 @@ test('Auth not succesful (multiple)', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'Password not valid', @@ -160,7 +160,7 @@ test('Failure with explicit reply', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.equal(res.statusCode, 401) t.deepEqual(payload, { error: 'Unauthorized' }) }) diff --git a/test/example-composited.test.js b/test/example-composited.test.js index 68e7266..2113c8f 100644 --- a/test/example-composited.test.js +++ b/test/example-composited.test.js @@ -4,7 +4,7 @@ const t = require('tap') const test = t.test const build = require('../example-composited') -var fastify = null +let fastify = null t.tearDown(() => { fastify.close() @@ -27,7 +27,7 @@ test('And Relation sucess for single case', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -43,7 +43,7 @@ test('And Relation failed for single case', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: '`n` is not odd', @@ -63,7 +63,7 @@ test('Or Relation sucess for single case', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -79,7 +79,7 @@ test('Or Relation failed for single case', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: '`n` is not odd', @@ -99,7 +99,7 @@ test('And Relation failed for first check', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'type of `n` is not `number`', @@ -119,7 +119,7 @@ test('And Relation failed for first check', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'type of `n` is not `number`', @@ -139,7 +139,7 @@ test('And Relation failed for second check', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: '`n` is not odd', @@ -159,7 +159,7 @@ test('And Relation success', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) t.equal(res.statusCode, 200) }) @@ -176,7 +176,7 @@ test('Or Relation success under first case', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) t.equal(res.statusCode, 200) }) @@ -193,7 +193,7 @@ test('Or Relation success under second case', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) t.equal(res.statusCode, 200) }) @@ -210,7 +210,7 @@ test('Or Relation failed for both case', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: '`n` is not big', @@ -242,7 +242,7 @@ test('Check run all line fail with AND', t => { fastify.inject('/run-all-pipe', (err, res) => { t.error(err) t.equals(res.statusCode, 401) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'second', @@ -274,7 +274,7 @@ test('Check run all line with AND', t => { fastify.inject('/run-all-pipe', (err, res) => { t.error(err) t.equals(res.statusCode, 200) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -302,7 +302,7 @@ test('Check run all line with OR', t => { fastify.inject('/run-all-pipe', (err, res) => { t.error(err) t.equals(res.statusCode, 200) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -330,7 +330,7 @@ test('Check run all fail line with OR', t => { fastify.inject('/run-all-pipe', (err, res) => { t.error(err) t.equals(res.statusCode, 401) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'quinto', @@ -359,7 +359,7 @@ test('Ignore last status', t => { fastify.inject('/run-all-status', (err, res) => { t.error(err) t.equals(res.statusCode, 200) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -375,7 +375,7 @@ test('Or Relation run all', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { odd: true, big: false, @@ -395,7 +395,7 @@ test('Or Relation run all fail', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'type of `n` is not `number`', @@ -415,7 +415,7 @@ test('And Relation run all', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { odd: true, big: true, @@ -444,7 +444,7 @@ test('Clean status code settle by user', t => { fastify.inject('/run-all-status', (err, res) => { t.error(err) t.equals(res.statusCode, 200) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) diff --git a/test/example.test.js b/test/example.test.js index 1a7aab8..071c82b 100644 --- a/test/example.test.js +++ b/test/example.test.js @@ -5,8 +5,8 @@ const test = t.test const rimraf = require('rimraf') const build = require('../example') -var fastify = null -var token = null +let fastify = null +let token = null t.tearDown(() => { fastify.close() @@ -31,7 +31,7 @@ test('Route without auth', t => { url: '/no-auth' }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -45,7 +45,7 @@ test('Missing header', t => { headers: {} }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'Missing token header', @@ -66,7 +66,7 @@ test('Register user', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.equal(res.statusCode, 200) token = payload.token t.is(typeof payload.token, 'string') @@ -84,7 +84,7 @@ test('Auth succesful', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -100,7 +100,7 @@ test('Auth not succesful', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'Token not valid', @@ -121,7 +121,7 @@ test('Auth succesful (multiple)', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { hello: 'world' }) }) }) @@ -138,7 +138,7 @@ test('Auth not succesful (multiple)', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.deepEqual(payload, { error: 'Unauthorized', message: 'Password not valid', @@ -160,7 +160,7 @@ test('Failure with explicit reply', t => { } }, (err, res) => { t.error(err) - var payload = JSON.parse(res.payload) + const payload = JSON.parse(res.payload) t.equal(res.statusCode, 401) t.deepEqual(payload, { error: 'Unauthorized' }) })