brendan/nanodrop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8d5e5c8a4d4e00b2fdb2ff30f1659d433af54643
nanodrop/tests/integration/pages.test.ts
Brendan Chen 8fd1464b9d Add server, routes, views, CLI, CSS, and integration tests 
- Server factory with Fastify plugins (JWT, cookie, multipart, formbody, static)
- Auth middleware: requireAuth preHandler (401 for API, redirect for pages)
- Auth API routes: POST /api/v1/auth/login, POST /api/v1/auth/logout
- File API routes: GET/POST /api/v1/files, DELETE /api/v1/files/:id
- Page routes: /, /login, /logout, /upload, /files, /files/:id/delete, /f/:id, /f/:id/raw
- HTML views: layout, login, upload, file-list, file-view, not-found
- CLI register-user script
- public/style.css dark theme
- Test helpers: createTestApp, loginAs, buildMultipart
- Integration tests for auth API, file API, and page routes (51 tests passing)
- Update CLAUDE.md with red/green TDD and commit instructions

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-03 15:55:14 -08:00

165 lines
5.4 KiB
TypeScript
Raw Blame History

import { describe, it, expect, beforeEach, afterEach } from 'vitest';
import { createTestApp, type TestContext, loginAs, buildMultipart } from '../helpers/setup.ts';
import { createUser } from '../../src/db/users.ts';
import { hashPassword } from '../../src/services/auth.ts';
async function setup() {
const ctx = createTestApp();
const hash = await hashPassword('secret');
createUser(ctx.db, { username: 'alice', passwordHash: hash });
return ctx;
}
describe('GET /', () => {
let ctx: TestContext;
beforeEach(async () => { ctx = await setup(); });
afterEach(async () => { await ctx.app.close(); ctx.cleanup(); });
it('shows login page when unauthenticated', async () => {
const res = await ctx.app.inject({ method: 'GET', url: '/' });
expect(res.statusCode).toBe(200);
expect(res.headers['content-type']).toMatch(/text\/html/);
expect(res.body).toContain('Sign in');
});
it('redirects to /upload when authenticated', async () => {
const token = await loginAs(ctx.app, 'alice', 'secret');
const res = await ctx.app.inject({ method: 'GET', url: '/', cookies: { token } });
expect(res.statusCode).toBe(302);
expect(res.headers['location']).toBe('/upload');
});
});
describe('POST /login (page)', () => {
let ctx: TestContext;
beforeEach(async () => { ctx = await setup(); });
afterEach(async () => { await ctx.app.close(); ctx.cleanup(); });
it('redirects to /upload on valid credentials', async () => {
const res = await ctx.app.inject({
method: 'POST',
url: '/login',
headers: { 'content-type': 'application/x-www-form-urlencoded' },
payload: 'username=alice&password=secret',
});
expect(res.statusCode).toBe(302);
expect(res.headers['location']).toBe('/upload');
expect(res.headers['set-cookie']).toMatch(/token=/);
});
it('shows login page with error on invalid credentials', async () => {
const res = await ctx.app.inject({
method: 'POST',
url: '/login',
headers: { 'content-type': 'application/x-www-form-urlencoded' },
payload: 'username=alice&password=wrong',
});
expect(res.statusCode).toBe(200);
expect(res.body).toContain('Invalid');
});
});
describe('GET /upload + POST /upload', () => {
let ctx: TestContext;
let token: string;
beforeEach(async () => {
ctx = await setup();
token = await loginAs(ctx.app, 'alice', 'secret');
});
afterEach(async () => { await ctx.app.close(); ctx.cleanup(); });
it('shows upload form', async () => {
const res = await ctx.app.inject({ method: 'GET', url: '/upload', cookies: { token } });
expect(res.statusCode).toBe(200);
expect(res.body).toContain('Upload');
});
it('redirects to / when not authenticated', async () => {
const res = await ctx.app.inject({ method: 'GET', url: '/upload' });
expect(res.statusCode).toBe(302);
expect(res.headers['location']).toBe('/');
});
it('shows result page after upload', async () => {
const res = await ctx.app.inject({
method: 'POST',
url: '/upload',
cookies: { token },
...buildMultipart({ file: { filename: 'doc.txt', contentType: 'text/plain', data: Buffer.from('content') } }),
});
expect(res.statusCode).toBe(200);
expect(res.body).toContain('doc.txt');
expect(res.body).toContain('/f/');
});
});
describe('GET /f/:id and GET /f/:id/raw', () => {
let ctx: TestContext;
let fileId: string;
beforeEach(async () => {
ctx = await setup();
const token = await loginAs(ctx.app, 'alice', 'secret');
const uploadRes = await ctx.app.inject({
method: 'POST',
url: '/upload',
cookies: { token },
...buildMultipart({ file: { filename: 'hello.txt', contentType: 'text/plain', data: Buffer.from('hello!') } }),
});
// Extract file id from response body
const match = uploadRes.body.match(/\/f\/([^/"]+)/);
fileId = match?.[1] ?? '';
});
afterEach(async () => { await ctx.app.close(); ctx.cleanup(); });
it('shows file view page', async () => {
const res = await ctx.app.inject({ method: 'GET', url: `/f/${fileId}` });
expect(res.statusCode).toBe(200);
expect(res.body).toContain('hello.txt');
});
it('serves raw file', async () => {
const res = await ctx.app.inject({ method: 'GET', url: `/f/${fileId}/raw` });
expect(res.statusCode).toBe(200);
expect(res.body).toBe('hello!');
});
it('returns 404 for unknown file', async () => {
const res = await ctx.app.inject({ method: 'GET', url: '/f/doesnotexist' });
expect(res.statusCode).toBe(404);
});
});
describe('POST /files/:id/delete', () => {
let ctx: TestContext;
let token: string;
let fileId: string;
beforeEach(async () => {
ctx = await setup();
token = await loginAs(ctx.app, 'alice', 'secret');
const uploadRes = await ctx.app.inject({
method: 'POST',
url: '/upload',
cookies: { token },
...buildMultipart({ file: { filename: 'del.txt', contentType: 'text/plain', data: Buffer.from('bye') } }),
});
const match = uploadRes.body.match(/\/f\/([^/"]+)/);
fileId = match?.[1] ?? '';
});
afterEach(async () => { await ctx.app.close(); ctx.cleanup(); });
it('deletes and redirects to /files', async () => {
const res = await ctx.app.inject({
method: 'POST',
url: `/files/${fileId}/delete`,
cookies: { token },
});
expect(res.statusCode).toBe(302);
expect(res.headers['location']).toBe('/files');
});
});
Reference in New Issue View Git Blame Copy Permalink