dragonflight/services/mam-api/test/auth/passwords.test.js

import { test } from 'node:test';
import assert from 'node:assert/strict';
import { hashPassword, comparePassword } from '../../src/auth/passwords.js';

test('hashPassword returns a bcrypt string that comparePassword accepts', async () => {
  const hash = await hashPassword('correct-horse-battery-staple');
  assert.match(hash, /^\$2[aby]\$\d{2}\$/);
  assert.equal(await comparePassword('correct-horse-battery-staple', hash), true);
});

test('comparePassword returns false for the wrong password', async () => {
  const hash = await hashPassword('correct-horse-battery-staple');
  assert.equal(await comparePassword('wrong', hash), false);
});

test('comparePassword returns false (not throws) for a malformed hash', async () => {
  assert.equal(await comparePassword('anything', '!disabled-no-login!'), false);
});
feat(mam-api): auth utilities — password hash/compare + token gen/hash/parse 2026-05-27 13:51:15 -04:00			`import { test } from 'node:test';`
			`import assert from 'node:assert/strict';`
			`import { hashPassword, comparePassword } from '../../src/auth/passwords.js';`

			`test('hashPassword returns a bcrypt string that comparePassword accepts', async () => {`
			`const hash = await hashPassword('correct-horse-battery-staple');`
			`assert.match(hash, /^\$2[aby]\$\d{2}\$/);`
			`assert.equal(await comparePassword('correct-horse-battery-staple', hash), true);`
			`});`

			`test('comparePassword returns false for the wrong password', async () => {`
			`const hash = await hashPassword('correct-horse-battery-staple');`
			`assert.equal(await comparePassword('wrong', hash), false);`
			`});`

			`test('comparePassword returns false (not throws) for a malformed hash', async () => {`
			`assert.equal(await comparePassword('anything', '!disabled-no-login!'), false);`
			`});`