31 lines
1.1 KiB
JavaScript
31 lines
1.1 KiB
JavaScript
import { test } from 'node:test';
|
|
import assert from 'node:assert/strict';
|
|
import { generateToken, hashToken, parseBearer } from '../../src/auth/tokens.js';
|
|
|
|
test('generateToken returns dfl_-prefixed 32-byte hex (68 chars total)', () => {
|
|
const t = generateToken();
|
|
assert.match(t, /^dfl_[0-9a-f]{64}$/);
|
|
});
|
|
|
|
test('generateToken returns distinct values on each call', () => {
|
|
assert.notEqual(generateToken(), generateToken());
|
|
});
|
|
|
|
test('hashToken returns a stable 64-char hex SHA-256', () => {
|
|
const t = 'dfl_' + 'a'.repeat(64);
|
|
const h = hashToken(t);
|
|
assert.match(h, /^[0-9a-f]{64}$/);
|
|
assert.equal(hashToken(t), h);
|
|
});
|
|
|
|
test('parseBearer returns the token when header is well-formed', () => {
|
|
assert.equal(parseBearer('Bearer dfl_abc'), 'dfl_abc');
|
|
assert.equal(parseBearer('bearer dfl_xyz'), 'dfl_xyz'); // case-insensitive scheme
|
|
});
|
|
|
|
test('parseBearer returns null for missing or malformed headers', () => {
|
|
assert.equal(parseBearer(undefined), null);
|
|
assert.equal(parseBearer(''), null);
|
|
assert.equal(parseBearer('Basic abc'), null);
|
|
assert.equal(parseBearer('Bearer'), null);
|
|
});
|