111 lines
3 KiB
TypeScript
111 lines
3 KiB
TypeScript
import { describe, expect, test } from 'vitest';
|
|
import { getAuthBaseUrl, isAnonymousAuthSessionsEnabled, isAuthEnabled, isGithubAuthEnabled } from '../../src/lib/server/auth/config';
|
|
import { withEnv } from './support/env';
|
|
|
|
describe('auth config contract', () => {
|
|
test('auth is enabled only when AUTH_SECRET and BASE_URL are both set', async () => {
|
|
await withEnv(
|
|
{
|
|
AUTH_SECRET: undefined,
|
|
BASE_URL: undefined,
|
|
},
|
|
async () => {
|
|
expect(isAuthEnabled()).toBe(false);
|
|
expect(getAuthBaseUrl()).toBeNull();
|
|
},
|
|
);
|
|
|
|
await withEnv(
|
|
{
|
|
AUTH_SECRET: 'unit-secret',
|
|
BASE_URL: 'http://localhost:3003',
|
|
},
|
|
async () => {
|
|
expect(isAuthEnabled()).toBe(true);
|
|
expect(getAuthBaseUrl()).toBe('http://localhost:3003');
|
|
},
|
|
);
|
|
});
|
|
|
|
test.each([
|
|
{ envValue: undefined, expected: false },
|
|
{ envValue: 'true', expected: true },
|
|
{ envValue: 'false', expected: false },
|
|
{ envValue: '1', expected: false },
|
|
{ envValue: 'TRUE', expected: true },
|
|
])(
|
|
'anonymous sessions honor strict boolean parsing when auth is enabled (value: $envValue)',
|
|
async ({ envValue, expected }) => {
|
|
await withEnv(
|
|
{
|
|
AUTH_SECRET: 'unit-secret',
|
|
BASE_URL: 'http://localhost:3003',
|
|
USE_ANONYMOUS_AUTH_SESSIONS: envValue,
|
|
},
|
|
async () => {
|
|
expect(isAnonymousAuthSessionsEnabled()).toBe(expected);
|
|
},
|
|
);
|
|
},
|
|
);
|
|
|
|
test('anonymous sessions are always disabled when auth is disabled', async () => {
|
|
await withEnv(
|
|
{
|
|
AUTH_SECRET: undefined,
|
|
BASE_URL: undefined,
|
|
USE_ANONYMOUS_AUTH_SESSIONS: 'true',
|
|
},
|
|
async () => {
|
|
expect(isAnonymousAuthSessionsEnabled()).toBe(false);
|
|
},
|
|
);
|
|
});
|
|
|
|
test.each([
|
|
{
|
|
title: 'returns false when auth is disabled',
|
|
env: {
|
|
AUTH_SECRET: undefined,
|
|
BASE_URL: undefined,
|
|
GITHUB_CLIENT_ID: 'id',
|
|
GITHUB_CLIENT_SECRET: 'secret',
|
|
},
|
|
expected: false,
|
|
},
|
|
{
|
|
title: 'returns false when GitHub client id is missing',
|
|
env: {
|
|
AUTH_SECRET: 'unit-secret',
|
|
BASE_URL: 'http://localhost:3003',
|
|
GITHUB_CLIENT_ID: undefined,
|
|
GITHUB_CLIENT_SECRET: 'secret',
|
|
},
|
|
expected: false,
|
|
},
|
|
{
|
|
title: 'returns false when GitHub client secret is missing',
|
|
env: {
|
|
AUTH_SECRET: 'unit-secret',
|
|
BASE_URL: 'http://localhost:3003',
|
|
GITHUB_CLIENT_ID: 'id',
|
|
GITHUB_CLIENT_SECRET: undefined,
|
|
},
|
|
expected: false,
|
|
},
|
|
{
|
|
title: 'returns true when auth is enabled and GitHub credentials are present',
|
|
env: {
|
|
AUTH_SECRET: 'unit-secret',
|
|
BASE_URL: 'http://localhost:3003',
|
|
GITHUB_CLIENT_ID: 'id',
|
|
GITHUB_CLIENT_SECRET: 'secret',
|
|
},
|
|
expected: true,
|
|
},
|
|
])('$title', async ({ env, expected }) => {
|
|
await withEnv(env, async () => {
|
|
expect(isGithubAuthEnabled()).toBe(expected);
|
|
});
|
|
});
|
|
});
|