tdpeuter/2025SELab2-project-Dwengo
tdpeuter/2025SELab2-project-Dwengo
Archived
1
Fork 0
Code Issues Releases 4 Packages 2 Wiki Activity

fix: Bypass auth tijdens testen

Browse source
This commit is contained in:
Tibo De Peuter 2025-05-14 19:19:15 +02:00
parent e348e1198b
commit 84de3cc424
Signed by: tdpeuter
GPG key ID: 38297DE43F75FFE2
2 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
backend/.env.test
View file

@ -8,6 +8,7 @@
### Dwengo ### ### Dwengo ###
DWENGO_PORT=3000 DWENGO_PORT=3000
DWENGO_RUN_MODE=test
DWENGO_DB_NAME=":memory:" DWENGO_DB_NAME=":memory:"
DWENGO_DB_UPDATE=true DWENGO_DB_UPDATE=true

12
backend/src/middleware/auth/checks/auth-checks.ts
View file

@ -4,6 +4,7 @@ import * as express from 'express';
import { RequestHandler } from 'express'; import { RequestHandler } from 'express';
import { UnauthorizedException } from '../../../exceptions/unauthorized-exception.js'; import { UnauthorizedException } from '../../../exceptions/unauthorized-exception.js';
import { ForbiddenException } from '../../../exceptions/forbidden-exception.js'; import { ForbiddenException } from '../../../exceptions/forbidden-exception.js';
import { envVars, getEnvVar } from '../../../util/envVars.js';
/** /**
* Middleware which rejects unauthenticated users (with HTTP 401) and authenticated users which do not fulfill * Middleware which rejects unauthenticated users (with HTTP 401) and authenticated users which do not fulfill
@ -14,6 +15,17 @@ import { ForbiddenException } from '../../../exceptions/forbidden-exception.js';
export function authorize<P, ResBody, ReqBody, ReqQuery, Locals extends Record<string, unknown>>( export function authorize<P, ResBody, ReqBody, ReqQuery, Locals extends Record<string, unknown>>(
accessCondition: (auth: AuthenticationInfo, req: AuthenticatedRequest<P, ResBody, ReqBody, ReqQuery, Locals>) => boolean | Promise<boolean> accessCondition: (auth: AuthenticationInfo, req: AuthenticatedRequest<P, ResBody, ReqBody, ReqQuery, Locals>) => boolean | Promise<boolean>
): RequestHandler<P, ResBody, ReqBody, ReqQuery, Locals> { ): RequestHandler<P, ResBody, ReqBody, ReqQuery, Locals> {
// Bypass authentication during testing
if (getEnvVar(envVars.RunMode) === "test") {
return async (
_req: AuthenticatedRequest<P, ResBody, ReqBody, ReqQuery, Locals>,
_res: express.Response,
next: express.NextFunction
): Promise<void> => {
next();
};
}
return async ( return async (
req: AuthenticatedRequest<P, ResBody, ReqBody, ReqQuery, Locals>, req: AuthenticatedRequest<P, ResBody, ReqBody, ReqQuery, Locals>,
_res: express.Response, _res: express.Response,