/
cookies.js
94 lines (71 loc) · 2.33 KB
/
cookies.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
'use strict';
const assert = require('assert');
const request = require('supertest');
const Koa = require('../..');
describe('ctx.cookies.set()', () => {
it('should set an unsigned cookie', async () => {
const app = new Koa();
app.use((ctx, next) => {
ctx.cookies.set('name', 'jon');
ctx.status = 204;
});
const server = app.listen();
const res = await request(server)
.get('/')
.expect(204);
const cookie = res.headers['set-cookie'].some(cookie => /^name=/.test(cookie));
assert.equal(cookie, true);
});
describe('with .signed', () => {
describe('when no .keys are set', () => {
it('should error', () => {
const app = new Koa();
app.use((ctx, next) => {
try {
ctx.cookies.set('foo', 'bar', { signed: true });
} catch (err) {
ctx.body = err.message;
}
});
return request(app.callback())
.get('/')
.expect('.keys required for signed cookies');
});
});
it('should send a signed cookie', async () => {
const app = new Koa();
app.keys = ['a', 'b'];
app.use((ctx, next) => {
ctx.cookies.set('name', 'jon', { signed: true });
ctx.status = 204;
});
const server = app.listen();
const res = await request(server)
.get('/')
.expect(204);
const cookies = res.headers['set-cookie'];
assert.equal(cookies.some(cookie => /^name=/.test(cookie)), true);
assert.equal(cookies.some(cookie => /(,|^)name\.sig=/.test(cookie)), true);
});
});
describe('with secure', () => {
it('should get secure from request', async () => {
const app = new Koa();
app.proxy = true;
app.keys = ['a', 'b'];
app.use(ctx => {
ctx.cookies.set('name', 'jon', { signed: true });
ctx.status = 204;
});
const server = app.listen();
const res = await request(server)
.get('/')
.set('x-forwarded-proto', 'https') // mock secure
.expect(204);
const cookies = res.headers['set-cookie'];
assert.equal(cookies.some(cookie => /^name=/.test(cookie)), true);
assert.equal(cookies.some(cookie => /(,|^)name\.sig=/.test(cookie)), true);
assert.equal(cookies.every(cookie => /secure/.test(cookie)), true);
});
});
});