Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-28 17:46:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

test: added test for session id reroll on login

Browse Source
This commit is contained in:
Julian Lam
2021-04-14 11:38:09 -04:00
parent 47348d2c9f
commit a3a7ab3ae1
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
test/authentication.js
View File

@@ -224,6 +224,19 @@ describe('authentication', () => {
}); });
}); });
it('should regenerate the session identifier on successful login', async () => {
const login = util.promisify(helpers.loginUser);
const logout = util.promisify(helpers.logoutUser);
const matchRegexp = /express\.sid=s%3A(.+?);/;
const sid = String(jar._jar.store.idx.localhost['/']['express.sid']).match(matchRegexp)[1];
await logout(jar);
const newJar = await login('regular', 'regularpwd');
const newSid = String(newJar._jar.store.idx.localhost['/']['express.sid']).match(matchRegexp)[1];
assert.notStrictEqual(newSid, sid);
});
it('should revoke all sessions', (done) => { it('should revoke all sessions', (done) => {
const socketAdmin = require('../src/socket.io/admin'); const socketAdmin = require('../src/socket.io/admin');
db.sortedSetCard(`uid:${regularUid}:sessions`, (err, count) => { db.sortedSetCard(`uid:${regularUid}:sessions`, (err, count) => {