149 lines
No EOL
3.6 KiB
JavaScript
149 lines
No EOL
3.6 KiB
JavaScript
import { test } from 'node:test';
|
|
import assert from 'node:assert';
|
|
import { decryptText } from '../services/encryption.js';
|
|
|
|
test('decryptText should handle valid payload', () => {
|
|
const payload = 'iv123:tag456:data789';
|
|
assert.throws(() => decryptText(payload), {
|
|
message: 'Invalid encrypted payload format'
|
|
});
|
|
});
|
|
|
|
test('decryptText should throw error for invalid payload format', () => {
|
|
const payload = 'invalid:payload';
|
|
assert.throws(() => decryptText(payload), {
|
|
message: 'Invalid encrypted payload format'
|
|
});
|
|
});
|
|
|
|
// Test profile route POST /phone
|
|
test('POST /phone should update phone number', async () => {
|
|
// Mock request and response objects
|
|
const req = {
|
|
body: { phone: '1234567890' },
|
|
user: { userId: 1 }
|
|
};
|
|
|
|
const res = {
|
|
status: (code) => {
|
|
res.statusCode = code;
|
|
return res;
|
|
},
|
|
json: (data) => {
|
|
res.body = data;
|
|
}
|
|
};
|
|
|
|
// Mock the pool.query function to simulate database update
|
|
const originalQuery = pool.query;
|
|
pool.query = async (sql, params) => {
|
|
if (sql.includes('UPDATE users SET phone_encrypted')) {
|
|
return [{ affectedRows: 1 }];
|
|
}
|
|
return [];
|
|
};
|
|
|
|
try {
|
|
await router.post('/phone', req, res);
|
|
assert.strictEqual(res.statusCode, 200);
|
|
assert.deepStrictEqual(res.body, { status: 'updated' });
|
|
} finally {
|
|
pool.query = originalQuery;
|
|
}
|
|
});
|
|
|
|
// Test profile route GET /
|
|
test('GET / should return user profile', async () => {
|
|
const req = {
|
|
user: { userId: 1 }
|
|
};
|
|
|
|
const res = {
|
|
status: (code) => {
|
|
res.statusCode = code;
|
|
return res;
|
|
},
|
|
json: (data) => {
|
|
res.body = data;
|
|
}
|
|
};
|
|
|
|
// Mock the pool.query function to simulate database fetch
|
|
const originalQuery = pool.query;
|
|
pool.query = async (sql, params) => {
|
|
if (sql.includes('SELECT id, name, email, phone_encrypted FROM users')) {
|
|
return [[{
|
|
id: 1,
|
|
name: 'Test User',
|
|
email: 'test@example.com',
|
|
phone_encrypted: 'iv123:tag456:data789'
|
|
}]];
|
|
}
|
|
return [];
|
|
};
|
|
|
|
try {
|
|
await router.get('/', req, res);
|
|
assert.strictEqual(res.statusCode, 200);
|
|
assert.deepStrictEqual(res.body, {
|
|
id: 1,
|
|
name: 'Test User',
|
|
email: 'test@example.com',
|
|
phone: null // Decryption error expected
|
|
});
|
|
} finally {
|
|
pool.query = originalQuery;
|
|
}
|
|
});
|
|
|
|
// Test profile route GET / with valid decryption
|
|
test('GET / should return user profile with decrypted phone', async () => {
|
|
const req = {
|
|
user: { userId: 1 }
|
|
};
|
|
|
|
const res = {
|
|
status: (code) => {
|
|
res.statusCode = code;
|
|
return res;
|
|
},
|
|
json: (data) => {
|
|
res.body = data;
|
|
}
|
|
};
|
|
|
|
// Mock the pool.query function to simulate database fetch
|
|
const originalQuery = pool.query;
|
|
pool.query = async (sql, params) => {
|
|
if (sql.includes('SELECT id, name, email, phone_encrypted FROM users')) {
|
|
return [[{
|
|
id: 1,
|
|
name: 'Test User',
|
|
email: 'test@example.com',
|
|
phone_encrypted: 'valid_encrypted_data'
|
|
}]];
|
|
}
|
|
return [];
|
|
};
|
|
|
|
// Mock decryptText to return a valid phone number
|
|
const originalDecrypt = decryptText;
|
|
decryptText = (payload) => {
|
|
if (payload === 'valid_encrypted_data') return '123-456-7890';
|
|
throw new Error('Decryption failed');
|
|
};
|
|
|
|
try {
|
|
await router.get('/', req, res);
|
|
assert.strictEqual(res.statusCode, 200);
|
|
assert.deepStrictEqual(res.body, {
|
|
id: 1,
|
|
name: 'Test User',
|
|
email: 'test@example.com',
|
|
phone: '123-456-7890'
|
|
});
|
|
} finally {
|
|
pool.query = originalQuery;
|
|
decryptText = originalDecrypt;
|
|
}
|
|
}); |