|
|
|
@ -224,6 +224,19 @@ describe('authentication', () => {
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
it('should regenerate the session identifier on successful login', async () => {
|
|
|
|
|
|
|
|
const login = util.promisify(helpers.loginUser);
|
|
|
|
|
|
|
|
const logout = util.promisify(helpers.logoutUser);
|
|
|
|
|
|
|
|
const matchRegexp = /express\.sid=s%3A(.+?);/;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
const sid = String(jar._jar.store.idx.localhost['/']['express.sid']).match(matchRegexp)[1];
|
|
|
|
|
|
|
|
await logout(jar);
|
|
|
|
|
|
|
|
const newJar = await login('regular', 'regularpwd');
|
|
|
|
|
|
|
|
const newSid = String(newJar._jar.store.idx.localhost['/']['express.sid']).match(matchRegexp)[1];
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
assert.notStrictEqual(newSid, sid);
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
it('should revoke all sessions', (done) => {
|
|
|
|
it('should revoke all sessions', (done) => {
|
|
|
|
const socketAdmin = require('../src/socket.io/admin');
|
|
|
|
const socketAdmin = require('../src/socket.io/admin');
|
|
|
|
db.sortedSetCard(`uid:${regularUid}:sessions`, (err, count) => {
|
|
|
|
db.sortedSetCard(`uid:${regularUid}:sessions`, (err, count) => {
|
|
|
|
|
Julian Lam
4 years ago