OpenSourceArk/Ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
dd714ef543
Ghost/ghost/admin/tests/unit/authenticators/cookie-test.js
Kevin Ansfield c646e78fff Made session.user a synchronous property rather than a promise 
no issue

Having `session.user` return a promise made dealing with it in components difficult because you always had to remember it returned a promise rather than a model and had to handle the async behaviour. It also meant that you couldn't use any current user properties directly inside getters which made refactors to Glimmer/Octane idioms harder to reason about.

`session.user` was a cached computed property so it really made no sense for it to be a promise - it was loaded on first access and then always returned instantly but with a fulfilled promise rather than the  underlying model.

Refactoring to a synchronous property that is loaded as part of the authentication flows (we load the current user to check that we're logged in - we may as well make use of that!) means one less thing to be aware of/remember and provides a nicer migration process to Glimmer components. As part of the refactor, the auth flows and pre-load of required data across other services was also simplified to make it easier to find and follow.

- refactored app setup and `session.user`
  - added `session.populateUser()` that fetches a user model from the current user endpoint and sets it on `session.user`
  - removed knowledge of app setup from the `cookie` authenticator and moved it into = `session.postAuthPreparation()`, this means we have the same post-authentication setup no matter which authenticator is used so we have more consistent behaviour in tests which don't use the `cookie` authenticator
  - switched `session` service to native class syntax to get the expected `super()` behaviour
  - updated `handleAuthentication()` so it populate's `session.user` and performs post-auth setup before transitioning (handles sign-in after app load)
  - updated `application` route to remove duplicated knowledge of app preload behaviour that now lives in `session.postAuthPreparation()` (handles already-authed app load)
  - removed out-of-date attempt at pre-loading data from setup controller as that's now handled automatically via `session.handleAuthentication`
- updated app code to not treat `session.user` as a promise
  - predominant usage was router `beforeModel` hooks that transitioned users without valid permissions, this sets us up for an easier removal of the `current-user-settings` mixin in the future
2021-07-08 14:54:31 +01:00

93 lines
2.9 KiB
JavaScript
Raw Blame History

import Service from '@ember/service';
import ghostPaths from 'ghost-admin/utils/ghost-paths';
import sinon from 'sinon';
import {beforeEach, describe, it} from 'mocha';
import {expect} from 'chai';
import {setupTest} from 'ember-mocha';
const mockAjax = Service.extend({
skipSessionDeletion: false,
init() {
this._super(...arguments);
this.post = sinon.stub().resolves();
this.del = sinon.stub().resolves();
}
});
const mockConfig = Service.extend({
init() {
this._super(...arguments);
this.fetchAuthenticated = sinon.stub().resolves();
}
});
const mockFeature = Service.extend({
init() {
this._super(...arguments);
this.fetch = sinon.stub().resolves();
}
});
const mockSettings = Service.extend({
init() {
this._super(...arguments);
this.fetch = sinon.stub().resolves();
}
});
const mockGhostPaths = Service.extend({
apiRoot: ghostPaths().apiRoot
});
describe('Unit: Authenticator: cookie', () => {
setupTest();
beforeEach(function () {
this.owner.register('service:ajax', mockAjax);
this.owner.register('service:config', mockConfig);
this.owner.register('service:feature', mockFeature);
this.owner.register('service:settings', mockSettings);
this.owner.register('service:ghost-paths', mockGhostPaths);
});
describe('#restore', function () {
it('returns a resolving promise', function () {
return this.owner.lookup('authenticator:cookie').restore();
});
});
describe('#authenticate', function () {
it('posts the username and password to the sessionEndpoint and returns the promise', function () {
let authenticator = this.owner.lookup('authenticator:cookie');
let post = authenticator.ajax.post;
return authenticator.authenticate('AzureDiamond', 'hunter2').then(() => {
expect(post.args[0][0]).to.equal(`${ghostPaths().apiRoot}/session`);
expect(post.args[0][1]).to.deep.include({
data: {
username: 'AzureDiamond',
password: 'hunter2'
}
});
expect(post.args[0][1]).to.deep.include({
dataType: 'text'
});
expect(post.args[0][1]).to.deep.include({
contentType: 'application/json;charset=utf-8'
});
});
});
});
describe('#invalidate', function () {
it('makes a delete request to the sessionEndpoint', function () {
let authenticator = this.owner.lookup('authenticator:cookie');
let del = authenticator.ajax.del;
return authenticator.invalidate().then(() => {
expect(del.args[0][0]).to.equal(`${ghostPaths().apiRoot}/session`);
});
});
});
});
Reference in New Issue View Git Blame Copy Permalink