I'm trying to test a login endpoint using supertest. I know that the code for the API is correct because when I do the test on Postman, it works. However, when I do it using automated testing, I am getting an error. Specifically, I make a .post request to my login endpoint, pass in a user, expect to get a 200 status code. I end up getting a 401 status code, which per my code, indicates 'invalid credentials.' Can someone help me figure out why this is happening, and lead me in the right direction to doing my testing correctly?
my testing file (auth-router.spec.js):
const request = require('supertest');
const server = require('../api/server');
const users = require('./users-model');
const db = require('../database/dbConfig');
describe('auth router', function() {
describe('test environment', function() {
it('should use the testing environment', function() {
expect(process.env.DB_ENV).toBe('testing');
})
})
})
describe('POST /api/auth/register tests', function() {
beforeEach(async () => {
await db('users').truncate();
})
describe('insert()', function() {
it('adds a new user to the database', async function() {
await users.add({ username: 'jevon', password: 'cochran' });
const table = await db('users');
expect(table).toHaveLength(1);
})
it('should insert provided user into the database', async function() {
let newUser = await users.add({ username: 'leroy', password: 'gatlin' });
expect(newUser.username).toBe('leroy');
})
})
describe('POST /api/auth/login tests', function() {
it('returns 200 OK', async function() {
return request(server)
.post('/api/auth/login')
.send({ username: 'leroy', password: 'gatlin' })
.then(res => {
expect(res.status).toBe(200);
})
})
})
})
auth-router.js:
const router = require('express').Router();
const bcrypt = require('bcryptjs');
const jwt = require('jsonwebtoken');
const users = require('./users-model');
router.get('/', (req, res) => {
res.status(200).json({ api: 'up' });
})
router.post('/register', (req, res) => {
let user = req.body;
console.log(user);
const hash = bcrypt.hashSync(user.password, 8);
user.password = hash;
users.add(user)
.then(added => {
console.log(user);
res.status(201).json(added);
})
.catch(error => {
console.log(error);
res.status(500).json({ errorMessage: 'unable to register user' });
})
});
router.post('/login', (req, res) => {
let { username, password } = req.body;
users.findBy({ username })
.first()
.then(user => {
if(user && bcrypt.compareSync(password, user.password)) {
const token = generateToken(user);
res.status(200).json({
messsage: `Welcome ${user.username}`,
token
})
} else {
res.status(401).json({ message: 'Invalid credentials' });
}
})
.catch(error => {
console.log(error);
res.status(500).json({ errorMessage: 'unable to login' });
})
});
function generateToken(user) {
const payload = {
username: user.username
}
const secret = process.env.JWT_SECRET || 'top secret';
const options = {
expiresIn: '1h'
}
return jwt.sign(payload, secret, options);
}
module.exports = router;
Here is what's happening when I run my tests: