@@ -3,7 +3,7 @@ import { AuthService } from "./auth.service";
33import { UserService } from "../users/users.service" ;
44import { JwtService } from "@nestjs/jwt" ;
55import * as bcrypt from "bcrypt" ;
6- import { UnauthorizedException } from "@nestjs/common" ;
6+ import { UnauthorizedException , ForbiddenException } from "@nestjs/common" ;
77
88const mockUser = {
99 email : "test@example.com" ,
@@ -31,6 +31,8 @@ describe("AuthService", () => {
3131 provide : UserService ,
3232 useValue : {
3333 findOneUser : jest . fn ( ) . mockResolvedValue ( mockUser ) ,
34+ findOne : jest . fn ( ) . mockResolvedValue ( { ...mockUser , hashdRt : hashedPassword } ) ,
35+ updateOne : jest . fn ( ) . mockResolvedValue ( true ) ,
3436 } ,
3537 } ,
3638 {
@@ -52,32 +54,77 @@ describe("AuthService", () => {
5254 jwtService = module . get < JwtService > ( JwtService ) ;
5355 } ) ;
5456
55- it ( "should sign in a user and return an access token" , async ( ) => {
56- const spyFindOneUser = jest
57- . spyOn ( userService , "findOneUser" )
58- . mockResolvedValue ( mockUser ) ;
57+ describe ( "signIn" , ( ) => {
58+ it ( "should sign in a user and return an access token" , async ( ) => {
59+ const spyFindOneUser = jest
60+ . spyOn ( userService , "findOneUser" )
61+ . mockResolvedValue ( mockUser ) ;
5962
60- const spyCompare = jest . spyOn ( bcrypt , "compare" ) . mockReturnValue ( true ) ;
63+ const spyCompare = jest . spyOn ( bcrypt , "compare" ) . mockReturnValue ( true ) ;
6164
62- const spySignAsync = jest
63- . spyOn ( jwtService , "signAsync" )
64- . mockResolvedValue ( "access_token" ) ;
65+ const spySignAsync = jest
66+ . spyOn ( jwtService , "signAsync" )
67+ . mockResolvedValue ( "access_token" ) ;
6568
66- await authService . signIn ( "test@example.com" , "password" ) ;
67- expect ( spyFindOneUser ) . toHaveBeenCalledWith ( "test@example.com" ) ;
68- expect ( spyCompare ) . toHaveBeenCalledWith ( "password" , mockUser . password ) ;
69+ await authService . signIn ( "test@example.com" , "password" ) ;
70+ expect ( spyFindOneUser ) . toHaveBeenCalledWith ( "test@example.com" ) ;
71+ expect ( spyCompare ) . toHaveBeenCalledWith ( "password" , mockUser . password ) ;
72+ expect ( spySignAsync ) . toHaveBeenCalled ( ) ;
73+ } ) ;
74+
75+ it ( "should throw UnauthorizedException when passwords do not match" , async ( ) => {
76+ jest . spyOn ( userService , "findOneUser" ) . mockResolvedValue ( {
77+ ...mockUser ,
78+ password : hashedPassword , // Use hashed password
79+ } ) ;
80+
81+ jest . spyOn ( bcrypt , "compare" ) . mockReturnValue ( false ) ; // Passwords do not match
82+
83+ await expect (
84+ authService . signIn ( "test@example.com" , "wrongpassword" )
85+ ) . rejects . toThrowError ( UnauthorizedException ) ;
86+ } ) ;
6987 } ) ;
7088
71- it ( "should throw UnauthorizedException when passwords do not match" , async ( ) => {
72- jest . spyOn ( userService , "findOneUser" ) . mockResolvedValue ( {
73- ...mockUser ,
74- password : hashedPassword , // Use hashed password
89+ describe ( "refreshTokens" , ( ) => {
90+ it ( "should refresh tokens for a user" , async ( ) => {
91+ const mockUserId = "12345" ;
92+ const mockRefreshToken = "mockRefreshToken" ;
93+
94+ jest . spyOn ( bcrypt , "compare" ) . mockReturnValue ( true ) ; // Tokens match
95+
96+ jest . spyOn ( authService , "getTokens" ) . mockResolvedValue ( expectedResponse ) ;
97+
98+ const tokens = await authService . refreshTokens ( mockUserId , mockRefreshToken ) ;
99+
100+ expect ( tokens ) . toEqual ( expectedResponse ) ;
101+ expect ( userService . updateOne ) . toHaveBeenCalledWith (
102+ mockUser . _id ,
103+ expect . objectContaining ( { hashdRt : expect . any ( String ) } )
104+ ) ;
105+ } ) ;
106+
107+ it ( "should throw ForbiddenException when user or hashed refresh token is invalid" , async ( ) => {
108+ jest . spyOn ( userService , "findOne" ) . mockResolvedValue ( null ) ; // Invalid user
109+
110+ await expect (
111+ authService . refreshTokens ( "invalidUserId" , "invalidRefreshToken" )
112+ ) . rejects . toThrowError ( new ForbiddenException ( 'Access Denied.' ) ) ;
113+
114+ jest . spyOn ( userService , "findOne" ) . mockResolvedValue ( { ...mockUser , hashdRt : "invalidHashedRT" } ) ; // Invalid hashed refresh token
115+
116+ await expect (
117+ authService . refreshTokens ( mockUser . _id , "invalidRefreshToken" )
118+ ) . rejects . toThrowError ( new ForbiddenException ( 'data must be a string or Buffer and salt must either be a salt string or a number of rounds' ) ) ;
75119 } ) ;
120+ } ) ;
76121
77- jest . spyOn ( bcrypt , "compare" ) . mockReturnValue ( false ) ; // Passwords do not match
122+ describe ( "hashPassword" , ( ) => {
123+ it ( "should hash password correctly" , async ( ) => {
124+ const plainPassword = "password" ;
125+ const hashed = await authService . hashPassword ( plainPassword ) ;
78126
79- await expect (
80- authService . signIn ( "test@example.com" , "wrongpassword" )
81- ) . rejects . toThrowError ( UnauthorizedException ) ;
127+ expect ( bcrypt . compareSync ( plainPassword , hashed ) ) . toBe ( true ) ;
128+ } ) ;
82129 } ) ;
83- } ) ;
130+ } ) ;
0 commit comments