mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-06 22:40:14 -05:00
254e0f0597
close #2757, refs #5286 - moves error formatting from api/index into errors lib - moves error handling from api/index into its own middleware - adds extra middleware for method not allowed which captures all unsupported routes
44 lines
1.3 KiB
JavaScript
44 lines
1.3 KiB
JavaScript
/*globals describe, beforeEach, it*/
|
|
/*jshint expr:true*/
|
|
var should = require('should'),
|
|
sinon = require('sinon'),
|
|
|
|
middleware = require('../../../server/middleware').middleware;
|
|
|
|
describe('Middleware: Client Auth', function () {
|
|
var req, res, next;
|
|
|
|
beforeEach(function () {
|
|
req = {};
|
|
res = {};
|
|
next = sinon.spy();
|
|
});
|
|
|
|
describe('addClientSecret', function () {
|
|
it('sets a `client_secret` if not part of body', function () {
|
|
var requestBody = {};
|
|
|
|
req.body = requestBody;
|
|
|
|
middleware.api.addClientSecret(req, res, next);
|
|
|
|
next.called.should.be.true;
|
|
should(req.body).have.property('client_secret');
|
|
req.body.client_secret.should.not.be.empty;
|
|
});
|
|
|
|
it('does not tamper with `client_secret` if already present', function () {
|
|
var requestBody = {
|
|
client_secret: 'keep-it-safe-keep-it-secret'
|
|
};
|
|
|
|
req.body = requestBody;
|
|
|
|
middleware.api.addClientSecret(req, res, next);
|
|
|
|
next.called.should.be.true;
|
|
should(req.body).have.property('client_secret');
|
|
req.body.client_secret.should.equal('keep-it-safe-keep-it-secret');
|
|
});
|
|
});
|
|
});
|