2022-08-19 20:25:20 +02:00
|
|
|
import supertest from 'supertest';
|
2024-10-20 19:26:36 +02:00
|
|
|
import { describe, expect, test } from 'vitest';
|
2022-08-19 20:25:20 +02:00
|
|
|
|
|
|
|
import { API_ERROR, HEADERS, HEADER_TYPE, HTTP_STATUS } from '@verdaccio/core';
|
2024-10-20 19:26:36 +02:00
|
|
|
import { setup } from '@verdaccio/logger';
|
2022-08-19 20:25:20 +02:00
|
|
|
|
|
|
|
import { initializeServer } from './_helper';
|
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
setup({});
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
describe('server api', () => {
|
|
|
|
test('should request any package', async () => {
|
|
|
|
const app = await initializeServer('conf.yaml');
|
|
|
|
await supertest(app)
|
|
|
|
.get('/jquery')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
|
|
|
|
.expect(HTTP_STATUS.NOT_FOUND);
|
|
|
|
});
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
test('should able to catch non defined routes with 404', async () => {
|
|
|
|
const app = await initializeServer('conf.yaml');
|
|
|
|
await supertest(app)
|
|
|
|
.get('/-/this-does-not-exist-anywhere')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
|
|
|
|
.expect(HTTP_STATUS.NOT_FOUND);
|
|
|
|
});
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
test('should return index page if web is enabled', async () => {
|
|
|
|
const app = await initializeServer('conf.yaml');
|
|
|
|
const response = await supertest(app)
|
|
|
|
.get('/')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.TEXT_HTML_UTF8)
|
|
|
|
.expect(HEADER_TYPE.CONTENT_ENCODING, HEADERS.GZIP)
|
|
|
|
.expect(HTTP_STATUS.OK);
|
|
|
|
expect(response.text).toMatch('<title>verdaccio</title>');
|
|
|
|
});
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
test('should define rate limit headers', async () => {
|
|
|
|
const app = await initializeServer('conf.yaml');
|
|
|
|
await supertest(app)
|
|
|
|
.get('/')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.TEXT_HTML_UTF8)
|
|
|
|
.expect('x-ratelimit-limit', '10000')
|
|
|
|
.expect('x-ratelimit-remaining', '9999')
|
|
|
|
.expect(HTTP_STATUS.OK);
|
|
|
|
});
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
test('should contains cors headers', async () => {
|
|
|
|
const app = await initializeServer('conf.yaml');
|
|
|
|
await supertest(app).get('/').expect('access-control-allow-origin', '*').expect(HTTP_STATUS.OK);
|
|
|
|
});
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
test('should contains etag', async () => {
|
|
|
|
const app = await initializeServer('conf.yaml');
|
|
|
|
const response = await supertest(app)
|
|
|
|
.get('/')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.TEXT_HTML_UTF8)
|
|
|
|
.expect(HTTP_STATUS.OK);
|
|
|
|
const etag = response.get(HEADERS.ETAG);
|
|
|
|
expect(typeof etag === 'string').toBeTruthy();
|
|
|
|
});
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
test('should be hidden by default', async () => {
|
|
|
|
const app = await initializeServer('conf.yaml');
|
|
|
|
const response = await supertest(app)
|
|
|
|
.get('/')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.TEXT_HTML_UTF8)
|
|
|
|
.expect(HTTP_STATUS.OK);
|
|
|
|
const powered = response.get('x-powered-by');
|
|
|
|
expect(powered).toMatch('hidden');
|
|
|
|
}, 40000);
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
test('should not contains powered header', async () => {
|
|
|
|
const app = await initializeServer('powered-disabled.yaml');
|
|
|
|
const response = await supertest(app)
|
|
|
|
.get('/')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.TEXT_HTML_UTF8)
|
|
|
|
.expect(HTTP_STATUS.OK);
|
|
|
|
const powered = response.get('x-powered-by');
|
|
|
|
expect(powered).toEqual('hidden');
|
|
|
|
});
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
test('should contains custom powered header', async () => {
|
|
|
|
const app = await initializeServer('powered-custom.yaml');
|
|
|
|
const response = await supertest(app)
|
|
|
|
.get('/')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.TEXT_HTML_UTF8)
|
|
|
|
.expect(HTTP_STATUS.OK);
|
|
|
|
const powered = response.get('x-powered-by');
|
|
|
|
expect(powered).toEqual('custom user agent');
|
|
|
|
});
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
test('should return 404 if web is disabled', async () => {
|
|
|
|
const app = await initializeServer('web-disabled.yaml');
|
|
|
|
const response = await supertest(app)
|
|
|
|
.get('/')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
|
|
|
|
.expect(HTTP_STATUS.NOT_FOUND);
|
|
|
|
expect(response.body.error).toEqual(API_ERROR.WEB_DISABLED);
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should not display debug hook disabled by default', async () => {
|
|
|
|
const app = await initializeServer('no_debug.yaml');
|
|
|
|
await supertest(app)
|
|
|
|
.get('/-/_debug')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
|
|
|
|
.expect(HTTP_STATUS.NOT_FOUND);
|
|
|
|
});
|
2022-08-19 20:25:20 +02:00
|
|
|
|
2024-10-20 19:26:36 +02:00
|
|
|
test('should display debug hook if directly enabled', async () => {
|
|
|
|
const app = await initializeServer('conf.yaml');
|
|
|
|
const res = await supertest(app)
|
|
|
|
.get('/-/_debug')
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
|
|
|
|
.expect(HTTP_STATUS.OK);
|
|
|
|
expect(res.body.pid).toEqual(process.pid);
|
|
|
|
expect(res.body.mem).toBeDefined();
|
|
|
|
});
|
2022-08-19 20:25:20 +02:00
|
|
|
});
|