diff options
Diffstat (limited to 'packages/astro/test/sessions.test.js')
-rw-r--r-- | packages/astro/test/sessions.test.js | 86 |
1 files changed, 22 insertions, 64 deletions
diff --git a/packages/astro/test/sessions.test.js b/packages/astro/test/sessions.test.js index 9ac94c944..3fe385fb4 100644 --- a/packages/astro/test/sessions.test.js +++ b/packages/astro/test/sessions.test.js @@ -18,9 +18,6 @@ describe('Astro.session', () => { driver: 'fs', ttl: 20, }, - experimental: { - session: true, - }, }); }); @@ -38,7 +35,7 @@ describe('Astro.session', () => { } it('can regenerate session cookies upon request', async () => { - const firstResponse = await fetchResponse('/regenerate', { method: 'GET' }); + const firstResponse = await fetchResponse('/regenerate'); const firstHeaders = Array.from(app.setCookieHeaders(firstResponse)); const firstSessionId = firstHeaders[0].split(';')[0].split('=')[1]; @@ -53,8 +50,21 @@ describe('Astro.session', () => { assert.notEqual(firstSessionId, secondSessionId); }); + it('defaults to secure cookies in production', async () => { + const firstResponse = await fetchResponse('/regenerate'); + const firstHeaders = Array.from(app.setCookieHeaders(firstResponse)); + assert.ok( + firstHeaders[0].includes('Secure'), + 'Secure cookie not set in production', + ); + assert.ok( + firstHeaders[0].includes('HttpOnly'), + 'HttpOnly cookie not set in production', + ); + }); + it('can save session data by value', async () => { - const firstResponse = await fetchResponse('/update', { method: 'GET' }); + const firstResponse = await fetchResponse('/update'); const firstValue = await firstResponse.json(); assert.equal(firstValue.previousValue, 'none'); @@ -141,9 +151,6 @@ describe('Astro.session', () => { driver: 'fs', ttl: 20, }, - experimental: { - session: true, - }, }); devServer = await fixture.startDevServer(); }); @@ -170,6 +177,13 @@ describe('Astro.session', () => { assert.notEqual(firstSessionId, secondSessionId); }); + + it('defaults to non-secure cookies in development', async () => { + const response = await fixture.fetch('/regenerate'); + const setCookieHeader = response.headers.get('set-cookie'); + assert.ok(!setCookieHeader.includes('Secure')); + }); + it('can save session data by value', async () => { const firstResponse = await fixture.fetch('/update'); const firstValue = await firstResponse.json(); @@ -219,60 +233,4 @@ describe('Astro.session', () => { ); }); }); - - describe('Configuration', () => { - it('throws if flag is enabled but driver is not set', async () => { - const fixture = await loadFixture({ - root: './fixtures/sessions/', - output: 'server', - adapter: testAdapter(), - experimental: { - session: true, - }, - }); - await assert.rejects( - fixture.build({}), - /Error: The `experimental.session` flag was set to `true`, but no storage was configured/, - ); - }); - - it('throws if session is configured but flag is not enabled', async () => { - const fixture = await loadFixture({ - root: './fixtures/sessions/', - output: 'server', - adapter: testAdapter(), - session: { - driver: 'fs', - }, - experimental: { - session: false, - }, - }); - await assert.rejects( - fixture.build({}), - /Error: Session config was provided without enabling the `experimental.session` flag/, - ); - }); - - it('throws if output is static', async () => { - const fixture = await loadFixture({ - root: './fixtures/sessions/', - output: 'static', - session: { - driver: 'fs', - ttl: 20, - }, - experimental: { - session: true, - }, - }); - // Disable actions so we can do a static build - await fixture.editFile('src/actions/index.ts', () => ''); - await assert.rejects( - fixture.build({}), - /Sessions require an adapter that supports server output/, - ); - await fixture.resetAllFiles(); - }); - }); }); |