Mathis/lemma
1
0
Fork 0
mirror of https://github.com/lordmathis/lemma.git synced 2025-11-05 23:44:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove redundant CSRF token tests and clean up related assertions in apiCall tests

Browse Source
This commit is contained in:
Matúš Námešný
2025-07-12 14:34:04 +02:00
parent ff4d1de2b7
commit 41d526af4c
1 changed files with 0 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

111
app/src/api/api.test.ts
View File

@@ -157,25 +157,6 @@ describe('apiCall', () => {
expect(calledOptions['headers']).not.toHaveProperty('X-CSRF-Token');
});
it('handles URL-encoded CSRF tokens', async () => {
const encodedToken = 'token%20with%20spaces';
setCookie('csrf_token', encodedToken);
mockFetch.mockResolvedValue(createMockResponse(200, {}));
await apiCall('https://api.example.com/create', {
method: 'POST',
});
expect(mockFetch).toHaveBeenCalledWith('https://api.example.com/create', {
method: 'POST',
credentials: 'include',
headers: {
'Content-Type': 'application/json',
'X-CSRF-Token': encodedToken, // We shouldn't expect it to be decoded since our api.ts is not decoding it
},
});
});
it('handles missing CSRF token gracefully', async () => {
// No CSRF token in cookies
mockFetch.mockResolvedValue(createMockResponse(200, {}));
@@ -193,47 +174,6 @@ describe('apiCall', () => {
},
});
});
it('handles multiple cookies and extracts CSRF token correctly', async () => {
Object.defineProperty(document, 'cookie', {
writable: true,
value:
'session_id=abc123; csrf_token=my-csrf-token; other_cookie=value',
configurable: true,
});
mockFetch.mockResolvedValue(createMockResponse(200, {}));
await apiCall('https://api.example.com/create', {
method: 'POST',
});
expect(mockFetch).toHaveBeenCalledWith('https://api.example.com/create', {
method: 'POST',
credentials: 'include',
headers: {
'Content-Type': 'application/json',
'X-CSRF-Token': 'my-csrf-token',
},
});
});
it('handles empty CSRF token value', async () => {
setCookie('csrf_token', '');
mockFetch.mockResolvedValue(createMockResponse(200, {}));
await apiCall('https://api.example.com/create', {
method: 'POST',
});
expect(mockFetch).toHaveBeenCalledWith('https://api.example.com/create', {
method: 'POST',
credentials: 'include',
headers: {
'Content-Type': 'application/json',
// No X-CSRF-Token header when token is empty
},
});
});
});
describe('error handling', () => {
@@ -510,47 +450,9 @@ describe('apiCall', () => {
});
}
});
it('defaults to GET method when method is omitted', async () => {
setCookie('csrf_token', 'test-token');
mockFetch.mockResolvedValue(createMockResponse(200, {}));
await apiCall('https://api.example.com/test', {});
expect(mockFetch).toHaveBeenCalledWith('https://api.example.com/test', {
method: undefined,
credentials: 'include',
headers: {
'Content-Type': 'application/json',
// No CSRF token for undefined (GET) method
},
});
});
});
describe('edge cases', () => {
it('handles very long URLs', async () => {
const longUrl = 'https://api.example.com/' + 'a'.repeat(2000);
mockFetch.mockResolvedValue(createMockResponse(200, {}));
await apiCall(longUrl);
expect(mockFetch).toHaveBeenCalledWith(longUrl, expect.any(Object));
});
it('handles special characters in URL', async () => {
const urlWithSpecialChars =
'https://api.example.com/test?param=value&other=test%20value';
mockFetch.mockResolvedValue(createMockResponse(200, {}));
await apiCall(urlWithSpecialChars);
expect(mockFetch).toHaveBeenCalledWith(
urlWithSpecialChars,
expect.any(Object)
);
});
it('handles null response body', async () => {
const mockResponse = {
status: 200,
@@ -563,18 +465,5 @@ describe('apiCall', () => {
expect(result.status).toBe(200);
});
it('handles empty string response body', async () => {
const mockResponse = {
status: 200,
ok: true,
json: vi.fn().mockResolvedValue(''),
} as unknown as Response;
mockFetch.mockResolvedValue(mockResponse);
const result = await apiCall('https://api.example.com/test');
expect(result.status).toBe(200);
});
});
});