2020-06-23 13:30:03 -04:00
|
|
|
/* eslint-disable
|
|
|
|
no-return-assign,
|
|
|
|
*/
|
|
|
|
// TODO: This file was created by bulk-decaffeinate.
|
|
|
|
// Fix any style issues and re-enable lint.
|
2020-06-23 13:29:59 -04:00
|
|
|
/*
|
|
|
|
* decaffeinate suggestions:
|
|
|
|
* DS102: Remove unnecessary code created because of implicit returns
|
|
|
|
* Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md
|
|
|
|
*/
|
2020-06-23 13:30:16 -04:00
|
|
|
const { EventEmitter } = require('events')
|
|
|
|
const { expect } = require('chai')
|
|
|
|
const SandboxedModule = require('sandboxed-module')
|
|
|
|
const modulePath = '../../../app/js/SessionSockets'
|
|
|
|
const sinon = require('sinon')
|
|
|
|
|
|
|
|
describe('SessionSockets', function () {
|
2024-06-12 05:51:37 -04:00
|
|
|
beforeEach(function () {
|
|
|
|
this.metrics = { inc: sinon.stub() }
|
|
|
|
this.SessionSocketsModule = SandboxedModule.require(modulePath, {
|
|
|
|
requires: {
|
|
|
|
'@overleaf/metrics': this.metrics,
|
|
|
|
},
|
|
|
|
})
|
2020-06-23 13:30:16 -04:00
|
|
|
this.io = new EventEmitter()
|
|
|
|
this.id1 = Math.random().toString()
|
|
|
|
this.id2 = Math.random().toString()
|
|
|
|
const redisResponses = {
|
|
|
|
error: [new Error('Redis: something went wrong'), null],
|
2021-07-13 07:04:45 -04:00
|
|
|
unknownId: [null, null],
|
2020-06-23 13:30:16 -04:00
|
|
|
}
|
|
|
|
redisResponses[this.id1] = [null, { user: { _id: '123' } }]
|
|
|
|
redisResponses[this.id2] = [null, { user: { _id: 'abc' } }]
|
|
|
|
|
|
|
|
this.sessionStore = {
|
|
|
|
get: sinon
|
|
|
|
.stub()
|
2021-07-13 07:04:45 -04:00
|
|
|
.callsFake((id, fn) => fn.apply(null, redisResponses[id])),
|
2020-06-23 13:30:16 -04:00
|
|
|
}
|
|
|
|
this.cookieParser = function (req, res, next) {
|
|
|
|
req.signedCookies = req._signedCookies
|
|
|
|
return next()
|
|
|
|
}
|
|
|
|
this.SessionSockets = this.SessionSocketsModule(
|
|
|
|
this.io,
|
|
|
|
this.sessionStore,
|
|
|
|
this.cookieParser,
|
|
|
|
'ol.sid'
|
|
|
|
)
|
|
|
|
return (this.checkSocket = (socket, fn) => {
|
|
|
|
this.SessionSockets.once('connection', fn)
|
|
|
|
return this.io.emit('connection', socket)
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
describe('without cookies', function () {
|
2024-06-12 05:51:37 -04:00
|
|
|
beforeEach(function () {
|
2020-06-23 13:30:16 -04:00
|
|
|
return (this.socket = { handshake: {} })
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should return a lookup error', function (done) {
|
2021-07-13 07:04:45 -04:00
|
|
|
return this.checkSocket(this.socket, error => {
|
2020-06-23 13:30:16 -04:00
|
|
|
expect(error).to.exist
|
|
|
|
expect(error.message).to.equal('could not look up session by key')
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
2024-06-12 05:51:37 -04:00
|
|
|
it('should not query redis', function (done) {
|
2020-06-23 13:30:16 -04:00
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.sessionStore.get.called).to.equal(false)
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
2024-06-12 05:51:37 -04:00
|
|
|
|
|
|
|
it('should increment the session.cookie metric with status "none"', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.metrics.inc).to.be.calledWith('session.cookie', 1, {
|
|
|
|
status: 'none',
|
|
|
|
})
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
2020-06-23 13:30:16 -04:00
|
|
|
})
|
|
|
|
|
|
|
|
describe('with a different cookie', function () {
|
2024-06-12 05:51:37 -04:00
|
|
|
beforeEach(function () {
|
2020-06-23 13:30:16 -04:00
|
|
|
return (this.socket = { handshake: { _signedCookies: { other: 1 } } })
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should return a lookup error', function (done) {
|
2021-07-13 07:04:45 -04:00
|
|
|
return this.checkSocket(this.socket, error => {
|
2020-06-23 13:30:16 -04:00
|
|
|
expect(error).to.exist
|
|
|
|
expect(error.message).to.equal('could not look up session by key')
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
2024-06-12 05:51:37 -04:00
|
|
|
it('should not query redis', function (done) {
|
2020-06-23 13:30:16 -04:00
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.sessionStore.get.called).to.equal(false)
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
2024-06-12 05:51:37 -04:00
|
|
|
describe('with a cookie with an invalid signature', function () {
|
|
|
|
beforeEach(function () {
|
|
|
|
return (this.socket = {
|
|
|
|
handshake: { _signedCookies: { 'ol.sid': false } },
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should return a lookup error', function (done) {
|
|
|
|
return this.checkSocket(this.socket, error => {
|
|
|
|
expect(error).to.exist
|
|
|
|
expect(error.message).to.equal('could not look up session by key')
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should not query redis', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.sessionStore.get.called).to.equal(false)
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should increment the session.cookie metric with status=bad-signature', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.metrics.inc).to.be.calledWith('session.cookie', 1, {
|
|
|
|
status: 'bad-signature',
|
|
|
|
})
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
2020-06-23 13:30:16 -04:00
|
|
|
describe('with a valid cookie and a failing session lookup', function () {
|
2024-06-12 05:51:37 -04:00
|
|
|
beforeEach(function () {
|
2020-06-23 13:30:16 -04:00
|
|
|
return (this.socket = {
|
2021-07-13 07:04:45 -04:00
|
|
|
handshake: { _signedCookies: { 'ol.sid': 'error' } },
|
2020-06-23 13:30:16 -04:00
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should query redis', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.sessionStore.get.called).to.equal(true)
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
2024-06-12 05:51:37 -04:00
|
|
|
it('should return a redis error', function (done) {
|
2021-07-13 07:04:45 -04:00
|
|
|
return this.checkSocket(this.socket, error => {
|
2020-06-23 13:30:16 -04:00
|
|
|
expect(error).to.exist
|
|
|
|
expect(error.message).to.equal('Redis: something went wrong')
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
2024-06-12 05:51:37 -04:00
|
|
|
|
|
|
|
it('should increment the session.cookie metric with status=error', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.metrics.inc).to.be.calledWith('session.cookie', 1, {
|
|
|
|
status: 'error',
|
|
|
|
})
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
2020-06-23 13:30:16 -04:00
|
|
|
})
|
|
|
|
|
|
|
|
describe('with a valid cookie and no matching session', function () {
|
2024-06-12 05:51:37 -04:00
|
|
|
beforeEach(function () {
|
2020-06-23 13:30:16 -04:00
|
|
|
return (this.socket = {
|
2021-07-13 07:04:45 -04:00
|
|
|
handshake: { _signedCookies: { 'ol.sid': 'unknownId' } },
|
2020-06-23 13:30:16 -04:00
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should query redis', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.sessionStore.get.called).to.equal(true)
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
2024-06-12 05:51:37 -04:00
|
|
|
it('should return a lookup error', function (done) {
|
2021-07-13 07:04:45 -04:00
|
|
|
return this.checkSocket(this.socket, error => {
|
2020-06-23 13:30:16 -04:00
|
|
|
expect(error).to.exist
|
|
|
|
expect(error.message).to.equal('could not look up session by key')
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
2024-06-12 05:51:37 -04:00
|
|
|
|
|
|
|
it('should increment the session.cookie metric with status=missing', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.metrics.inc).to.be.calledWith('session.cookie', 1, {
|
|
|
|
status: 'missing',
|
|
|
|
})
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
2020-06-23 13:30:16 -04:00
|
|
|
})
|
|
|
|
|
|
|
|
describe('with a valid cookie and a matching session', function () {
|
2024-06-12 05:51:37 -04:00
|
|
|
beforeEach(function () {
|
2020-06-23 13:30:16 -04:00
|
|
|
return (this.socket = {
|
2021-07-13 07:04:45 -04:00
|
|
|
handshake: { _signedCookies: { 'ol.sid': this.id1 } },
|
2020-06-23 13:30:16 -04:00
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should query redis', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.sessionStore.get.called).to.equal(true)
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should not return an error', function (done) {
|
2021-07-13 07:04:45 -04:00
|
|
|
return this.checkSocket(this.socket, error => {
|
2020-06-23 13:30:16 -04:00
|
|
|
expect(error).to.not.exist
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
2024-06-12 05:51:37 -04:00
|
|
|
it('should return the session', function (done) {
|
2020-06-23 13:30:16 -04:00
|
|
|
return this.checkSocket(this.socket, (error, s, session) => {
|
2021-10-27 05:49:18 -04:00
|
|
|
if (error) return done(error)
|
2020-06-23 13:30:16 -04:00
|
|
|
expect(session).to.deep.equal({ user: { _id: '123' } })
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
2024-06-12 05:51:37 -04:00
|
|
|
|
|
|
|
it('should increment the session.cookie metric with status=signed', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.metrics.inc).to.be.calledWith('session.cookie', 1, {
|
|
|
|
status: 'signed',
|
|
|
|
})
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
2020-06-23 13:30:16 -04:00
|
|
|
})
|
|
|
|
|
2024-06-12 05:51:37 -04:00
|
|
|
describe('with a different valid cookie and matching session', function () {
|
|
|
|
beforeEach(function () {
|
2020-06-23 13:30:16 -04:00
|
|
|
return (this.socket = {
|
2021-07-13 07:04:45 -04:00
|
|
|
handshake: { _signedCookies: { 'ol.sid': this.id2 } },
|
2020-06-23 13:30:16 -04:00
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should query redis', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.sessionStore.get.called).to.equal(true)
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
it('should not return an error', function (done) {
|
2021-07-13 07:04:45 -04:00
|
|
|
return this.checkSocket(this.socket, error => {
|
2020-06-23 13:30:16 -04:00
|
|
|
expect(error).to.not.exist
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
2024-06-12 05:51:37 -04:00
|
|
|
it('should return the other session', function (done) {
|
2020-06-23 13:30:16 -04:00
|
|
|
return this.checkSocket(this.socket, (error, s, session) => {
|
2021-10-27 05:49:18 -04:00
|
|
|
if (error) return done(error)
|
2020-06-23 13:30:16 -04:00
|
|
|
expect(session).to.deep.equal({ user: { _id: 'abc' } })
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
2024-06-12 05:51:37 -04:00
|
|
|
|
|
|
|
it('should increment the session.cookie metric with status=error', function (done) {
|
|
|
|
return this.checkSocket(this.socket, () => {
|
|
|
|
expect(this.metrics.inc).to.be.calledWith('session.cookie', 1, {
|
|
|
|
status: 'signed',
|
|
|
|
})
|
|
|
|
return done()
|
|
|
|
})
|
|
|
|
})
|
2020-06-23 13:30:16 -04:00
|
|
|
})
|
|
|
|
})
|