Gathering detailed insights and metrics for supertest-session
Gathering detailed insights and metrics for supertest-session
Gathering detailed insights and metrics for supertest-session
Gathering detailed insights and metrics for supertest-session
npm install supertest-session
51.4
Supply Chain
99
Quality
77.3
Maintenance
100
Vulnerability
100
License
Module System
Min. Node Version
Typescript Support
Node Version
NPM Version
89 Stars
124 Commits
21 Forks
7 Watching
10 Branches
9 Contributors
Updated on 30 Oct 2024
Minified
Minified + Gzipped
JavaScript (100%)
Cumulative downloads
Total Downloads
Last day
-0%
3,690
Compared to previous day
Last week
-14.2%
20,353
Compared to previous week
Last month
12.8%
94,029
Compared to previous month
Last year
-21%
1,010,157
Compared to previous year
Session wrapper around supertest.
References:
$ npm install --save-dev supertest supertest-session
$ npm test
Require supertest-session
and pass in the test application:
1var session = require('supertest-session'); 2var myApp = require('../../path/to/app'); 3 4var testSession = null; 5 6beforeEach(function () { 7 testSession = session(myApp); 8});
And set some expectations:
1it('should fail accessing a restricted page', function (done) { 2 testSession.get('/restricted') 3 .expect(401) 4 .end(done) 5}); 6 7it('should sign in', function (done) { 8 testSession.post('/signin') 9 .send({ username: 'foo', password: 'password' }) 10 .expect(200) 11 .end(done); 12});
You can set preconditions:
1describe('after authenticating session', function () { 2 3 var authenticatedSession; 4 5 beforeEach(function (done) { 6 testSession.post('/signin') 7 .send({ username: 'foo', password: 'password' }) 8 .expect(200) 9 .end(function (err) { 10 if (err) return done(err); 11 authenticatedSession = testSession; 12 return done(); 13 }); 14 }); 15 16 it('should get a restricted page', function (done) { 17 authenticatedSession.get('/restricted') 18 .expect(200) 19 .end(done) 20 }); 21 22}); 23
The cookies attached to the session may be retrieved from session.cookies
:
1var sessionCookie = testSession.cookies.find(function (cookie) { 2 return cookie.name === connect.sid; 3});
If you're using
By default, supertest-session authenticates using session cookies. If your app
uses a custom strategy to restore sessions, you can provide before
and after
hooks to adjust the request and inspect the response:
1var testSession = session(myApp, { 2 before: function (req) { 3 req.set('authorization', 'Basic aGVsbG86d29ybGQK'); 4 } 5});
By default supertest-session will derive the CookieAccessInfo config of the cookie jar from the agent configuration. There might be cases where you want to override this, e.g. if you're testing a service which is configured to run behind a proxy but which sets secure cookies. To have supertest-session expose these secure cookies you can provide an override config to the internal call to CookieAccessInfo:
1var cookieAccess = { 2 domain: 'example.com', 3 path: '/testpath', 4 secure: true, 5 script: true, 6}; 7var testSession = session(myApp, { cookieAccess: cookieAccess });
By default the underlying supertest
agent will still determine the CookieAccessInfo from the URL.
If you want supertest-session to instead send cookies according to this cookieAccess
config you
can make use of the before
hook:
1var cookieAccess = { 2 domain: 'example.com', 3 path: '/testpath', 4 secure: true, 5 script: true, 6}; 7var testSession = session(myApp, { 8 cookieAccess: cookieAccess, 9 before: function (req) { 10 req.cookies = this.cookies.toValueString(); 11 }, 12});
MIT
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
Reason
Found 4/16 approved changesets -- score normalized to 2
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Reason
12 existing vulnerabilities detected
Details
Score
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More