Supertest sessions

Session wrapper around supertest.

References:

• https://gist.github.com/joaoneto/5152248
• https://github.com/visionmedia/supertest/issues/46
• https://github.com/visionmedia/supertest/issues/26

Installation

$ npm install --save-dev supertest supertest-session

Test

$ npm test

Usage

Require supertest-session and pass in the test application:

1var session = require('supertest-session');
2var myApp = require('../../path/to/app');
3
4var testSession = null;
5
6beforeEach(function () {
7  testSession = session(myApp);
8});

And set some expectations:

1it('should fail accessing a restricted page', function (done) {
2  testSession.get('/restricted')
3    .expect(401)
4    .end(done)
5});
6
7it('should sign in', function (done) {
8  testSession.post('/signin')
9    .send({ username: 'foo', password: 'password' })
10    .expect(200)
11    .end(done);
12});

You can set preconditions:

1describe('after authenticating session', function () {
2
3  var authenticatedSession;
4
5  beforeEach(function (done) {
6    testSession.post('/signin')
7      .send({ username: 'foo', password: 'password' })
8      .expect(200)
9      .end(function (err) {
10        if (err) return done(err);
11        authenticatedSession = testSession;
12        return done();
13      });
14  });
15
16  it('should get a restricted page', function (done) {
17    authenticatedSession.get('/restricted')
18      .expect(200)
19      .end(done)
20  });
21
22});
23

Accessing cookies

The cookies attached to the session may be retrieved from session.cookies:

1var sessionCookie = testSession.cookies.find(function (cookie) {
2  return cookie.name === connect.sid;
3});

If you're using

Request hooks

By default, supertest-session authenticates using session cookies. If your app uses a custom strategy to restore sessions, you can provide before and after hooks to adjust the request and inspect the response:

1var testSession = session(myApp, {
2  before: function (req) {
3    req.set('authorization', 'Basic aGVsbG86d29ybGQK');
4  }
5});

Cookie Jar Access Options

By default supertest-session will derive the CookieAccessInfo config of the cookie jar from the agent configuration. There might be cases where you want to override this, e.g. if you're testing a service which is configured to run behind a proxy but which sets secure cookies. To have supertest-session expose these secure cookies you can provide an override config to the internal call to CookieAccessInfo:

1var cookieAccess = {
2  domain: 'example.com',
3  path: '/testpath',
4  secure: true,
5  script: true,
6};
7var testSession = session(myApp, { cookieAccess: cookieAccess });

By default the underlying supertest agent will still determine the CookieAccessInfo from the URL. If you want supertest-session to instead send cookies according to this cookieAccess config you can make use of the before hook:

1var cookieAccess = {
2  domain: 'example.com',
3  path: '/testpath',
4  secure: true,
5  script: true,
6};
7var testSession = session(myApp, {
8  cookieAccess: cookieAccess,
9  before: function (req) {
10    req.cookies = this.cookies.toValueString();
11  },
12});

License

MIT