feat(api): add authentication example server

examples/server.js

@@ -0,0 +1,21 @@
+'use strict';
+
+const express = require('express');
+const mongo = require('../test/support/mongo');
+const redis = require('../test/support/redis');
+
+const app = module.exports = express();
+const auth = require('../');
+
+app.use(auth({
+  mongo: mongo.users,
+  redis,
+}));
+
+app.get('/', (req, res) => {
+  res.end(`Hello ${req.user.name}`);
+});
+
+app.use((err, req, res, next) => {
+  res.status(err.code).json(err.toJSON());
+});

test/xeptance/server.js

@@ -0,0 +1,44 @@
+'use strict';
+
+const request = require('supertest');
+let app;
+
+before(() => {
+  app = request(require('../../examples/server')); // eslint-disable-line global-require
+});
+
+describe('Acceptance Server', () => {
+  it('accepts unauthenticated user', done => {
+    app.get('/')
+      .set('x-forwarded-for', '123.456.789')
+      .expect(200)
+      .expect('X-User-Auth', 'false')
+      .expect('X-RateLimit-Limit', '100')
+      .expect('X-RateLimit-Remaining', '99')
+      .expect('X-RateLimit-Reset', /[0-9]{10}/)
+      .expect('Hello guest (123.456.789)', done);
+  });
+
+  it('authenticates user with valid Authorization header', done => {
+    app.get('/')
+      .set('Authorization', 'Token foo_app1_dev')
+      .expect(200)
+      .expect('X-User-Auth', 'true')
+      .expect('X-User-Provider', 'FOO')
+      .expect('X-RateLimit-Limit', '500')
+      .expect('X-RateLimit-Remaining', '499')
+      .expect('X-RateLimit-Reset', /[0-9]{10}/)
+      .expect('Hello FOO (foo_app1)', done);
+  });
+
+  it('authenticates user with valid api_key query param', done => {
+    app.get('/?api_key=foo_app1_dev')
+      .expect(200)
+      .expect('X-User-Auth', 'true')
+      .expect('X-User-Provider', 'FOO')
+      .expect('X-RateLimit-Limit', '500')
+      .expect('X-RateLimit-Remaining', '499')
+      .expect('X-RateLimit-Reset', /[0-9]{10}/)
+      .expect('Hello FOO (foo_app1)', done);
+  });
+});