Supertest authenticate with bearer token

gistfile1.js

'use strict';

var should = require('should');
var app = require('../../app');
var request = require('supertest')(app);

describe('GET /api/incidents', function() {

    it('should require authorization', function(done) {
        request
            .get('/api/incidents')
            .expect(401)
            .end(function(err, res) {
                if (err) return done(err);
                done();
            });
    });

    var auth = {};
    before(loginUser(auth));

    it('should respond with JSON array', function(done) {
        request
            .get('/api/incidents')
            .set('Authorization', 'bearer ' + auth.token)
            .expect(200)
            .expect('Content-Type', /json/)
            .end(function(err, res) {
                if (err) return done(err);
                res.body.should.be.instanceof(Array);
                done();
            });
    });

});

function loginUser(auth) {
    return function(done) {
        request
            .post('/auth/local')
            .send({
                email: 'test@test.com',
                password: 'test'
            })
            .expect(200)
            .end(onResponse);

        function onResponse(err, res) {
            auth.token = res.body.token;
            return done();
        }
    };
}

You can use the auth method instead of setting the Authorization header by hand:

    it('should respond with JSON array', function(done) {
        request
            .get('/api/incidents')
            .auth(auth.token, { type: 'bearer' })
            .expect(200)
            .expect('Content-Type', /json/)
            .end(function(err, res) {
                if (err) return done(err);
                res.body.should.be.instanceof(Array);
                done();
            });
    });
``'

This worked for me. Thank you!