Mutai Mwiti mutaimwiti

## index.js
/**
 * Instructions
 *
 * 1. mkdir test
 * 2. cd test
 * 3. npm init
 * 4. accept all defaults is fine
 * 5. npm install @akanass/rx-http-request
 * 6. paste code below into new file index.js
 * 7. update username, password, other variables

## redux.test.js
const pw = require('playwright');

(async () => {
    const browser = await pw.chromium.launch();
    const context = await browser.newContext();

    // set addInitScript to run this on every page load in this context
    // in the app, use window.IS_PLAYWRIGHT to set window.store = store;
    await context.addInitScript('window.IS_PLAYWRIGHT = true;')

## jwt-expiration.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                mutaimwiti
                / jwt-expiration.md
            
            
              Created
              November 16, 2020 05:44
                — forked from soulmachine/jwt-expiration.md
            
              
                How to deal with JWT expiration?
              
          
    First of all, please note that token expiration and revoking are two different things.

Expiration only happens for web apps, not for native mobile apps, because native apps never expire.
Revoking only happens when (1) uses click the logout button on the website or native Apps;(2) users reset their passwords; (3) users revoke their tokens explicitly in the administration panel.

1. How to hadle JWT expiration

A JWT token that never expires is dangerous if the token is stolen then someone can always access the user's data.
Quoted from JWT RFC:

  
## app.js
// test/testUtils/app.js

import supertest from 'supertest';
import appDef from '../../src/app';

const { generateAuthToken } = require('../../src/utils');
const { User } = require('../../src/models');

class App {
  constructor() {

## app.js
// test/testUtils/app.js

var supertest = require('supertest');
var appDef = require('../../src/app');

var User = require('../../src/models').User;
var generateAuthToken = require('../../src/utils').generateAuthToken;

var app = {
  client: supertest(appDef),

## article.spec.js
// test/article.spec.js
var app = require('./testUtils/app');

describe('Articles', function() {
  describe('GET', function() {
    it('should not allow unauthenticated users to list all articles', function(done) {
      app.get('/articles').expect(401, done);
    });

    it('should allow authenticated users to list all articles', function(done) {

## article.spec.js
// test/article.spec.js

import app from './testUtils/app';

describe('Articles', () => {
  describe('GET', () => {
    it('should not allow unauthenticated users to list all articles', async () => {
      const res = await app.get('/articles');

      expect(res.status).toBe(401);

## article.spec.js
const request = require('supertest');

const request = supertest(app);

describe('Articles', function () {
    it('should allow users to list all articles', function (done) {
        request
            .get('/articles')
            .set('authorization', generateAuthToken())
            .expect(200, done)

## article.spec.js
const request = require('supertest');

describe('Articles', function () {
    it('should allow users to list all articles', function (done) {
        request(app).get('/articles').expect(200, done)
    });

    it('should allow users to get one article', function (done) {
        request(app).get('/articles/2').expect(200, done)
    });

## article.spec.js
const request = require('supertest');

const request = supertest(app);

describe('Articles', function () {
    it('should allow users to list all articles', function (done) {
        request.get('/articles').expect(200, done)
    });

    it('should allow users to get one article', function (done) {
	/**
	* Instructions
	*
	* 1. mkdir test
	* 2. cd test
	* 3. npm init
	* 4. accept all defaults is fine
	* 5. npm install @akanass/rx-http-request
	* 6. paste code below into new file index.js
	* 7. update username, password, other variables
	const pw = require('playwright');

	(async () => {
	const browser = await pw.chromium.launch();
	const context = await browser.newContext();

	// set addInitScript to run this on every page load in this context
	// in the app, use window.IS_PLAYWRIGHT to set window.store = store;
	await context.addInitScript('window.IS_PLAYWRIGHT = true;')
	// test/testUtils/app.js

	import supertest from 'supertest';
	import appDef from '../../src/app';

	const { generateAuthToken } = require('../../src/utils');
	const { User } = require('../../src/models');

	class App {
	constructor() {
	// test/testUtils/app.js

	var supertest = require('supertest');
	var appDef = require('../../src/app');

	var User = require('../../src/models').User;
	var generateAuthToken = require('../../src/utils').generateAuthToken;

	var app = {
	client: supertest(appDef),
	// test/article.spec.js
	var app = require('./testUtils/app');

	describe('Articles', function() {
	describe('GET', function() {
	it('should not allow unauthenticated users to list all articles', function(done) {
	app.get('/articles').expect(401, done);
	});

	it('should allow authenticated users to list all articles', function(done) {
	// test/article.spec.js

	import app from './testUtils/app';

	describe('Articles', () => {
	describe('GET', () => {
	it('should not allow unauthenticated users to list all articles', async () => {
	const res = await app.get('/articles');

	expect(res.status).toBe(401);
	const request = require('supertest');

	const request = supertest(app);

	describe('Articles', function () {
	it('should allow users to list all articles', function (done) {
	request
	.get('/articles')
	.set('authorization', generateAuthToken())
	.expect(200, done)