How do you test a Node JS application with Passport authentication effortless?

Question

While implementing the function "ensureAuthenticated" in a Node JS app to always require a logged in user, and also requiring Oauth2 to log in that requires a HTTPS site I need to deploy my application to a host every single time I want to test a route. How can I test continously without wasting time deploying?

Answer 1

I implemented a testing middleware that allows me to bypass the authentication when I run locally and I have the environment variable set to test. Here are the code samples:

My setup

const express = require('express');
const expressLayouts = require('express-ejs-layouts');
const mongoose = require('mongoose');
const flash = require('connect-flash');
const session = require('express-session');
const passport = require('passport');
const MongoStore = require('connect-mongo')(session);
const cookieParser = require('cookie-parser');
const testconfig = require('./config/testconfig');
const { ensureAuthenticated } = require('../config/auth');

And then a typical ensureAuthenticated method looks like this in my auth.js

module.exports = {
    ensureAuthenticated: function(req, res, next) {
        if (req.isAuthenticated()) {
            return next();  
        }
        req.flash('error_msg', 'Please log in to view this resource');
        res.redirect('/');
    }
}

Which allows me to create routes in a simple manner like this:

router.get('/dashboard', ensureAuthenticated, function(req, res) {
    res.render('dashboard', {name: req.user.id});
})

It is important to notice that my particular passport implementation gives me the req.user.id variable that i am working with, that identifies the user that is currently logged in. After building the routes, i am now locked and bound to always deploy my solution to my host, in my case Herokuapps.com which offers free hosting to develop with.

To the testing.

To bypass the authentication locally I use the dotenv npm package to set environment variables. my .env file looks like this:

NODE_ENV='test'

Now I can implement my own middleware, you might have noticed the row:

const testconfig = require('./config/testconfig');

that I use, here is the code for that testconfig.js:

module.exports = function () {
    return function (req, res, next) {
      // Implement the middleware function based on the options object
      if(process.env.NODE_ENV === 'test'){
        req.user = {
          id: 'testuser',
          battletag:'testbattletag'
        }
      }
      next()
    }
  }

I make the app use it by calling:

app.use(testconfig());

And finally I edit the ensureAuthenticated method to this:

module.exports = {
    ensureAuthenticated: function(req, res, next) {
        if(process.env.NODE_ENV === 'test'){
            return next();
        }
        if (req.isAuthenticated()) {
            return next();  
        }
        req.flash('error_msg', 'Please log in to view this resource');
        res.redirect('/');
    }
}

All set up and ready to go! Now I can in peace use nodemon to instantly see the changes while developing the routes while they are still ready for production. All I need to do is set the environment variable to something like 'production' in my .env file like this:

NODE_ENV='production'