Testing auth (jwt)

Hi!

i have follwing test:

test('should return 401 when credentials are incorrect', async ({ client }) => {

  const response = await client
    .post('/login')
    .send({
      email: 'joe.user@user.com',
      password: 'mypassword'
    })
    .accept('json')
    .end()

  response.assertError({
    success: false
  })
  response.assertStatus(401)
})

the test runs fine but i have additional unneeded output in the console:

 Post
superagent: Enable experimental feature http2
{ PasswordMisMatchException: E_PASSWORD_MISMATCH: Cannot verify user password
   at Function.invoke (/Users/rb/Sourcen/apptest/server/node_modules/@adonisjs/auth/src/Exceptions/index.js:99:19)
   at JwtScheme.invalidPassword (/Users/rb/Sourcen/apptest/server/node_modules/@adonisjs/auth/src/Schemes/Base.js:279:41)
   at JwtScheme.validate (/Users/rb/Sourcen/apptest/server/node_modules/@adonisjs/auth/src/Schemes/Base.js:194:18) passwordField: 'password', authScheme: 'jwt' }
   ✓ should return 401 when credentials are incorrect (382ms)
   ✓ a user can log in inside the application (173ms)

How can i hide the “E_PASSWORD_MISMATCH” error and the stack?

Bye, René

When you hit the endpoint with that request having a wrong password. not only you the server bans it (401 HTTP error code) but it also raises PasswordMisMatchException exception which the present code did not handle.

Maybe you can try this:

test('should return 401 when credentials are incorrect and throw an exception', async ({ assert }) => {
  try {
       const response = await client
        .post('/login')
        .send({
          email: 'joe.user@user.com',
          password: 'mypassword'
        })
        .accept('json')
        .end()
  } catch ({ message }) {
    assert.equal(message, 'E_PASSWORD_MISMATCH: Cannot verify user password')
    response.assertStatus(401)
    response.assertError({  success: false  })
  }
})

The trick is to catch the error message and assert that we really got it in case the password is wrong.

Ah! :+1: Thank you!