I am testing my API with supertest
I want to check if my CSRF marker protection works, and then disable it for other tests.
For this, I installed NODE_ENVin testornot_test
app.js
var csrf = require('csurf');
var app = express();
if (process.env.NODE_ENV !== 'test') {
app.use(csrf({ cookie: true }));
app.use(function(req, res, next) {
res.cookie('XSRF-TOKEN', req.csrfToken());
return next();
});
}
CSRF test
process.env.NODE_ENV = 'not_test';
var app = require("app.js");
var request = require('supertest')(app);
var testAccount = {
"login": "test",
"pass": "test"
};
describe('CSRF protection', function() {
it('On /login', function(done){
request
.post('/login')
.send(testAccount)
.expect(403, done);
});
});
Test
login NODE_ENV is now being tested
process.env.NODE_ENV = 'test';
var app = require("app.js");
var request = require('supertest').agent(app);
var testAccount = {
"login": "test",
"pass": "test"
};
describe('API Admin roads', function() {
before(function (done) {
request
.post('/login')
.send(testAccount)
.end(done);
});
it('/api/admin/groups/', function(done){
request
.get('/api/admin/groups/')
.expect(200, done);
});
});
The problem is that only the first is taken into account process.env.NODE_ENV, if I install it on not_test, and then on test, I will still be in not_test.
source
share