Code Reference

Auth Testing

Jest · Reference cheat sheet

Jest · Reference cheat sheet


📋 Overview

Cover login helpers, token attachment, and guarded UI/API behavior. Mock auth modules at the boundary; integration-test the real login endpoint in CI.

🔧 Core concepts

CaseAssert
Login OKToken stored / returned
Bad passwordError thrown / 401
Authed requestAuthorization header set
Logged outRedirect or null user

💡 Examples

Unit: attach bearer:

function withAuth(headers, token) {
  return { ...headers, Authorization: `Bearer ${token}` };
}

test('adds bearer', () => {
  expect(withAuth({}, 'abc')).toEqual({ Authorization: 'Bearer abc' });
});

Login API:

const BASE = process.env.API_URL || 'http://127.0.0.1:8000';

test('login returns access_token', async () => {
  const res = await fetch(`${BASE}/api/auth/login`, {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({
      email: process.env.TEST_EMAIL || 'ada@example.com',
      password: process.env.TEST_PASS || 'secret',
    }),
  });
  expect(res.ok).toBe(true);
  const body = await res.json();
  expect(body.access_token).toEqual(expect.any(String));
});

React Testing Library guard (sketch):

test('redirects when logged out', () => {
  render(
    <AuthProvider value={{ user: null }}>
      <Protected />
    </AuthProvider>,
  );
  expect(screen.getByText(/sign in/i)).toBeInTheDocument();
});

⚠️ Pitfalls

  • Don't assert on wall-clock JWT expiry without fake timers.
  • Clear localStorage in afterEach when testing browser storage.

On this page