seb/fibdash
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
master
fibdash/test-auth.js
sebseb7 102a4ec9ff genesis
2025-07-19 21:58:07 +02:00

53 lines
1.8 KiB
JavaScript
Executable File
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env node
// Simple test script to verify email authorization
require('dotenv').config();
const jwt = require('jsonwebtoken');
console.log('🧪 Testing Email Authorization System\n');
// Test data
const JWT_SECRET = process.env.JWT_SECRET || 'fallback_secret';
const AUTHORIZED_EMAILS = process.env.AUTHORIZED_EMAILS || '';
console.log(`Authorized emails: ${AUTHORIZED_EMAILS || 'None (all users allowed)'}`);
// Test cases
const testUsers = [
{ email: 'admin@example.com', name: 'Admin User' },
{ email: 'user1@example.com', name: 'User One' },
{ email: 'unauthorized@hacker.com', name: 'Unauthorized User' },
];
// Import the authorization function
const { isEmailAuthorized } = require('./src/middleware/emailAuth');
console.log('\n📋 Authorization Test Results:\n');
testUsers.forEach(user => {
const isAuthorized = isEmailAuthorized(user.email);
const status = isAuthorized ? '✅ AUTHORIZED' : '❌ DENIED';
console.log(`${status} - ${user.name} (${user.email})`);
if (isAuthorized) {
// Create a JWT token for authorized users
const token = jwt.sign(
{ id: 'test', email: user.email, name: user.name },
JWT_SECRET,
{ expiresIn: '1h' }
);
console.log(` Token: ${token.substring(0, 50)}...`);
}
});
console.log('\n🔐 Security Check:');
console.log(`- Email authorization: ${AUTHORIZED_EMAILS && AUTHORIZED_EMAILS.trim() !== '' ? 'ENABLED' : 'DISABLED'}`);
console.log(`- JWT verification: ENABLED`);
console.log(`- API endpoint protection: ENABLED`);
if (!AUTHORIZED_EMAILS || AUTHORIZED_EMAILS.trim() === '') {
console.log('\n🛡 SECURITY: No authorized emails configured. ALL USERS DENIED ACCESS.');
console.log(' Set AUTHORIZED_EMAILS in your .env file to allow specific users.');
}
console.log('\n✅ Authorization system test complete!');
Reference in New Issue View Git Blame Copy Permalink