added test coverage output and ensure 100% test coverage of lib/nano.js

Glynn Bird · Glynn Bird · commit 7303332d6224 · 2025-10-16T10:49:34.000+01:00
diff --git a/lib/nano.js b/lib/nano.js
@@ -100,13 +100,18 @@ export default function Nano(cfg) {
   }
 
   function scrubRequest(req, cloned) {
-    // scrub credentials
-    req.url = scrubURL(req.url)
+    // scrub 
+    if (req.url) {
+      req.url = scrubURL(req.url)
+    }
     if (req.headers.cookie) {
-      req.headers.cookie = 'XXXXXXX'
+      req.headers.cookie = SCRUBBED_STR
     }
     if (req.headers.Authorization) {
-      req.headers.Authorization = 'XXXXXXX'
+      req.headers.Authorization = SCRUBBED_STR
+    }
+    if (req.headers['set-cookie']) {
+      req.headers['set-cookie'] = SCRUBBED_STR
     }
   }
 
@@ -195,7 +200,9 @@ export default function Nano(cfg) {
     }
 
     // either return the output
-    log({ err: null, body: output, headers: response.headers })
+    const loggedObj = { err: null, body: output, headers: Object.fromEntries(response.headers) }
+    scrubRequest(loggedObj)
+    log(loggedObj)
     if (response.ok) return output
 
     // or throw an Error
diff --git a/package.json b/package.json
@@ -25,7 +25,7 @@
     "typescript": "^5.9.2"
   },
   "scripts": {
-    "test": "tsc lib/nano.d.ts && node --test ./test/*.test.js"
+    "test": "tsc lib/nano.d.ts && node --experimental-test-coverage --test ./test/*.test.js"
   },
   "main": "./lib/nano.js",
   "types": "./lib/nano.d.ts",
diff --git a/test/nano.basic.test.js b/test/nano.basic.test.js
@@ -0,0 +1,38 @@
+// Licensed under the Apache License, Version 2.0 (the 'License'); you may not
+// use this file except in compliance with the License. You may obtain a copy of
+// the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an 'AS IS' BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations under
+// the License.
+
+import test from 'node:test'
+import assert from 'node:assert/strict'
+import { COUCH_URL, mockAgent, mockPool, JSON_HEADERS } from './mock.js'
+import Nano from '../lib/nano.js'
+const username = 'username'
+const password = 'password'
+const nano = Nano(`http://${username}:${password}@127.0.0.1:5984`)
+
+test('should be able to authenticate with basic auth', async () => {
+  // mocks
+  const response = ['replicator']
+
+  mockPool
+    .intercept({
+      path: '/_all_dbs',
+      headers: {
+        Authorization: 'Basic dXNlcm5hbWU6cGFzc3dvcmQ='
+      }
+    })
+    .reply(200, response, JSON_HEADERS)
+    
+  // test POST /_session
+  const p = await nano.db.list()
+  assert.deepEqual(p, response)
+  mockAgent.assertNoPendingInterceptors()
+})
diff --git a/test/nano.logger.test.js b/test/nano.logger.test.js
@@ -38,3 +38,54 @@ test('should be able to log output with user-defined function', async () => {
   assert.equal(logs.length, 2)
   mockAgent.assertNoPendingInterceptors()
 })
+
+test('should be able to log output with cookie auth', async () => {
+  // setup Nano with custom logger
+  const logs = []
+  const nano = Nano({
+    url: COUCH_URL,
+    log: (data) => {
+      logs.push(data)
+    }
+  })
+
+  // mocks
+  // mocks
+  const username = 'u'
+  const password = 'p'
+  const response = { ok: true, name: 'admin', roles: ['_admin', 'admin'] }
+  const c = 'AuthSession=YWRtaW46NUU0MTFBMDE6stHsxYnlDy4mYxwZEcnXHn4fm5w'
+  const cookie = `${c}; Version=1; Expires=Mon, 10-Feb-2050 09:03:21 GMT; Max-Age=600; Path=/; HttpOnly`
+
+  mockPool
+    .intercept({
+      method: 'post',
+      path: '/_session',
+      body: JSON.stringify({ name: username, password })
+    })
+    .reply(200, response, {
+      headers: {
+        'content-type': 'application/json',
+        'Set-Cookie': cookie
+      }
+    })
+  mockPool
+    .intercept({
+      path: '/_all_dbs',
+      headers: {
+        cookie: c
+      }
+    })
+    .reply(200, ['a'], JSON_HEADERS)
+
+  // test POST /_session
+  const p = await nano.auth(username, password)
+  assert.deepEqual(p, response)
+  const q = await nano.db.list()
+  assert.deepEqual(q, ['a'])
+  assert.equal(logs.length, 4)
+  // check set-cookie and cookie are scrubbed
+  assert.equal(logs[1].headers['set-cookie'], 'XXXXXX')
+  assert.equal(logs[2].headers['cookie'], 'XXXXXX')
+  mockAgent.assertNoPendingInterceptors()
+})

Original file line number	Diff line number	Diff line change
`@@ -100,13 +100,18 @@ export default function Nano(cfg) {`
`100`	`100`	`}`
`101`	`101`
`102`	`102`	`function scrubRequest(req, cloned) {`
`103`		`- // scrub credentials`
`104`		`- req.url = scrubURL(req.url)`
	`103`	`+ // scrub`
	`104`	`+ if (req.url) {`
	`105`	`+ req.url = scrubURL(req.url)`
	`106`	`+ }`
`105`	`107`	`if (req.headers.cookie) {`
`106`		`- req.headers.cookie = 'XXXXXXX'`
	`108`	`+ req.headers.cookie = SCRUBBED_STR`
`107`	`109`	`}`
`108`	`110`	`if (req.headers.Authorization) {`
`109`		`- req.headers.Authorization = 'XXXXXXX'`
	`111`	`+ req.headers.Authorization = SCRUBBED_STR`
	`112`	`+ }`
	`113`	`+ if (req.headers['set-cookie']) {`
	`114`	`+ req.headers['set-cookie'] = SCRUBBED_STR`
`110`	`115`	`}`
`111`	`116`	`}`
`112`	`117`
`@@ -195,7 +200,9 @@ export default function Nano(cfg) {`
`195`	`200`	`}`
`196`	`201`
`197`	`202`	`// either return the output`
`198`		`- log({ err: null, body: output, headers: response.headers })`
	`203`	`+ const loggedObj = { err: null, body: output, headers: Object.fromEntries(response.headers) }`
	`204`	`+ scrubRequest(loggedObj)`
	`205`	`+ log(loggedObj)`
`199`	`206`	`if (response.ok) return output`
`200`	`207`
`201`	`208`	`// or throw an Error`