Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/app/api/auth/key-backup/route.js
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ async function authenticateUser(request) {
}

const cookies = Object.fromEntries(
cookieHeader.split('; ').map(cookie => {
cookieHeader.split(/;\s*/).map(cookie => {
const [name, value] = cookie.split('=');
return [name, decodeURIComponent(value)];
})
Expand Down
82 changes: 82 additions & 0 deletions src/app/api/auth/key-backup/route.test.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
import { beforeEach, describe, expect, it, vi } from 'vitest';

const mocks = vi.hoisted(() => ({
authGetUser: vi.fn(),
serviceFrom: vi.fn()
}));

vi.mock('@supabase/supabase-js', () => ({
createClient: vi.fn(() => ({
auth: {
getUser: mocks.authGetUser
}
}))
}));

vi.mock('@/lib/supabase/service-role.js', () => ({
createServiceRoleClient: vi.fn(() => ({
from: mocks.serviceFrom
}))
}));

function cookieValue(token) {
return `base64-${Buffer.from(JSON.stringify({ access_token: token })).toString('base64')}`;
}

function createBackupQuery() {
const query = {
select: vi.fn(() => query),
eq: vi.fn(() => query),
single: vi.fn(() =>
Promise.resolve({
data: {
encrypted_keys: '{"version":1}',
created_at: '2026-07-11T00:00:00.000Z',
updated_at: '2026-07-11T00:00:00.000Z'
},
error: null
})
)
};
return query;
}

describe('key backup cookie authentication', () => {
beforeEach(() => {
vi.resetModules();
vi.clearAllMocks();
process.env.NEXT_PUBLIC_SUPABASE_URL = 'https://example.supabase.co';
process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY = 'anon-key';

mocks.authGetUser.mockResolvedValue({
data: { user: { id: 'auth-user-id' } },
error: null
});
mocks.serviceFrom.mockImplementation((table) => {
if (table === 'key_backups') return createBackupQuery();
throw new Error(`Unexpected table: ${table}`);
});
});

it('accepts valid cookie headers without a space after semicolons', async () => {
const { GET } = await import('./route.js');
const response = await GET(
new Request('https://qrypt.chat/api/auth/key-backup', {
headers: {
cookie: `sb-xydzwxwsbgmznthiiscl-auth-token=${cookieValue('access-token')};session=ignored`
}
})
);
const body = await response.json();

expect(response.status).toBe(200);
expect(body).toEqual({
backup: {
encrypted_keys: '{"version":1}',
created_at: '2026-07-11T00:00:00.000Z',
updated_at: '2026-07-11T00:00:00.000Z'
}
});
expect(mocks.authGetUser).toHaveBeenCalledWith('access-token');
});
});
Loading