change verifyUser to receive currentTime as a Date obj

Co-authored-by: Tom Richards <[email protected]>
guardian · Dec 6, 2024 · fd908bf · fd908bf
1 parent 440b5d6
commit fd908bf
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 9 deletions.
diff --git a/pan-domain-node/src/panda.ts b/pan-domain-node/src/panda.ts
@@ -46,7 +46,7 @@ export function createCookie(user: User, privateKey: string): string {
     return queryParamsString + "." + signature
 }
 
-export function verifyUser(pandaCookie: string | undefined, publicKey: string, currentTimestamp: number, validateUser: ValidateUserFn): AuthenticationResult {
+export function verifyUser(pandaCookie: string | undefined, publicKey: string, currentTime: Date, validateUser: ValidateUserFn): AuthenticationResult {
     if(!pandaCookie) {
         return { status: AuthenticationStatus.INVALID_COOKIE };
     }
@@ -57,6 +57,8 @@ export function verifyUser(pandaCookie: string | undefined, publicKey: string, c
         return { status: AuthenticationStatus.INVALID_COOKIE };
     }
 
+    const currentTimestamp = currentTime.getTime();
+
     try {
         const user: User = parseUser(data);
         const isExpired = user.expires < currentTimestamp;
@@ -124,8 +126,7 @@ export class PanDomainAuthentication {
             const cookies = cookie.parse(requestCookies);
             const pandaCookie = cookies[this.cookieName];
 
-            const now = new Date().getTime();
-            return verifyUser(pandaCookie, publicKey, now, this.validateUser);
+            return verifyUser(pandaCookie, publicKey, new Date(), this.validateUser);
         });
     }
 }
diff --git a/pan-domain-node/test/panda.test.ts b/pan-domain-node/test/panda.test.ts
@@ -13,28 +13,29 @@ import {decodeBase64} from "../src/utils";
 describe('verifyUser', function () {
 
     test("return invalid cookie if missing", () => {
-        expect(verifyUser(undefined, "", 0, guardianValidation).status).toBe(AuthenticationStatus.INVALID_COOKIE);
+        expect(verifyUser(undefined, "", new Date(0), guardianValidation).status).toBe(AuthenticationStatus.INVALID_COOKIE);
     });
 
     test("return invalid cookie for a malformed signature", () => {
         const [data, signature] = sampleCookie.split(".");
         const testCookie = data + ".1234";
 
-        expect(verifyUser(testCookie, publicKey, 0, guardianValidation).status).toBe(AuthenticationStatus.INVALID_COOKIE);
+        expect(verifyUser(testCookie, publicKey, new Date(0), guardianValidation).status).toBe(AuthenticationStatus.INVALID_COOKIE);
     });
 
     test("return expired", () => {
-        const someTimeInTheFuture = 5678;
+        const someTimeInTheFuture = new Date(5678);
+        expect(someTimeInTheFuture.getTime()).toBe(5678);
         expect(verifyUser(sampleCookie, publicKey, someTimeInTheFuture, guardianValidation).status).toBe(AuthenticationStatus.EXPIRED);
     });
 
     test("return not authenticated if user fails validation function", () => {
-        expect(verifyUser(sampleCookieWithoutMultifactor, publicKey, 0, guardianValidation).status).toBe(AuthenticationStatus.NOT_AUTHORISED);
-        expect(verifyUser(sampleNonGuardianCookie, publicKey, 0, guardianValidation).status).toBe(AuthenticationStatus.NOT_AUTHORISED);
+        expect(verifyUser(sampleCookieWithoutMultifactor, publicKey, new Date(0), guardianValidation).status).toBe(AuthenticationStatus.NOT_AUTHORISED);
+        expect(verifyUser(sampleNonGuardianCookie, publicKey, new Date(0), guardianValidation).status).toBe(AuthenticationStatus.NOT_AUTHORISED);
     });
 
     test("return authenticated", () => {
-        expect(verifyUser(sampleCookie, publicKey, 0, guardianValidation).status).toBe(AuthenticationStatus.AUTHORISED);
+        expect(verifyUser(sampleCookie, publicKey, new Date(0), guardianValidation).status).toBe(AuthenticationStatus.AUTHORISED);
     });
 });