The latest articles on Forem by Aditya Nandan (@mad). https://forem.com/mad https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1042517%2Fc3cd3f56-6e71-4fef-b9e7-62fa7dac57ab.jpg https://forem.com/mad en Aditya Nandan Mon, 25 Mar 2024 18:47:22 +0000 https://forem.com/mad/api-testing-with-clerk-and-express-2i56 https://forem.com/mad/api-testing-with-clerk-and-express-2i56 <h2> Introduction </h2> <p>This guide outlines the process of setting up API testing with an Express server using Clerk middlewares for route protection and Jest with Supertest as the testing framework. Before proceeding, ensure you have an Express server configured, Clerk middlewares implemented for route protection, and have selected a testing framework. The procedure involves generating a long-lived JWT token using Clerk, fetching the token, and setting up API testing by adding authentication headers to requests sent to protected endpoints.</p> <h2> Prerequisites - </h2> <ul> <li>you have a express server setup</li> <li>you are using <a href="https://clerk.com/docs/backend-requests/handling/nodejs" rel="noopener noreferrer">Clerk middlewares</a> to protect routes</li> <li>you have selected a testing framework. In my case, it's <a href="https://jestjs.io/" rel="noopener noreferrer">Jest</a> with <a href="https://github.com/ladjs/supertest#readme" rel="noopener noreferrer">Supertest</a> </li> </ul> <h2> The procedure </h2> <h3> Step 1 - Generate long-lived JWT </h3> <p><a href="https://clerk.com/docs/testing/postman-or-insomnia#generate-long-lived-jwt-template" rel="noopener noreferrer">Same as mentioned here</a></p> <ul> <li>Go to the <a href="https://dashboard.clerk.com/last-active?path=jwt-templates" rel="noopener noreferrer">JWT Templates page</a> </li> </ul> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv1r7uga7x1sxgvrhp8bg.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv1r7uga7x1sxgvrhp8bg.png" alt="Clerk JWT templates page" width="800" height="437"></a></p> <ul> <li>Create a new template</li> <li>Select blank on the dialog</li> <li>Name it something like <code>testing-template</code> </li> <li>Set the token lifetime to the maximum value - <code>315360000</code> (10 years)</li> <li>If you added custom claims to the normal session token, then you should add the same claims to your JWT Template</li> </ul> <h3> Step 2 - Fetch long-lived token </h3> <ul> <li>Go to the <a href="https://dashboard.clerk.com/" rel="noopener noreferrer">Clerk Dashboard</a> </li> <li>Create a new user with an email like <code>test.user@test.com</code> and any password</li> <li>Click on the impersonate user button after the user is created. <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffyzn1i2sgd5muy9ixbs0.png" alt="Clerk Impersonate user button" width="800" height="599"> </li> <li>This will redirect you to a new page</li> <li>Open the dev console on that page by pressing <code>Ctrl+Shift+I</code> </li> <li>Paste or type this in - </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="k">await</span> <span class="nb">window</span><span class="p">.</span><span class="nx">Clerk</span><span class="p">.</span><span class="nx">session</span><span class="p">.</span><span class="nf">getToken</span><span class="p">({</span> <span class="na">template</span><span class="p">:</span> <span class="dl">"</span><span class="s2">testing-template</span><span class="dl">"</span> <span class="p">});</span> </code></pre> </div> <p>make sure to replace <code>testing-template</code> with the name you chose while creating the jwt template in Step 1</p> <ul> <li>The output will be a jwt token</li> <li>copy this token</li> </ul> <h3> Step 3 - Setup API Testing </h3> <ul> <li>add a new entry in your <code>.env</code> file of your express server </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">TEST_USER_TOKEN</span><span class="o">=</span><span class="s2">"&lt;your-jwt-token-here&gt;"</span> </code></pre> </div> <ul> <li>add auth headers to your request to a protected endpoint </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">request</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">supertest</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">app</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../../app</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">userToken</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">TEST_USER_TOKEN</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">userToken</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span> <span class="dl">"</span><span class="s2">Provide a TEST_USER_TOKEN env variable for testing - visit: https://dev.to/mad/api-testing-with-clerk-and-express-2i56</span><span class="dl">"</span> <span class="p">);</span> <span class="p">}</span> <span class="nf">describe</span><span class="p">(</span><span class="dl">"</span><span class="s2">POST /api/product</span><span class="dl">"</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">it</span><span class="p">(</span><span class="dl">"</span><span class="s2">responds with a new todo</span><span class="dl">"</span><span class="p">,</span> <span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="nf">request</span><span class="p">(</span><span class="nx">app</span><span class="p">)</span> <span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api/product</span><span class="dl">"</span><span class="p">)</span> <span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">"</span><span class="s2">Accept</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">application/json</span><span class="dl">"</span><span class="p">)</span> <span class="c1">// FOCUS ON THIS</span> <span class="p">.</span><span class="nf">auth</span><span class="p">(</span><span class="nx">userToken</span><span class="p">,</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">bearer</span><span class="dl">"</span> <span class="p">})</span> <span class="p">.</span><span class="nf">send</span><span class="p">({</span> <span class="na">title</span><span class="p">:</span> <span class="dl">"</span><span class="s2">test product 1</span><span class="dl">"</span><span class="p">,</span> <span class="na">description</span><span class="p">:</span> <span class="dl">"</span><span class="s2">test description</span><span class="dl">"</span><span class="p">,</span> <span class="na">price</span><span class="p">:</span> <span class="mf">2.0</span><span class="p">,</span> <span class="p">})</span> <span class="p">.</span><span class="nf">expect</span><span class="p">(</span><span class="dl">"</span><span class="s2">Content-Type</span><span class="dl">"</span><span class="p">,</span> <span class="sr">/json/</span><span class="p">)</span> <span class="p">.</span><span class="nf">expect</span><span class="p">(</span><span class="mi">200</span><span class="p">)</span> <span class="p">.</span><span class="nf">then</span><span class="p">((</span><span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">expect</span><span class="p">(</span><span class="nx">res</span><span class="p">.</span><span class="nx">body</span><span class="p">).</span><span class="nf">toHaveProperty</span><span class="p">(</span><span class="dl">"</span><span class="s2">id</span><span class="dl">"</span><span class="p">);</span> <span class="nx">id</span> <span class="o">=</span> <span class="nx">res</span><span class="p">.</span><span class="nx">body</span><span class="p">.</span><span class="nx">id</span><span class="p">;</span> <span class="p">}));</span> <span class="p">});</span> </code></pre> </div> <ul> <li>run your tests!</li> </ul> webdev javascript clerk express