From 0c81b52b304c9c5717bdbee73dc6b21eb37265c4 Mon Sep 17 00:00:00 2001
From: Sheldon Guo <sheldon_66@163.com>
Date: Fri, 7 Mar 2025 22:50:17 +0800
Subject: [PATCH] test: add token security config test for API key
 authentication (#6361)

---
 .../src/server/__tests__/actions.test.ts      | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/packages/plugins/@nocobase/plugin-api-keys/src/server/__tests__/actions.test.ts b/packages/plugins/@nocobase/plugin-api-keys/src/server/__tests__/actions.test.ts
index 35125d745e..38b46ed20e 100644
--- a/packages/plugins/@nocobase/plugin-api-keys/src/server/__tests__/actions.test.ts
+++ b/packages/plugins/@nocobase/plugin-api-keys/src/server/__tests__/actions.test.ts
@@ -15,6 +15,7 @@ describe('actions', () => {
   let db: Database;
   let repo: Repository;
   let agent;
+  let userAgent;
   let resource;
 
   afterEach(async () => {
@@ -71,7 +72,7 @@ describe('actions', () => {
         expiresIn,
       },
     };
-    await agent.login(user);
+    userAgent = await agent.login(user);
   });
 
   describe('create', () => {
@@ -102,6 +103,22 @@ describe('actions', () => {
       const checkRes = await agent.set('Authorization', `Bearer ${result.token}`).resource('auth').check();
       expect(checkRes.body.data.nickname).toBe(user.nickname);
     });
+    it('token sercurity config should not affect api key auth', async () => {
+      const res = await userAgent.resource('tokenControlConfig').update({
+        filterByTk: 'token-policy-config',
+        values: {
+          config: {
+            tokenExpirationTime: '1s',
+            sessionExpirationTime: '1s',
+            expiredTokenRenewLimit: '1s',
+          },
+        },
+      });
+      expect(res.body.data.find((item) => item.key === 'token-policy-config').config.tokenExpirationTime).toBe('1s');
+      await new Promise((resolve) => setTimeout(resolve, 5000));
+      const checkRes = await agent.set('Authorization', `Bearer ${result.token}`).resource('auth').check();
+      expect(checkRes.body.data.nickname).toBe(user.nickname);
+    });
 
     it('token expiresIn correctly', async () => {
       expect(tokenData.exp - tokenData.iat).toBe(expiresIn);