Test authenticated routes in the your project using cookie-based authentication. Use this skill when testing API endpoints, validating route functionality, or debugging authentication issues. Includes patterns for using test-auth-route.js and mock authentication.
Test authenticated routes using cookie-based JWT authentication. Use this when testing API endpoints, validating route functionality, or debugging authentication issues. Includes patterns for test-auth-route.js script and mock authentication.
/plugin marketplace add moonklabs/aiwf/plugin install moonklabs-aiwf@moonklabs/aiwfThis skill inherits all available tools. When active, it can use any tool Claude has access to.
This skill provides patterns for testing authenticated routes in the your project using cookie-based JWT authentication.
The your project uses:
refresh_tokenconfig.iniThe test-auth-route.js script handles all authentication complexity automatically.
Location: /root/git/your project_pre/scripts/test-auth-route.js
node scripts/test-auth-route.js http://localhost:3000/blog-api/api/endpoint
node scripts/test-auth-route.js \
http://localhost:3000/blog-api/777/submit \
POST \
'{"responses":{"4577":"13295"},"submissionID":5,"stepInstanceId":"11"}'
testusertestpasswordconfig.inirefresh_token=<signed-token>The script outputs:
Note: The script is verbose - look for the actual response in the output.
Use the curl command from the test-auth-route.js output:
# The script outputs something like:
# 💡 To test manually with curl:
# curl -b "refresh_token=eyJhbGci..." http://localhost:3000/blog-api/api/endpoint
# Copy and modify that curl command:
curl -X POST http://localhost:3000/blog-api/777/submit \
-H "Content-Type: application/json" \
-b "refresh_token=<COPY_TOKEN_FROM_SCRIPT_OUTPUT>" \
-d '{"your": "data"}'
For development, bypass Keycloak entirely using mock auth.
# Add to service .env file (e.g., blog-api/.env)
MOCK_AUTH=true
MOCK_USER_ID=test-user
MOCK_USER_ROLES=admin,operations
curl -H "X-Mock-Auth: true" \
-H "X-Mock-User: test-user" \
-H "X-Mock-Roles: admin,operations" \
http://localhost:3002/api/protected
Mock auth ONLY works when:
NODE_ENV is development or testmockAuth middleware is added to the routenode scripts/test-auth-route.js \
http://localhost:3000/blog-api/777/submit \
POST \
'{"responses":{"4577":"13295"},"submissionID":5,"stepInstanceId":"11"}'
node scripts/test-auth-route.js \
http://localhost:3002/api/workflow/start \
POST \
'{"workflowCode":"DHS_CLOSEOUT","entityType":"Submission","entityID":123}'
node scripts/test-auth-route.js \
http://localhost:3002/api/workflow/step/complete \
POST \
'{"stepInstanceID":789,"answers":{"decision":"approved","comments":"Looks good"}}'
node scripts/test-auth-route.js \
"http://localhost:3002/api/workflows?status=active&limit=10"
# Get token from test-auth-route.js first, then:
curl -X POST http://localhost:5000/upload \
-H "Content-Type: multipart/form-data" \
-b "refresh_token=<TOKEN>" \
-F "file=@/path/to/file.pdf" \
-F "metadata={\"description\":\"Test file\"}"
The test-auth-route.js script uses these credentials:
testusertestpasswordconfig.ini (usually http://localhost:8081)yourRealmconfig.ini| Service | Port | Base URL |
|---|---|---|
| Users | 3000 | http://localhost:3000 |
| Projects | 3001 | http://localhost:3001 |
| Form | 3002 | http://localhost:3002 |
| 3003 | http://localhost:3003 | |
| Uploads | 5000 | http://localhost:5000 |
Check /src/app.ts in each service for route prefixes:
// Example from blog-api/src/app.ts
app.use('/blog-api/api', formRoutes); // Prefix: /blog-api/api
app.use('/api/workflow', workflowRoutes); // Prefix: /api/workflow
Full Route = Base URL + Prefix + Route Path
Example:
http://localhost:3002/form/777/submithttp://localhost:3000/blog-api/777/submitBefore testing a route:
app.tsAfter testing routes that modify data:
# Connect to MySQL
docker exec -i local-mysql mysql -u root -ppassword1 blog_dev
# Check specific table
mysql> SELECT * FROM WorkflowInstance WHERE id = 123;
mysql> SELECT * FROM WorkflowStepInstance WHERE instanceId = 123;
mysql> SELECT * FROM WorkflowNotification WHERE recipientUserId = 'user-123';
Possible causes:
Solutions:
# Check Keycloak is running
docker ps | grep keycloak
# Regenerate token
node scripts/test-auth-route.js http://localhost:3002/api/health
# Verify config.ini has correct jwtSecret
Possible causes:
Solutions:
# Use mock auth with admin role
curl -H "X-Mock-Auth: true" \
-H "X-Mock-User: test-admin" \
-H "X-Mock-Roles: admin" \
http://localhost:3002/api/protected
Possible causes:
Solutions:
app.ts for route prefixespm2 list)Possible causes:
Solutions:
pm2 logs <service>)For comprehensive route testing after making changes:
The agent will:
# 1. Test with valid data
node scripts/test-auth-route.js \
http://localhost:3002/api/my-new-route \
POST \
'{"field1":"value1","field2":"value2"}'
# 2. Verify database
docker exec -i local-mysql mysql -u root -ppassword1 blog_dev \
-e "SELECT * FROM MyTable ORDER BY createdAt DESC LIMIT 1;"
# 3. Test with invalid data
node scripts/test-auth-route.js \
http://localhost:3002/api/my-new-route \
POST \
'{"field1":"invalid"}'
# 4. Test without authentication
curl http://localhost:3002/api/my-new-route
# Should return 401
# 1. Test existing functionality still works
node scripts/test-auth-route.js \
http://localhost:3002/api/existing-route \
POST \
'{"existing":"data"}'
# 2. Test new functionality
node scripts/test-auth-route.js \
http://localhost:3002/api/existing-route \
POST \
'{"new":"field","existing":"data"}'
# 3. Verify backward compatibility
# Test with old request format (if applicable)
[keycloak]
url = http://localhost:8081
realm = yourRealm
clientId = app-client
[jwt]
jwtSecret = your-jwt-secret-here
NODE_ENV=development
MOCK_AUTH=true # Optional: Enable mock auth
MOCK_USER_ID=test-user # Optional: Default mock user
MOCK_USER_ROLES=admin # Optional: Default mock roles
/root/git/your project_pre/scripts/test-auth-route.js - Main testing script/blog-api/src/app.ts - Form service routes/notifications/src/app.ts - Email service routes/auth/src/app.ts - Users service routes/config.ini - Service configuration/.env - Environment variablesThis skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.