Skip to content

Commit

Permalink
Merge branch 'develop' into paglias/cf
Browse files Browse the repository at this point in the history
  • Loading branch information
@paglias
paglias committed Sep 27, 2017
2 parents ff9aa97 + e1ad19c commit 7bdcc28
Show file tree
Hide file tree
Showing 8 changed files with 271 additions and 222 deletions.
71 changes: 22 additions & 49 deletions test/api/v3/integration/user/auth/GET-auth_reset-password-set-new-one.js
View file
Expand Up @@ -10,43 +10,31 @@ import nconf from 'nconf';

const API_TEST_SERVER_PORT = nconf.get('PORT');

describe('GET /user/auth/local/reset-password-set-new-one', () => {
// @TODO skipped because on travis the client isn't available and the redirect fails
xdescribe('GET /user/auth/local/reset-password-set-new-one', () => {
let endpoint = `http://localhost:${API_TEST_SERVER_PORT}/static/user/auth/local/reset-password-set-new-one`;

// Tests to validate the validatePasswordResetCodeAndFindUser function

it('renders an error page if the code is missing', async () => {
try {
await superagent.get(endpoint);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
const res = await superagent.get(endpoint);
expect(res.req.path.indexOf('hasError=true') !== -1).to.equal(true);
});

it('renders an error page if the code is invalid json', async () => {
try {
await superagent.get(`${endpoint}?code=invalid`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
const res = await superagent.get(`${endpoint}?code=invalid`);
expect(res.req.path.indexOf('hasError=true') !== -1).to.equal(true);
});

it('renders an error page if the code cannot be decrypted', async () => {
let user = await generateUser();

try {
let code = JSON.stringify({ // not encrypted
userId: user._id,
expiresAt: new Date(),
});
await superagent.get(`${endpoint}?code=${code}`);

throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
let code = JSON.stringify({ // not encrypted
userId: user._id,
expiresAt: new Date(),
});
const res = await superagent.get(`${endpoint}?code=${code}`);
expect(res.req.path.indexOf('hasError=true') !== -1).to.equal(true);
});

it('renders an error page if the code is expired', async () => {
Expand All @@ -60,12 +48,8 @@ describe('GET /user/auth/local/reset-password-set-new-one', () => {
'auth.local.passwordResetCode': code,
});

try {
await superagent.get(`${endpoint}?code=${code}`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
const res = await superagent.get(`${endpoint}?code=${code}`);
expect(res.req.path.indexOf('hasError=true') !== -1).to.equal(true);
});

it('renders an error page if the user does not exist', async () => {
Expand All @@ -74,12 +58,8 @@ describe('GET /user/auth/local/reset-password-set-new-one', () => {
expiresAt: moment().add({days: 1}),
}));

try {
await superagent.get(`${endpoint}?code=${code}`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
const res = await superagent.get(`${endpoint}?code=${code}`);
expect(res.req.path.indexOf('hasError=true') !== -1).to.equal(true);
});

it('renders an error page if the user has no local auth', async () => {
Expand All @@ -93,12 +73,8 @@ describe('GET /user/auth/local/reset-password-set-new-one', () => {
auth: 'not an object with valid fields',
});

try {
await superagent.get(`${endpoint}?code=${code}`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
const res = await superagent.get(`${endpoint}?code=${code}`);
expect(res.req.path.indexOf('hasError=true') !== -1).to.equal(true);
});

it('renders an error page if the code doesn\'t match the one saved at user.auth.passwordResetCode', async () => {
Expand All @@ -112,12 +88,8 @@ describe('GET /user/auth/local/reset-password-set-new-one', () => {
'auth.local.passwordResetCode': 'invalid',
});

try {
await superagent.get(`${endpoint}?code=${code}`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
const res = await superagent.get(`${endpoint}?code=${code}`);
expect(res.req.path.indexOf('hasError=true') !== -1).to.equal(true);
});

//
Expand All @@ -134,7 +106,8 @@ describe('GET /user/auth/local/reset-password-set-new-one', () => {
});

let res = await superagent.get(`${endpoint}?code=${code}`);
expect(res.status).to.equal(200);
expect(res.req.path.indexOf('hasError=false') !== -1).to.equal(true);
expect(res.req.path.indexOf('code=') !== -1).to.equal(true);
});
});

184 changes: 91 additions & 93 deletions test/api/v3/integration/user/auth/POST-auth_reset-password-set-new-one.js
View file
Expand Up @@ -10,49 +10,46 @@ import {
import moment from 'moment';
import {
generateUser,
requester,
translate as t,
} from '../../../../../helpers/api-integration/v3';
import superagent from 'superagent';
import nconf from 'nconf';

const API_TEST_SERVER_PORT = nconf.get('PORT');

describe('POST /user/auth/local/reset-password-set-new-one', () => {
let endpoint = `http://localhost:${API_TEST_SERVER_PORT}/static/user/auth/local/reset-password-set-new-one`;
describe('POST /user/auth/reset-password-set-new-one', () => {
const endpoint = '/user/auth/reset-password-set-new-one';
const api = requester();

// Tests to validate the validatePasswordResetCodeAndFindUser function

it('renders an error page if the code is missing', async () => {
try {
await superagent.post(endpoint);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
await expect(api.post(endpoint)).to.eventually.be.rejected.and.eql({
code: 401,
error: 'NotAuthorized',
message: t('invalidPasswordResetCode'),
});
});

it('renders an error page if the code is invalid json', async () => {
try {
await superagent.post(`${endpoint}?code=invalid`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
await expect(api.post(`${endpoint}?code=invalid`)).to.eventually.be.rejected.and.eql({
code: 401,
error: 'NotAuthorized',
message: t('invalidPasswordResetCode'),
});
});

it('renders an error page if the code cannot be decrypted', async () => {
let user = await generateUser();

try {
let code = JSON.stringify({ // not encrypted
userId: user._id,
expiresAt: new Date(),
});
await superagent.post(`${endpoint}?code=${code}`);

throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
let code = JSON.stringify({ // not encrypted
userId: user._id,
expiresAt: new Date(),
});

await expect(api.post(`${endpoint}`, {
code,
})).to.eventually.be.rejected.and.eql({
code: 401,
error: 'NotAuthorized',
message: t('invalidPasswordResetCode'),
});
});

it('renders an error page if the code is expired', async () => {
Expand All @@ -66,12 +63,13 @@ describe('POST /user/auth/local/reset-password-set-new-one', () => {
'auth.local.passwordResetCode': code,
});

try {
await superagent.post(`${endpoint}?code=${code}`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
await expect(api.post(`${endpoint}`, {
code,
})).to.eventually.be.rejected.and.eql({
code: 401,
error: 'NotAuthorized',
message: t('invalidPasswordResetCode'),
});
});

it('renders an error page if the user does not exist', async () => {
Expand All @@ -80,12 +78,13 @@ describe('POST /user/auth/local/reset-password-set-new-one', () => {
expiresAt: moment().add({days: 1}),
}));

try {
await superagent.post(`${endpoint}?code=${code}`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
await expect(api.post(`${endpoint}`, {
code,
})).to.eventually.be.rejected.and.eql({
code: 401,
error: 'NotAuthorized',
message: t('invalidPasswordResetCode'),
});
});

it('renders an error page if the user has no local auth', async () => {
Expand All @@ -99,12 +98,13 @@ describe('POST /user/auth/local/reset-password-set-new-one', () => {
auth: 'not an object with valid fields',
});

try {
await superagent.post(`${endpoint}?code=${code}`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
await expect(api.post(`${endpoint}`, {
code,
})).to.eventually.be.rejected.and.eql({
code: 401,
error: 'NotAuthorized',
message: t('invalidPasswordResetCode'),
});
});

it('renders an error page if the code doesn\'t match the one saved at user.auth.passwordResetCode', async () => {
Expand All @@ -118,12 +118,13 @@ describe('POST /user/auth/local/reset-password-set-new-one', () => {
'auth.local.passwordResetCode': 'invalid',
});

try {
await superagent.post(`${endpoint}?code=${code}`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
await expect(api.post(`${endpoint}`, {
code,
})).to.eventually.be.rejected.and.eql({
code: 401,
error: 'NotAuthorized',
message: t('invalidPasswordResetCode'),
});
});

//
Expand All @@ -139,12 +140,13 @@ describe('POST /user/auth/local/reset-password-set-new-one', () => {
'auth.local.passwordResetCode': code,
});

try {
await superagent.post(`${endpoint}?code=${code}`);
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
await expect(api.post(`${endpoint}`, {
code,
})).to.eventually.be.rejected.and.eql({
code: 400,
error: 'BadRequest',
message: t('invalidReqParams'),
});
});

it('renders the error page if the password confirmation is missing', async () => {
Expand All @@ -158,14 +160,14 @@ describe('POST /user/auth/local/reset-password-set-new-one', () => {
'auth.local.passwordResetCode': code,
});

try {
await superagent
.post(`${endpoint}?code=${code}`)
.send({newPassword: 'my new password'});
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
await expect(api.post(`${endpoint}`, {
newPassword: 'my new password',
code,
})).to.eventually.be.rejected.and.eql({
code: 400,
error: 'BadRequest',
message: t('invalidReqParams'),
});
});

it('renders the error page if the password confirmation does not match', async () => {
Expand All @@ -179,17 +181,15 @@ describe('POST /user/auth/local/reset-password-set-new-one', () => {
'auth.local.passwordResetCode': code,
});

try {
await superagent
.post(`${endpoint}?code=${code}`)
.send({
newPassword: 'my new password',
confirmPassword: 'not matching',
});
throw new Error('Request should fail.');
} catch (err) {
expect(err.status).to.equal(401);
}
await expect(api.post(`${endpoint}`, {
newPassword: 'my new password',
confirmPassword: 'not matching',
code,
})).to.eventually.be.rejected.and.eql({
code: 400,
error: 'BadRequest',
message: t('passwordConfirmationMatch'),
});
});

it('renders the success page and save the user', async () => {
Expand All @@ -203,14 +203,13 @@ describe('POST /user/auth/local/reset-password-set-new-one', () => {
'auth.local.passwordResetCode': code,
});

let res = await superagent
.post(`${endpoint}?code=${code}`)
.send({
newPassword: 'my new password',
confirmPassword: 'my new password',
});
let res = await api.post(`${endpoint}`, {
newPassword: 'my new password',
confirmPassword: 'my new password',
code,
});

expect(res.status).to.equal(200);
expect(res.message).to.equal(t('passwordChangeSuccess'));

await user.sync();
expect(user.auth.local.passwordResetCode).to.equal(undefined);
Expand Down Expand Up @@ -246,14 +245,13 @@ describe('POST /user/auth/local/reset-password-set-new-one', () => {
'auth.local.passwordResetCode': code,
});

let res = await superagent
.post(`${endpoint}?code=${code}`)
.send({
newPassword: 'my new password',
confirmPassword: 'my new password',
});
let res = await api.post(`${endpoint}`, {
newPassword: 'my new password',
confirmPassword: 'my new password',
code,
});

expect(res.status).to.equal(200);
expect(res.message).to.equal(t('passwordChangeSuccess'));

await user.sync();
expect(user.auth.local.passwordResetCode).to.equal(undefined);
Expand Down

0 comments on commit 7bdcc28

Please sign in to comment.