-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reset password #262
Open
Aboisier
wants to merge
14
commits into
main
Choose a base branch
from
79-change-password
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Reset password #262
Changes from all commits
Commits
Show all changes
14 commits
Select commit
Hold shift + click to select a range
c111405
Setup mailing
Aboisier f16d386
implement reset password feature
Aboisier e1717b7
Merge branch 'main' of https://github.com/red-kite-solutions/stalker …
Aboisier 6e2d751
fix unit tests
Aboisier d5e463b
fix imports
Aboisier 65dc8f4
delete root jest config
Aboisier 6cf33d9
update supertest
Aboisier 6912538
fix import issue
Aboisier 3f468b8
add magic link tests
Aboisier 22e8245
write e2e tests
Aboisier b0afb6b
fix test
Aboisier 1b283a9
configure sender
Aboisier 61d0c87
increase retry cooldown
Aboisier 5f51bf2
fix tests
Aboisier File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,3 +2,4 @@ version: v2beta1 | |
name: stalker-vars-dev | ||
|
||
vars: | ||
STALKER_APP_BASE_URL: https://your-base-url |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
packages/backend/jobs-manager/service/src/modules/app.e2e-spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change | ||||
---|---|---|---|---|---|---|
@@ -1,16 +1,20 @@ | ||||||
import { HttpStatus, INestApplication } from '@nestjs/common'; | ||||||
import { getModelToken } from '@nestjs/mongoose'; | ||||||
import { Test, TestingModule } from '@nestjs/testing'; | ||||||
import { randomUUID } from 'crypto'; | ||||||
import jwt_decode from 'jwt-decode'; | ||||||
import * as request from 'supertest'; | ||||||
import { Model, Types } from 'mongoose'; | ||||||
import request from 'supertest'; | ||||||
import { | ||||||
admin, | ||||||
createUser, | ||||||
deleteReq, | ||||||
login, | ||||||
loginMagicLinkToken, | ||||||
putReq, | ||||||
} from '../../test/e2e.utils'; | ||||||
import { AppModule } from '../app.module'; | ||||||
import { MagicLinkToken } from '../database/users/magic-link-token.model'; | ||||||
import { Role } from './constants'; | ||||||
|
||||||
describe('Auth Controller (e2e)', () => { | ||||||
|
@@ -162,6 +166,46 @@ describe('Auth Controller (e2e)', () => { | |||||
expect(r.statusCode).toBe(HttpStatus.UNAUTHORIZED); | ||||||
}); | ||||||
|
||||||
it('Should connect as the magic link user (POST /auth/login-magic-link)', async () => { | ||||||
// Arrange | ||||||
const magicLinkToken = app.get<Model<MagicLinkToken>>( | ||||||
getModelToken('magicLinkTokens'), | ||||||
); | ||||||
|
||||||
await magicLinkToken.create({ | ||||||
expirationDate: new Date().getTime() + 100000, | ||||||
token: '1234', | ||||||
userId: new Types.ObjectId(testAdmin.id), | ||||||
}); | ||||||
|
||||||
// Act | ||||||
const r = await loginMagicLinkToken(app, '1234'); | ||||||
|
||||||
// Assert | ||||||
expect(r.statusCode).toBe(HttpStatus.CREATED); | ||||||
expect(r.body.access_token).toBeTruthy(); | ||||||
expect(r.body.refresh_token).toBeTruthy(); | ||||||
const decodedToken: any = jwt_decode(r.body.access_token); | ||||||
const decodedRefresh: any = jwt_decode(r.body.refresh_token); | ||||||
expect(decodedToken.id).toBeTruthy(); | ||||||
expect(decodedToken.email).toBe(testAdmin.email); | ||||||
expect(decodedToken.role).toBe(Role.UserResetPassword); | ||||||
expect(decodedRefresh.id).toBeTruthy(); | ||||||
expect(decodedToken.exp < decodedRefresh.exp).toBeTruthy(); | ||||||
|
||||||
token = r.body.access_token; | ||||||
refresh = r.body.refresh_token; | ||||||
}); | ||||||
|
||||||
it('Should connect as the magic link user (POST /auth/login-magic-link)', async () => { | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
|
||||||
// Arrange | ||||||
// Act | ||||||
const r = await loginMagicLinkToken(app, 'iamnotvalid'); | ||||||
|
||||||
// Assert | ||||||
expect(r.statusCode).toBe(HttpStatus.UNAUTHORIZED); | ||||||
}); | ||||||
|
||||||
afterAll(async () => { | ||||||
await deleteReq(app, token, `/users/${inactiveUser.id}`); | ||||||
await deleteReq(app, token, `/users/${testAdmin.id}`); | ||||||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5 changes: 5 additions & 0 deletions
5
packages/backend/jobs-manager/service/src/modules/auth/guards/magic-link.guard.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
import { Injectable } from '@nestjs/common'; | ||
import { AuthGuard } from '@nestjs/passport'; | ||
|
||
@Injectable() | ||
export class MagicLinkAuthGuard extends AuthGuard('magic-link') {} |
26 changes: 26 additions & 0 deletions
26
packages/backend/jobs-manager/service/src/modules/auth/strategies/magic-link.strategy.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
import { Injectable, UnauthorizedException } from '@nestjs/common'; | ||
import { PassportStrategy } from '@nestjs/passport'; | ||
import { UniqueTokenStrategy } from 'passport-unique-token'; | ||
import { UsersService } from '../../database/users/users.service'; | ||
|
||
@Injectable() | ||
export class MagicLinkStrategy extends PassportStrategy( | ||
UniqueTokenStrategy, | ||
'magic-link', | ||
) { | ||
constructor(private readonly usersService: UsersService) { | ||
super(); | ||
} | ||
|
||
public async validate(token: string) { | ||
const user = await this.usersService.validateIdentityUsingUniqueToken( | ||
token, | ||
); | ||
|
||
if (!user) { | ||
throw new UnauthorizedException(); | ||
} | ||
|
||
return user; | ||
} | ||
} |
2 changes: 1 addition & 1 deletion
2
...vice/src/modules/database/subscriptions/cron-subscriptions/cron-subscriptions.e2e-spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
19 changes: 19 additions & 0 deletions
19
packages/backend/jobs-manager/service/src/modules/database/users/magic-link-token.model.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
import { Prop, Schema, SchemaFactory } from '@nestjs/mongoose'; | ||
import { Document } from 'mongoose'; | ||
|
||
export type MagicLinkTokenDocument = MagicLinkToken & Document; | ||
|
||
@Schema() | ||
export class MagicLinkToken { | ||
@Prop({ unique: true }) | ||
public token: string; | ||
|
||
@Prop() | ||
public userId: string; | ||
|
||
@Prop() | ||
public expirationDate: number; | ||
} | ||
|
||
export const MagicLinkTokenSchema = | ||
SchemaFactory.createForClass(MagicLinkToken); |
7 changes: 7 additions & 0 deletions
7
...ges/backend/jobs-manager/service/src/modules/database/users/reset-password-request.dto.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
import { IsEmail, IsNotEmpty } from 'class-validator'; | ||
|
||
export class ResetPasswordRequestDto { | ||
@IsNotEmpty() | ||
@IsEmail() | ||
email: string; | ||
} |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the type here is something like ExpressRequest or something
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.