161 lines
4.9 KiB
TypeScript
161 lines
4.9 KiB
TypeScript
|
import useApp from "./_app";
|
||
|
|
import supertest from "supertest";
|
||
|
|
import {authAppProvider, followMagicLinkFromMail} from "./_authentication_common";
|
||
|
|
import User from "../src/auth/models/User";
|
||
|
|
import querystring from "querystring";
|
||
|
|
import UserApprovedComponent from "../src/auth/models/UserApprovedComponent";
|
||
|
|
import {popEmail} from "./_mail_server";
|
||
|
|
|
||
|
|
const app = useApp(authAppProvider(true, true));
|
||
|
|
|
||
|
|
let agent: supertest.SuperTest<supertest.Test>;
|
||
|
|
|
||
|
|
beforeAll(() => {
|
||
|
|
agent = supertest(app().getExpressApp());
|
||
|
|
});
|
||
|
|
|
||
|
|
test('Approval Mode', () => {
|
||
|
|
expect(User.isApprovalMode()).toStrictEqual(true);
|
||
|
|
});
|
||
|
|
|
||
|
|
describe('Register with username and password (password)', () => {
|
||
|
|
let cookies: string[];
|
||
|
|
let csrf: string;
|
||
|
|
|
||
|
|
test('General case', async () => {
|
||
|
|
const res = await agent.get('/csrf').expect(200);
|
||
|
|
cookies = res.get('Set-Cookie');
|
||
|
|
csrf = res.text;
|
||
|
|
|
||
|
|
// Register user
|
||
|
|
await agent.post('/auth/register')
|
||
|
|
.set('Cookie', cookies)
|
||
|
|
.send({
|
||
|
|
csrf: csrf,
|
||
|
|
auth_method: 'password',
|
||
|
|
identifier: 'entrapta2',
|
||
|
|
password: 'darla_is_cute',
|
||
|
|
password_confirmation: 'darla_is_cute',
|
||
|
|
terms: 'on',
|
||
|
|
})
|
||
|
|
.expect(302)
|
||
|
|
.expect('Location', '/auth/');
|
||
|
|
|
||
|
|
// Verify saved user
|
||
|
|
const user = await User.select()
|
||
|
|
.where('name', 'entrapta2')
|
||
|
|
.first();
|
||
|
|
|
||
|
|
expect(user).toBeDefined();
|
||
|
|
expect(user?.isApproved()).toBeFalsy();
|
||
|
|
expect(user?.as(UserApprovedComponent).approved).toBeFalsy();
|
||
|
|
|
||
|
|
// Proof must be revoked
|
||
|
|
await agent.get('/has-any-password-auth-proof')
|
||
|
|
.set('Cookie', cookies)
|
||
|
|
.expect(404);
|
||
|
|
|
||
|
|
await popEmail();
|
||
|
|
});
|
||
|
|
});
|
||
|
|
|
||
|
|
describe('Register with email (magic_link)', () => {
|
||
|
|
test('General case', async () => {
|
||
|
|
const res = await agent.get('/csrf').expect(200);
|
||
|
|
const cookies = res.get('Set-Cookie');
|
||
|
|
const csrf = res.text;
|
||
|
|
|
||
|
|
await agent.post('/auth/register?' + querystring.stringify({redirect_uri: '/redirect-uri'}))
|
||
|
|
.set('Cookie', cookies)
|
||
|
|
.send({
|
||
|
|
csrf: csrf,
|
||
|
|
auth_method: 'magic_link',
|
||
|
|
identifier: 'glimmer2@example.org',
|
||
|
|
name: 'glimmer2',
|
||
|
|
})
|
||
|
|
.expect(302)
|
||
|
|
.expect('Location', '/magic/lobby?redirect_uri=%2Fredirect-uri');
|
||
|
|
|
||
|
|
await followMagicLinkFromMail(agent, cookies, '/auth/');
|
||
|
|
|
||
|
|
// Verify saved user
|
||
|
|
const user = await User.select()
|
||
|
|
.with('mainEmail')
|
||
|
|
.where('name', 'glimmer2')
|
||
|
|
.first();
|
||
|
|
|
||
|
|
expect(user).toBeDefined();
|
||
|
|
|
||
|
|
const email = user?.mainEmail.getOrFail();
|
||
|
|
expect(email).toBeDefined();
|
||
|
|
|
||
|
|
expect(user?.isApproved()).toBeFalsy();
|
||
|
|
expect(user?.as(UserApprovedComponent).approved).toBeFalsy();
|
||
|
|
|
||
|
|
// Proof must be revoked
|
||
|
|
await agent.get('/has-any-magic-link')
|
||
|
|
.set('Cookie', cookies)
|
||
|
|
.expect(404);
|
||
|
|
|
||
|
|
await popEmail();
|
||
|
|
});
|
||
|
|
});
|
||
|
|
|
||
|
|
|
||
|
|
describe('Authenticate with username and password (password)', () => {
|
||
|
|
test('Force auth_method', async () => {
|
||
|
|
const res = await agent.get('/csrf').expect(200);
|
||
|
|
const cookies = res.get('Set-Cookie');
|
||
|
|
const csrf = res.text;
|
||
|
|
|
||
|
|
// Not authenticated
|
||
|
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||
|
|
|
||
|
|
// Authenticate
|
||
|
|
await agent.post('/auth/login?' + querystring.stringify({redirect_uri: '/redirect-uri'}))
|
||
|
|
.set('Cookie', cookies)
|
||
|
|
.send({
|
||
|
|
csrf: csrf,
|
||
|
|
identifier: 'entrapta2',
|
||
|
|
password: 'darla_is_cute',
|
||
|
|
auth_method: 'password',
|
||
|
|
})
|
||
|
|
.expect(302)
|
||
|
|
.expect('Location', '/auth/');
|
||
|
|
|
||
|
|
// Proof must be revoked
|
||
|
|
await agent.get('/has-any-password-auth-proof')
|
||
|
|
.set('Cookie', cookies)
|
||
|
|
.expect(404);
|
||
|
|
});
|
||
|
|
});
|
||
|
|
|
||
|
|
describe('Authenticate with email (magic_link)', () => {
|
||
|
|
test('Force auth_method', async () => {
|
||
|
|
const res = await agent.get('/csrf').expect(200);
|
||
|
|
const cookies = res.get('Set-Cookie');
|
||
|
|
const csrf = res.text;
|
||
|
|
|
||
|
|
// Not authenticated
|
||
|
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||
|
|
|
||
|
|
// Authenticate
|
||
|
|
await agent.post('/auth/login?' + querystring.stringify({redirect_uri: '/redirect-uri'}))
|
||
|
|
.set('Cookie', cookies)
|
||
|
|
.send({
|
||
|
|
csrf: csrf,
|
||
|
|
identifier: 'glimmer2@example.org',
|
||
|
|
auth_method: 'magic_link',
|
||
|
|
})
|
||
|
|
.expect(302)
|
||
|
|
.expect('Location', '/magic/lobby?redirect_uri=%2Fredirect-uri');
|
||
|
|
|
||
|
|
await followMagicLinkFromMail(agent, cookies, '/auth/');
|
||
|
|
|
||
|
|
// Proof must be revoked
|
||
|
|
await agent.get('/has-any-magic-link')
|
||
|
|
.set('Cookie', cookies)
|
||
|
|
.expect(404);
|
||
|
|
});
|
||
|
|
});
|