swaf/test/AuthenticationApprovalMode.test.ts

import querystring from "querystring";
import supertest from "supertest";

import User from "../src/auth/models/User.js";
import UserApprovedComponent from "../src/auth/models/UserApprovedComponent.js";
import useApp from "./_app.js";
import {authAppProvider, followMagicLinkFromMail} from "./_authentication_common.js";
import {popEmail} from "./_mail_server.js";

const app = useApp(authAppProvider(true, true));

let agent: supertest.SuperTest<supertest.Test>;

beforeAll(() => {
    agent = supertest(app().getExpressApp());
});

test('Approval Mode', () => {
    expect(User.isApprovalMode()).toStrictEqual(true);
});

describe('Register with username and password (password)', () => {
    let cookies: string[];
    let csrf: string;

    test('General case', async () => {
        const res = await agent.get('/csrf').expect(200);
        cookies = res.get('Set-Cookie') || [];
        csrf = res.text;

        // Register user
        await agent.post('/auth/register')
            .set('Cookie', cookies)
            .send({
                csrf: csrf,
                auth_method: 'password',
                identifier: 'entrapta2',
                password: 'darla_is_cute',
                password_confirmation: 'darla_is_cute',
                terms: 'on',
            })
            .expect(302)
            .expect('Location', '/auth/');

        // Verify saved user
        const user = await User.select()
            .where('name', 'entrapta2')
            .first();

        expect(user).toBeDefined();
        expect(user?.isApproved()).toBeFalsy();
        expect(user?.as(UserApprovedComponent).approved).toBeFalsy();

        // Proof must be revoked
        await agent.get('/has-any-password-auth-proof')
            .set('Cookie', cookies)
            .expect(404);

        await popEmail();
    });
});

describe('Register with email (magic_link)', () => {
    test('General case', async () => {
        const res = await agent.get('/csrf').expect(200);
        const cookies = res.get('Set-Cookie') || [];
        const csrf = res.text;

        await agent.post('/auth/register?' + querystring.stringify({redirect_uri: '/redirect-uri'}))
            .set('Cookie', cookies)
            .send({
                csrf: csrf,
                auth_method: 'magic_link',
                identifier: 'glimmer2@example.org',
                name: 'glimmer2',
            })
            .expect(302)
            .expect('Location', '/magic/lobby?redirect_uri=%2Fredirect-uri');

        await followMagicLinkFromMail(agent, cookies, '/auth/');

        // Verify saved user
        const user = await User.select()
            .with('mainEmail')
            .where('name', 'glimmer2')
            .first();

        expect(user).toBeDefined();

        const email = user?.mainEmail.getOrFail();
        expect(email).toBeDefined();

        expect(user?.isApproved()).toBeFalsy();
        expect(user?.as(UserApprovedComponent).approved).toBeFalsy();

        // Proof must be revoked
        await agent.get('/has-any-magic-link')
            .set('Cookie', cookies)
            .expect(404);

        await popEmail();
    });
});


describe('Authenticate with username and password (password)', () => {
    test('Force auth_method', async () => {
        const res = await agent.get('/csrf').expect(200);
        const cookies = res.get('Set-Cookie') || [];
        const csrf = res.text;

        // Not authenticated
        await agent.get('/is-auth').set('Cookie', cookies).expect(401);

        // Authenticate
        await agent.post('/auth/login?' + querystring.stringify({redirect_uri: '/redirect-uri'}))
            .set('Cookie', cookies)
            .send({
                csrf: csrf,
                identifier: 'entrapta2',
                password: 'darla_is_cute',
                auth_method: 'password',
            })
            .expect(302)
            .expect('Location', '/auth/');

        // Proof must be revoked
        await agent.get('/has-any-password-auth-proof')
            .set('Cookie', cookies)
            .expect(404);
    });
});

describe('Authenticate with email (magic_link)', () => {
    test('Force auth_method', async () => {
        const res = await agent.get('/csrf').expect(200);
        const cookies = res.get('Set-Cookie') || [];
        const csrf = res.text;

        // Not authenticated
        await agent.get('/is-auth').set('Cookie', cookies).expect(401);

        // Authenticate
        await agent.post('/auth/login?' + querystring.stringify({redirect_uri: '/redirect-uri'}))
            .accept('json')
            .set('Cookie', cookies)
            .send({
                csrf: csrf,
                identifier: 'glimmer2@example.org',
                auth_method: 'magic_link',
            })
            .expect(302)
            .expect('Location', '/magic/lobby?redirect_uri=%2Fredirect-uri');

        await followMagicLinkFromMail(agent, cookies, '/auth/');

        // Proof must be revoked
        await agent.get('/has-any-magic-link')
            .set('Cookie', cookies)
            .expect(404);
    });
});
Approval mode: revoke unapproved users auth proofs Also add tests for auth approval mode 2021-04-22 15:38:24 +02:00			`import querystring from "querystring";`
Switch to esm and add import auto format 2021-05-03 19:29:22 +02:00			`import supertest from "supertest";`

			`import User from "../src/auth/models/User.js";`
			`import UserApprovedComponent from "../src/auth/models/UserApprovedComponent.js";`
			`import useApp from "./_app.js";`
			`import {authAppProvider, followMagicLinkFromMail} from "./_authentication_common.js";`
			`import {popEmail} from "./_mail_server.js";`
Approval mode: revoke unapproved users auth proofs Also add tests for auth approval mode 2021-04-22 15:38:24 +02:00
			`const app = useApp(authAppProvider(true, true));`

			`let agent: supertest.SuperTest<supertest.Test>;`

			`beforeAll(() => {`
			`agent = supertest(app().getExpressApp());`
			`});`

			`test('Approval Mode', () => {`
			`expect(User.isApprovalMode()).toStrictEqual(true);`
			`});`

			`describe('Register with username and password (password)', () => {`
			`let cookies: string[];`
			`let csrf: string;`

			`test('General case', async () => {`
			`const res = await agent.get('/csrf').expect(200);`
Upgrade dependencies - Add a new migration to fix password hash length `IncreaseMagicLinkTokenLengthMigration` - Fix types 2024-09-21 18:37:51 +02:00			`cookies = res.get('Set-Cookie') \|\| [];`
Approval mode: revoke unapproved users auth proofs Also add tests for auth approval mode 2021-04-22 15:38:24 +02:00			`csrf = res.text;`

			`// Register user`
			`await agent.post('/auth/register')`
			`.set('Cookie', cookies)`
			`.send({`
			`csrf: csrf,`
			`auth_method: 'password',`
			`identifier: 'entrapta2',`
			`password: 'darla_is_cute',`
			`password_confirmation: 'darla_is_cute',`
			`terms: 'on',`
			`})`
			`.expect(302)`
			`.expect('Location', '/auth/');`

			`// Verify saved user`
			`const user = await User.select()`
			`.where('name', 'entrapta2')`
			`.first();`

			`expect(user).toBeDefined();`
			`expect(user?.isApproved()).toBeFalsy();`
			`expect(user?.as(UserApprovedComponent).approved).toBeFalsy();`

			`// Proof must be revoked`
			`await agent.get('/has-any-password-auth-proof')`
			`.set('Cookie', cookies)`
			`.expect(404);`

			`await popEmail();`
			`});`
			`});`

			`describe('Register with email (magic_link)', () => {`
			`test('General case', async () => {`
			`const res = await agent.get('/csrf').expect(200);`
Upgrade dependencies - Add a new migration to fix password hash length `IncreaseMagicLinkTokenLengthMigration` - Fix types 2024-09-21 18:37:51 +02:00			`const cookies = res.get('Set-Cookie') \|\| [];`
Approval mode: revoke unapproved users auth proofs Also add tests for auth approval mode 2021-04-22 15:38:24 +02:00			`const csrf = res.text;`

			`await agent.post('/auth/register?' + querystring.stringify({redirect_uri: '/redirect-uri'}))`
			`.set('Cookie', cookies)`
			`.send({`
			`csrf: csrf,`
			`auth_method: 'magic_link',`
			`identifier: 'glimmer2@example.org',`
			`name: 'glimmer2',`
			`})`
			`.expect(302)`
			`.expect('Location', '/magic/lobby?redirect_uri=%2Fredirect-uri');`

			`await followMagicLinkFromMail(agent, cookies, '/auth/');`

			`// Verify saved user`
			`const user = await User.select()`
			`.with('mainEmail')`
			`.where('name', 'glimmer2')`
			`.first();`

			`expect(user).toBeDefined();`

			`const email = user?.mainEmail.getOrFail();`
			`expect(email).toBeDefined();`

			`expect(user?.isApproved()).toBeFalsy();`
			`expect(user?.as(UserApprovedComponent).approved).toBeFalsy();`

			`// Proof must be revoked`
			`await agent.get('/has-any-magic-link')`
			`.set('Cookie', cookies)`
			`.expect(404);`

			`await popEmail();`
			`});`
			`});`


			`describe('Authenticate with username and password (password)', () => {`
			`test('Force auth_method', async () => {`
			`const res = await agent.get('/csrf').expect(200);`
Upgrade dependencies - Add a new migration to fix password hash length `IncreaseMagicLinkTokenLengthMigration` - Fix types 2024-09-21 18:37:51 +02:00			`const cookies = res.get('Set-Cookie') \|\| [];`
Approval mode: revoke unapproved users auth proofs Also add tests for auth approval mode 2021-04-22 15:38:24 +02:00			`const csrf = res.text;`

			`// Not authenticated`
			`await agent.get('/is-auth').set('Cookie', cookies).expect(401);`

			`// Authenticate`
			`await agent.post('/auth/login?' + querystring.stringify({redirect_uri: '/redirect-uri'}))`
			`.set('Cookie', cookies)`
			`.send({`
			`csrf: csrf,`
			`identifier: 'entrapta2',`
			`password: 'darla_is_cute',`
			`auth_method: 'password',`
			`})`
			`.expect(302)`
			`.expect('Location', '/auth/');`

			`// Proof must be revoked`
			`await agent.get('/has-any-password-auth-proof')`
			`.set('Cookie', cookies)`
			`.expect(404);`
			`});`
			`});`

			`describe('Authenticate with email (magic_link)', () => {`
			`test('Force auth_method', async () => {`
			`const res = await agent.get('/csrf').expect(200);`
Upgrade dependencies - Add a new migration to fix password hash length `IncreaseMagicLinkTokenLengthMigration` - Fix types 2024-09-21 18:37:51 +02:00			`const cookies = res.get('Set-Cookie') \|\| [];`
Approval mode: revoke unapproved users auth proofs Also add tests for auth approval mode 2021-04-22 15:38:24 +02:00			`const csrf = res.text;`

			`// Not authenticated`
			`await agent.get('/is-auth').set('Cookie', cookies).expect(401);`

			`// Authenticate`
			`await agent.post('/auth/login?' + querystring.stringify({redirect_uri: '/redirect-uri'}))`
Add formatViewData to response object to fix tests and prepare for async navigation 2021-11-28 21:26:45 +01:00			`.accept('json')`
Approval mode: revoke unapproved users auth proofs Also add tests for auth approval mode 2021-04-22 15:38:24 +02:00			`.set('Cookie', cookies)`
			`.send({`
			`csrf: csrf,`
			`identifier: 'glimmer2@example.org',`
			`auth_method: 'magic_link',`
			`})`
			`.expect(302)`
			`.expect('Location', '/magic/lobby?redirect_uri=%2Fredirect-uri');`

			`await followMagicLinkFromMail(agent, cookies, '/auth/');`

			`// Proof must be revoked`
			`await agent.get('/has-any-magic-link')`
			`.set('Cookie', cookies)`
			`.expect(404);`
			`});`
			`});`