2021-04-22 15:38:24 +02:00
|
|
|
import querystring from "querystring";
|
2021-05-03 19:29:22 +02:00
|
|
|
import supertest from "supertest";
|
|
|
|
|
|
|
|
import User from "../src/auth/models/User.js";
|
|
|
|
import UserApprovedComponent from "../src/auth/models/UserApprovedComponent.js";
|
|
|
|
import useApp from "./_app.js";
|
|
|
|
import {authAppProvider, followMagicLinkFromMail} from "./_authentication_common.js";
|
|
|
|
import {popEmail} from "./_mail_server.js";
|
2021-04-22 15:38:24 +02:00
|
|
|
|
|
|
|
const app = useApp(authAppProvider(true, true));
|
|
|
|
|
|
|
|
let agent: supertest.SuperTest<supertest.Test>;
|
|
|
|
|
|
|
|
beforeAll(() => {
|
|
|
|
agent = supertest(app().getExpressApp());
|
|
|
|
});
|
|
|
|
|
|
|
|
test('Approval Mode', () => {
|
|
|
|
expect(User.isApprovalMode()).toStrictEqual(true);
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Register with username and password (password)', () => {
|
|
|
|
let cookies: string[];
|
|
|
|
let csrf: string;
|
|
|
|
|
|
|
|
test('General case', async () => {
|
|
|
|
const res = await agent.get('/csrf').expect(200);
|
|
|
|
cookies = res.get('Set-Cookie');
|
|
|
|
csrf = res.text;
|
|
|
|
|
|
|
|
// Register user
|
|
|
|
await agent.post('/auth/register')
|
|
|
|
.set('Cookie', cookies)
|
|
|
|
.send({
|
|
|
|
csrf: csrf,
|
|
|
|
auth_method: 'password',
|
|
|
|
identifier: 'entrapta2',
|
|
|
|
password: 'darla_is_cute',
|
|
|
|
password_confirmation: 'darla_is_cute',
|
|
|
|
terms: 'on',
|
|
|
|
})
|
|
|
|
.expect(302)
|
|
|
|
.expect('Location', '/auth/');
|
|
|
|
|
|
|
|
// Verify saved user
|
|
|
|
const user = await User.select()
|
|
|
|
.where('name', 'entrapta2')
|
|
|
|
.first();
|
|
|
|
|
|
|
|
expect(user).toBeDefined();
|
|
|
|
expect(user?.isApproved()).toBeFalsy();
|
|
|
|
expect(user?.as(UserApprovedComponent).approved).toBeFalsy();
|
|
|
|
|
|
|
|
// Proof must be revoked
|
|
|
|
await agent.get('/has-any-password-auth-proof')
|
|
|
|
.set('Cookie', cookies)
|
|
|
|
.expect(404);
|
|
|
|
|
|
|
|
await popEmail();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Register with email (magic_link)', () => {
|
|
|
|
test('General case', async () => {
|
|
|
|
const res = await agent.get('/csrf').expect(200);
|
|
|
|
const cookies = res.get('Set-Cookie');
|
|
|
|
const csrf = res.text;
|
|
|
|
|
|
|
|
await agent.post('/auth/register?' + querystring.stringify({redirect_uri: '/redirect-uri'}))
|
|
|
|
.set('Cookie', cookies)
|
|
|
|
.send({
|
|
|
|
csrf: csrf,
|
|
|
|
auth_method: 'magic_link',
|
|
|
|
identifier: 'glimmer2@example.org',
|
|
|
|
name: 'glimmer2',
|
|
|
|
})
|
|
|
|
.expect(302)
|
|
|
|
.expect('Location', '/magic/lobby?redirect_uri=%2Fredirect-uri');
|
|
|
|
|
|
|
|
await followMagicLinkFromMail(agent, cookies, '/auth/');
|
|
|
|
|
|
|
|
// Verify saved user
|
|
|
|
const user = await User.select()
|
|
|
|
.with('mainEmail')
|
|
|
|
.where('name', 'glimmer2')
|
|
|
|
.first();
|
|
|
|
|
|
|
|
expect(user).toBeDefined();
|
|
|
|
|
|
|
|
const email = user?.mainEmail.getOrFail();
|
|
|
|
expect(email).toBeDefined();
|
|
|
|
|
|
|
|
expect(user?.isApproved()).toBeFalsy();
|
|
|
|
expect(user?.as(UserApprovedComponent).approved).toBeFalsy();
|
|
|
|
|
|
|
|
// Proof must be revoked
|
|
|
|
await agent.get('/has-any-magic-link')
|
|
|
|
.set('Cookie', cookies)
|
|
|
|
.expect(404);
|
|
|
|
|
|
|
|
await popEmail();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
describe('Authenticate with username and password (password)', () => {
|
|
|
|
test('Force auth_method', async () => {
|
|
|
|
const res = await agent.get('/csrf').expect(200);
|
|
|
|
const cookies = res.get('Set-Cookie');
|
|
|
|
const csrf = res.text;
|
|
|
|
|
|
|
|
// Not authenticated
|
|
|
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
|
|
|
|
|
|
|
// Authenticate
|
|
|
|
await agent.post('/auth/login?' + querystring.stringify({redirect_uri: '/redirect-uri'}))
|
|
|
|
.set('Cookie', cookies)
|
|
|
|
.send({
|
|
|
|
csrf: csrf,
|
|
|
|
identifier: 'entrapta2',
|
|
|
|
password: 'darla_is_cute',
|
|
|
|
auth_method: 'password',
|
|
|
|
})
|
|
|
|
.expect(302)
|
|
|
|
.expect('Location', '/auth/');
|
|
|
|
|
|
|
|
// Proof must be revoked
|
|
|
|
await agent.get('/has-any-password-auth-proof')
|
|
|
|
.set('Cookie', cookies)
|
|
|
|
.expect(404);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Authenticate with email (magic_link)', () => {
|
|
|
|
test('Force auth_method', async () => {
|
|
|
|
const res = await agent.get('/csrf').expect(200);
|
|
|
|
const cookies = res.get('Set-Cookie');
|
|
|
|
const csrf = res.text;
|
|
|
|
|
|
|
|
// Not authenticated
|
|
|
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
|
|
|
|
|
|
|
// Authenticate
|
|
|
|
await agent.post('/auth/login?' + querystring.stringify({redirect_uri: '/redirect-uri'}))
|
2021-11-28 21:26:45 +01:00
|
|
|
.accept('json')
|
2021-04-22 15:38:24 +02:00
|
|
|
.set('Cookie', cookies)
|
|
|
|
.send({
|
|
|
|
csrf: csrf,
|
|
|
|
identifier: 'glimmer2@example.org',
|
|
|
|
auth_method: 'magic_link',
|
|
|
|
})
|
|
|
|
.expect(302)
|
|
|
|
.expect('Location', '/magic/lobby?redirect_uri=%2Fredirect-uri');
|
|
|
|
|
|
|
|
await followMagicLinkFromMail(agent, cookies, '/auth/');
|
|
|
|
|
|
|
|
// Proof must be revoked
|
|
|
|
await agent.get('/has-any-magic-link')
|
|
|
|
.set('Cookie', cookies)
|
|
|
|
.expect(404);
|
|
|
|
});
|
|
|
|
});
|