diff --git a/test/Authentication.test.ts b/test/Authentication.test.ts index 96ee48d..1a5e038 100644 --- a/test/Authentication.test.ts +++ b/test/Authentication.test.ts @@ -10,7 +10,6 @@ import UserNameComponent from "../src/auth/models/UserNameComponent"; import UserPasswordComponent from "../src/auth/password/UserPasswordComponent"; import {popEmail} from "./_mail_server"; import AuthComponent from "../src/auth/AuthComponent"; -import {log} from "../src/Logger"; let app: TestApp; useApp(async (addr, port) => { @@ -76,7 +75,7 @@ beforeAll(() => { agent = supertest(app.getExpressApp()); }); -describe('Register with username', () => { +describe('Register with username and password (password)', () => { let cookies: string[]; let csrf: string; @@ -320,7 +319,7 @@ describe('Register with email (magic_link)', () => { }); }); -describe('Authenticate with username and password', () => { +describe('Authenticate with username and password (password)', () => { test('Force auth_method', async () => { let res = await agent.get('/csrf').expect(200); const cookies = res.get('Set-Cookie'); @@ -565,3 +564,110 @@ describe('Authenticate with email (magic_link)', () => { await agent.get('/is-auth').set('Cookie', cookies).expect(401); }); }); + +describe('Authenticate with email and password (password)', () => { + test('Prepare user', async () => { + const res = await agent.get('/csrf').expect(200); + const cookies = res.get('Set-Cookie'); + const csrf = res.text; + + await agent.post('/auth/register') + .set('Cookie', cookies) + .send({ + csrf: csrf, + auth_method: 'magic_link', + identifier: 'double-trouble@example.org', + name: 'double-trouble', + }) + .expect(302) + .expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf'); + + await followMagicLinkFromMail(cookies); + + // Verify saved user + const user = await User.select() + .with('mainEmail') + .where('name', 'double-trouble') + .first(); + + await user?.as(UserPasswordComponent).setPassword('trick-or-treat'); + await user?.save(); + + expect(user).toBeDefined(); + + const email = user?.mainEmail.getOrFail(); + expect(email).toBeDefined(); + expect(email?.email).toStrictEqual('double-trouble@example.org'); + + expect(user?.as(UserNameComponent).name).toStrictEqual('double-trouble'); + await expect(user?.as(UserPasswordComponent).verifyPassword('trick-or-treat')).resolves.toStrictEqual(true); + }); + + test('Force auth_method', async () => { + let res = await agent.get('/csrf').expect(200); + const cookies = res.get('Set-Cookie'); + const csrf = res.text; + + // Not authenticated + await agent.get('/is-auth').set('Cookie', cookies).expect(401); + + // Bad password + res = await agent.post('/auth/login') + .set('Cookie', cookies) + .send({ + csrf: csrf, + identifier: 'double-trouble@example.org', + password: 'i_have_no_imagination', + auth_method: 'password', + }) + .expect(400); + expect(res.body.messages?.password?.name).toStrictEqual('InvalidFormatValidationError'); + + // Authenticate + await agent.post('/auth/login') + .set('Cookie', cookies) + .send({ + csrf: csrf, + identifier: 'double-trouble@example.org', + password: 'trick-or-treat', + auth_method: 'password', + }) + .expect(302) + .expect('Location', '/'); + + await testLogout(cookies, csrf); + }); + + test('Automatic auth_method', async () => { + let res = await agent.get('/csrf').expect(200); + const cookies = res.get('Set-Cookie'); + const csrf = res.text; + + // Not authenticated + await agent.get('/is-auth').set('Cookie', cookies).expect(401); + + // Bad password + res = await agent.post('/auth/login') + .set('Cookie', cookies) + .send({ + csrf: csrf, + identifier: 'double-trouble@example.org', + password: 'i_have_no_imagination', + }) + .expect(400); + expect(res.body.messages?.password?.name).toStrictEqual('InvalidFormatValidationError'); + + // Authenticate + await agent.post('/auth/login') + .set('Cookie', cookies) + .send({ + csrf: csrf, + identifier: 'double-trouble@example.org', + password: 'trick-or-treat', + }) + .expect(302) + .expect('Location', '/'); + + await testLogout(cookies, csrf); + }); +});