Authentication tests: add authenticate with email and password tests
This commit is contained in:
parent
70d80d1f0a
commit
01277ea910
@ -10,7 +10,6 @@ import UserNameComponent from "../src/auth/models/UserNameComponent";
|
|||||||
import UserPasswordComponent from "../src/auth/password/UserPasswordComponent";
|
import UserPasswordComponent from "../src/auth/password/UserPasswordComponent";
|
||||||
import {popEmail} from "./_mail_server";
|
import {popEmail} from "./_mail_server";
|
||||||
import AuthComponent from "../src/auth/AuthComponent";
|
import AuthComponent from "../src/auth/AuthComponent";
|
||||||
import {log} from "../src/Logger";
|
|
||||||
|
|
||||||
let app: TestApp;
|
let app: TestApp;
|
||||||
useApp(async (addr, port) => {
|
useApp(async (addr, port) => {
|
||||||
@ -76,7 +75,7 @@ beforeAll(() => {
|
|||||||
agent = supertest(app.getExpressApp());
|
agent = supertest(app.getExpressApp());
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('Register with username', () => {
|
describe('Register with username and password (password)', () => {
|
||||||
let cookies: string[];
|
let cookies: string[];
|
||||||
let csrf: string;
|
let csrf: string;
|
||||||
|
|
||||||
@ -320,7 +319,7 @@ describe('Register with email (magic_link)', () => {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('Authenticate with username and password', () => {
|
describe('Authenticate with username and password (password)', () => {
|
||||||
test('Force auth_method', async () => {
|
test('Force auth_method', async () => {
|
||||||
let res = await agent.get('/csrf').expect(200);
|
let res = await agent.get('/csrf').expect(200);
|
||||||
const cookies = res.get('Set-Cookie');
|
const cookies = res.get('Set-Cookie');
|
||||||
@ -565,3 +564,110 @@ describe('Authenticate with email (magic_link)', () => {
|
|||||||
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
describe('Authenticate with email and password (password)', () => {
|
||||||
|
test('Prepare user', async () => {
|
||||||
|
const res = await agent.get('/csrf').expect(200);
|
||||||
|
const cookies = res.get('Set-Cookie');
|
||||||
|
const csrf = res.text;
|
||||||
|
|
||||||
|
await agent.post('/auth/register')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({
|
||||||
|
csrf: csrf,
|
||||||
|
auth_method: 'magic_link',
|
||||||
|
identifier: 'double-trouble@example.org',
|
||||||
|
name: 'double-trouble',
|
||||||
|
})
|
||||||
|
.expect(302)
|
||||||
|
.expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf');
|
||||||
|
|
||||||
|
await followMagicLinkFromMail(cookies);
|
||||||
|
|
||||||
|
// Verify saved user
|
||||||
|
const user = await User.select()
|
||||||
|
.with('mainEmail')
|
||||||
|
.where('name', 'double-trouble')
|
||||||
|
.first();
|
||||||
|
|
||||||
|
await user?.as(UserPasswordComponent).setPassword('trick-or-treat');
|
||||||
|
await user?.save();
|
||||||
|
|
||||||
|
expect(user).toBeDefined();
|
||||||
|
|
||||||
|
const email = user?.mainEmail.getOrFail();
|
||||||
|
expect(email).toBeDefined();
|
||||||
|
expect(email?.email).toStrictEqual('double-trouble@example.org');
|
||||||
|
|
||||||
|
expect(user?.as(UserNameComponent).name).toStrictEqual('double-trouble');
|
||||||
|
await expect(user?.as(UserPasswordComponent).verifyPassword('trick-or-treat')).resolves.toStrictEqual(true);
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Force auth_method', async () => {
|
||||||
|
let res = await agent.get('/csrf').expect(200);
|
||||||
|
const cookies = res.get('Set-Cookie');
|
||||||
|
const csrf = res.text;
|
||||||
|
|
||||||
|
// Not authenticated
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
|
|
||||||
|
// Bad password
|
||||||
|
res = await agent.post('/auth/login')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({
|
||||||
|
csrf: csrf,
|
||||||
|
identifier: 'double-trouble@example.org',
|
||||||
|
password: 'i_have_no_imagination',
|
||||||
|
auth_method: 'password',
|
||||||
|
})
|
||||||
|
.expect(400);
|
||||||
|
expect(res.body.messages?.password?.name).toStrictEqual('InvalidFormatValidationError');
|
||||||
|
|
||||||
|
// Authenticate
|
||||||
|
await agent.post('/auth/login')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({
|
||||||
|
csrf: csrf,
|
||||||
|
identifier: 'double-trouble@example.org',
|
||||||
|
password: 'trick-or-treat',
|
||||||
|
auth_method: 'password',
|
||||||
|
})
|
||||||
|
.expect(302)
|
||||||
|
.expect('Location', '/');
|
||||||
|
|
||||||
|
await testLogout(cookies, csrf);
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Automatic auth_method', async () => {
|
||||||
|
let res = await agent.get('/csrf').expect(200);
|
||||||
|
const cookies = res.get('Set-Cookie');
|
||||||
|
const csrf = res.text;
|
||||||
|
|
||||||
|
// Not authenticated
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
|
|
||||||
|
// Bad password
|
||||||
|
res = await agent.post('/auth/login')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({
|
||||||
|
csrf: csrf,
|
||||||
|
identifier: 'double-trouble@example.org',
|
||||||
|
password: 'i_have_no_imagination',
|
||||||
|
})
|
||||||
|
.expect(400);
|
||||||
|
expect(res.body.messages?.password?.name).toStrictEqual('InvalidFormatValidationError');
|
||||||
|
|
||||||
|
// Authenticate
|
||||||
|
await agent.post('/auth/login')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({
|
||||||
|
csrf: csrf,
|
||||||
|
identifier: 'double-trouble@example.org',
|
||||||
|
password: 'trick-or-treat',
|
||||||
|
})
|
||||||
|
.expect(302)
|
||||||
|
.expect('Location', '/');
|
||||||
|
|
||||||
|
await testLogout(cookies, csrf);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
Loading…
Reference in New Issue
Block a user