From 0d0724c3157bd474da024c37e798d5fa5e485d1e Mon Sep 17 00:00:00 2001 From: Alice Gaudon Date: Sun, 15 Nov 2020 14:16:17 +0100 Subject: [PATCH] Authentication tests: add more tests to email registration --- test/Authentication.test.ts | 202 +++++++++++++++++++++++++++++------- 1 file changed, 163 insertions(+), 39 deletions(-) diff --git a/test/Authentication.test.ts b/test/Authentication.test.ts index 4ec5e4d..b9cadb1 100644 --- a/test/Authentication.test.ts +++ b/test/Authentication.test.ts @@ -94,7 +94,7 @@ describe('Register with username', () => { expect(user2).toBeNull(); }); - test('Can\'t register taken username', async () => { + test('Cannot register taken username', async () => { // Check that there is no hordak in DB expect(await User.select() .where('name', 'hordak') @@ -131,8 +131,8 @@ describe('Register with username', () => { csrf: res2.text, auth_method: 'password', identifier: 'hordak', - password: 'horde_prime_will_rise', - password_confirmation: 'horde_prime_will_rise', + password: 'horde_prime_will_rise_unless', + password_confirmation: 'horde_prime_will_rise_unless', terms: 'on', }) .expect(400); @@ -146,48 +146,172 @@ describe('Register with username', () => { }); }); -test('Register with email (magic_link)', async () => { - const res = await agent.get('/csrf').expect(200); - const cookies = res.get('Set-Cookie'); - const csrf = res.text; +describe('Register with email (magic_link)', () => { + test('General case', async () => { + const res = await agent.get('/csrf').expect(200); + const cookies = res.get('Set-Cookie'); + const csrf = res.text; - expect(cookies).toBeDefined(); - await agent.post('/auth/register') - .set('Cookie', cookies) - .send({ - csrf: csrf, - auth_method: 'magic_link', - identifier: 'glimmer@example.org', - name: 'glimmer', - }) - .expect(302) - .expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf'); + await agent.post('/auth/register') + .set('Cookie', cookies) + .send({ + csrf: csrf, + auth_method: 'magic_link', + identifier: 'glimmer@example.org', + name: 'glimmer', + }) + .expect(302) + .expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf'); - const mail: Record | null = await popEmail(); - expect(mail).not.toBeNull(); + const mail: Record | null = await popEmail(); + expect(mail).not.toBeNull(); - const query = (mail?.text as string).split('/magic/link?')[1].split('\n')[0]; - expect(query).toBeDefined(); + const query = (mail?.text as string).split('/magic/link?')[1].split('\n')[0]; + expect(query).toBeDefined(); - await agent.get('/magic/link?' + query) - .expect(200); - await agent.get('/magic/lobby') - .set('Cookie', cookies) - .expect(302) - .expect('Location', '/'); + await agent.get('/magic/link?' + query) + .expect(200); + await agent.get('/magic/lobby') + .set('Cookie', cookies) + .expect(302) + .expect('Location', '/'); - // Verify saved user - const user = await User.select() - .with('mainEmail') - .where('name', 'glimmer') - .first(); + // Verify saved user + const user = await User.select() + .with('mainEmail') + .where('name', 'glimmer') + .first(); - expect(user).toBeDefined(); + expect(user).toBeDefined(); - const email = user?.mainEmail.getOrFail(); - expect(email).toBeDefined(); - expect(email?.email).toStrictEqual('glimmer@example.org'); + const email = user?.mainEmail.getOrFail(); + expect(email).toBeDefined(); + expect(email?.email).toStrictEqual('glimmer@example.org'); - expect(user?.as(UserNameComponent).name).toStrictEqual('glimmer'); - await expect(user?.as(UserPasswordComponent).verifyPassword('')).resolves.toStrictEqual(false); + expect(user?.as(UserNameComponent).name).toStrictEqual('glimmer'); + await expect(user?.as(UserPasswordComponent).verifyPassword('')).resolves.toStrictEqual(false); + }); + + test('Cannot register without specifying username', async () => { + const res = await agent.get('/csrf').expect(200); + const cookies = res.get('Set-Cookie'); + const csrf = res.text; + + await agent.post('/auth/register') + .set('Cookie', cookies) + .send({ + csrf: csrf, + auth_method: 'magic_link', + identifier: 'glimmer@example.org', + }) + .expect(400); + + expect(await popEmail()).toBeNull(); + }); + + test('Cannot register taken username', async () => { + const res = await agent.get('/csrf').expect(200); + const cookies = res.get('Set-Cookie'); + const csrf = res.text; + + await agent.post('/auth/register') + .set('Cookie', cookies) + .send({ + csrf: csrf, + auth_method: 'magic_link', + identifier: 'angella@example.org', + name: 'angella', + }) + .expect(302) + .expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf'); + + const mail: Record | null = await popEmail(); + expect(mail).not.toBeNull(); + + const query = (mail?.text as string).split('/magic/link?')[1].split('\n')[0]; + expect(query).toBeDefined(); + + await agent.get('/magic/link?' + query) + .expect(200); + await agent.get('/magic/lobby') + .set('Cookie', cookies) + .expect(302) + .expect('Location', '/'); + + // Verify saved user + const user = await User.select() + .with('mainEmail') + .where('name', 'glimmer') + .first(); + + expect(user).toBeDefined(); + + // Attempt register with another mail but same username + const res2 = await agent.get('/csrf').expect(200); + + await agent.post('/auth/register') + .set('Cookie', res2.get('Set-Cookie')) + .send({ + csrf: res2.text, + auth_method: 'magic_link', + identifier: 'angella_something_else@example.org', + name: 'angella', + }) + .expect(400); + + expect(await popEmail()).toBeNull(); + }); + + test('Cannot register taken email', async () => { + const res = await agent.get('/csrf').expect(200); + const cookies = res.get('Set-Cookie'); + const csrf = res.text; + + await agent.post('/auth/register') + .set('Cookie', cookies) + .send({ + csrf: csrf, + auth_method: 'magic_link', + identifier: 'bow@example.org', + name: 'bow', + }) + .expect(302) + .expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf'); + + const mail: Record | null = await popEmail(); + expect(mail).not.toBeNull(); + + const query = (mail?.text as string).split('/magic/link?')[1].split('\n')[0]; + expect(query).toBeDefined(); + + await agent.get('/magic/link?' + query) + .expect(200); + await agent.get('/magic/lobby') + .set('Cookie', cookies) + .expect(302) + .expect('Location', '/'); + + // Verify saved user + const user = await User.select() + .with('mainEmail') + .where('name', 'glimmer') + .first(); + + expect(user).toBeDefined(); + + // Attempt register with another mail but same username + const res2 = await agent.get('/csrf').expect(200); + + await agent.post('/auth/register') + .set('Cookie', res2.get('Set-Cookie')) + .send({ + csrf: res2.text, + auth_method: 'magic_link', + identifier: 'bow@example.org', + name: 'bow2', + }) + .expect(400); + + expect(await popEmail()).toBeNull(); + }); });