Authentication tests: add authenticate with email (magic_link) tests

This commit is contained in:
Alice Gaudon 2020-11-15 15:22:21 +01:00
parent 7db3e0166a
commit 72fe0bbda8

View File

@ -9,6 +9,7 @@ import User from "../src/auth/models/User";
import UserNameComponent from "../src/auth/models/UserNameComponent"; import UserNameComponent from "../src/auth/models/UserNameComponent";
import UserPasswordComponent from "../src/auth/password/UserPasswordComponent"; import UserPasswordComponent from "../src/auth/password/UserPasswordComponent";
import {popEmail} from "./_mail_server"; import {popEmail} from "./_mail_server";
import AuthComponent from "../src/auth/AuthComponent";
let app: TestApp; let app: TestApp;
useApp(async (addr, port) => { useApp(async (addr, port) => {
@ -26,6 +27,11 @@ useApp(async (addr, port) => {
this.get('/csrf', (req, res) => { this.get('/csrf', (req, res) => {
res.send(CsrfProtectionComponent.getCsrfToken(req.getSession())); res.send(CsrfProtectionComponent.getCsrfToken(req.getSession()));
}, 'csrf'); }, 'csrf');
this.get('/is-auth', async (req, res) => {
const proofs = await this.getApp().as(AuthComponent).getAuthGuard().getProofs(req);
if (proofs.length > 0) res.sendStatus(200);
else res.sendStatus(401);
}, 'is-auth');
} }
}()); }());
@ -298,3 +304,113 @@ describe('Register with email (magic_link)', () => {
expect(await popEmail()).toBeNull(); expect(await popEmail()).toBeNull();
}); });
}); });
describe('Authenticating with email (magic_link)', () => {
test('Force auth_method', async () => {
const res = await agent.get('/csrf').expect(200);
const cookies = res.get('Set-Cookie');
const csrf = res.text;
// Not authenticated
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
// Authenticate
await agent.post('/auth/login')
.set('Cookie', cookies)
.send({
csrf: csrf,
identifier: 'glimmer@example.org',
auth_method: 'magic_link',
})
.expect(302)
.expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf');
await followMagicLinkFromMail(cookies);
// Authenticated
await agent.get('/is-auth').set('Cookie', cookies).expect(200);
// Logout
await agent.post('/auth/logout')
.set('Cookie', cookies)
.send({csrf: csrf})
.expect(302);
// Not authenticated
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
});
test('Automatic auth_method', async () => {
const res = await agent.get('/csrf').expect(200);
const cookies = res.get('Set-Cookie');
const csrf = res.text;
// Not authenticated
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
// Authenticate
await agent.post('/auth/login')
.set('Cookie', cookies)
.send({
csrf: csrf,
identifier: 'angella@example.org',
})
.expect(302)
.expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf');
await followMagicLinkFromMail(cookies);
// Authenticated
await agent.get('/is-auth').set('Cookie', cookies).expect(200);
// Logout
await agent.post('/auth/logout')
.set('Cookie', cookies)
.send({csrf: csrf})
.expect(302);
// Not authenticated
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
});
test('Non-existing email (forced auth_method)', async () => {
let res = await agent.get('/csrf').expect(200);
const cookies = res.get('Set-Cookie');
const csrf = res.text;
// Not authenticated
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
// Authenticate
res = await agent.post('/auth/login')
.set('Cookie', cookies)
.send({
csrf: csrf,
identifier: 'i_do_not_exist@invalid.org',
auth_method: 'magic_link',
})
.expect(400);
expect(res.body.messages?.identifier?.name).toStrictEqual('UnknownRelationValidationError');
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
});
test('Non-existing email (automatic auth_method)', async () => {
let res = await agent.get('/csrf').expect(200);
const cookies = res.get('Set-Cookie');
const csrf = res.text;
// Not authenticated
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
// Authenticate
res = await agent.post('/auth/login')
.set('Cookie', cookies)
.send({
csrf: csrf,
identifier: 'i_do_not_exist@invalid.org',
})
.expect(400);
expect(res.body.messages?.identifier?.name).toStrictEqual('UnknownRelationValidationError');
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
});
});