Authentication tests: add authenticate with email (magic_link) tests
This commit is contained in:
parent
7db3e0166a
commit
72fe0bbda8
@ -9,6 +9,7 @@ import User from "../src/auth/models/User";
|
|||||||
import UserNameComponent from "../src/auth/models/UserNameComponent";
|
import UserNameComponent from "../src/auth/models/UserNameComponent";
|
||||||
import UserPasswordComponent from "../src/auth/password/UserPasswordComponent";
|
import UserPasswordComponent from "../src/auth/password/UserPasswordComponent";
|
||||||
import {popEmail} from "./_mail_server";
|
import {popEmail} from "./_mail_server";
|
||||||
|
import AuthComponent from "../src/auth/AuthComponent";
|
||||||
|
|
||||||
let app: TestApp;
|
let app: TestApp;
|
||||||
useApp(async (addr, port) => {
|
useApp(async (addr, port) => {
|
||||||
@ -26,6 +27,11 @@ useApp(async (addr, port) => {
|
|||||||
this.get('/csrf', (req, res) => {
|
this.get('/csrf', (req, res) => {
|
||||||
res.send(CsrfProtectionComponent.getCsrfToken(req.getSession()));
|
res.send(CsrfProtectionComponent.getCsrfToken(req.getSession()));
|
||||||
}, 'csrf');
|
}, 'csrf');
|
||||||
|
this.get('/is-auth', async (req, res) => {
|
||||||
|
const proofs = await this.getApp().as(AuthComponent).getAuthGuard().getProofs(req);
|
||||||
|
if (proofs.length > 0) res.sendStatus(200);
|
||||||
|
else res.sendStatus(401);
|
||||||
|
}, 'is-auth');
|
||||||
}
|
}
|
||||||
}());
|
}());
|
||||||
|
|
||||||
@ -298,3 +304,113 @@ describe('Register with email (magic_link)', () => {
|
|||||||
expect(await popEmail()).toBeNull();
|
expect(await popEmail()).toBeNull();
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
describe('Authenticating with email (magic_link)', () => {
|
||||||
|
test('Force auth_method', async () => {
|
||||||
|
const res = await agent.get('/csrf').expect(200);
|
||||||
|
const cookies = res.get('Set-Cookie');
|
||||||
|
const csrf = res.text;
|
||||||
|
|
||||||
|
// Not authenticated
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
|
|
||||||
|
// Authenticate
|
||||||
|
await agent.post('/auth/login')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({
|
||||||
|
csrf: csrf,
|
||||||
|
identifier: 'glimmer@example.org',
|
||||||
|
auth_method: 'magic_link',
|
||||||
|
})
|
||||||
|
.expect(302)
|
||||||
|
.expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf');
|
||||||
|
|
||||||
|
await followMagicLinkFromMail(cookies);
|
||||||
|
|
||||||
|
// Authenticated
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(200);
|
||||||
|
|
||||||
|
// Logout
|
||||||
|
await agent.post('/auth/logout')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({csrf: csrf})
|
||||||
|
.expect(302);
|
||||||
|
|
||||||
|
// Not authenticated
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Automatic auth_method', async () => {
|
||||||
|
const res = await agent.get('/csrf').expect(200);
|
||||||
|
const cookies = res.get('Set-Cookie');
|
||||||
|
const csrf = res.text;
|
||||||
|
|
||||||
|
// Not authenticated
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
|
|
||||||
|
// Authenticate
|
||||||
|
await agent.post('/auth/login')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({
|
||||||
|
csrf: csrf,
|
||||||
|
identifier: 'angella@example.org',
|
||||||
|
})
|
||||||
|
.expect(302)
|
||||||
|
.expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf');
|
||||||
|
|
||||||
|
await followMagicLinkFromMail(cookies);
|
||||||
|
|
||||||
|
// Authenticated
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(200);
|
||||||
|
|
||||||
|
// Logout
|
||||||
|
await agent.post('/auth/logout')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({csrf: csrf})
|
||||||
|
.expect(302);
|
||||||
|
|
||||||
|
// Not authenticated
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Non-existing email (forced auth_method)', async () => {
|
||||||
|
let res = await agent.get('/csrf').expect(200);
|
||||||
|
const cookies = res.get('Set-Cookie');
|
||||||
|
const csrf = res.text;
|
||||||
|
|
||||||
|
// Not authenticated
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
|
|
||||||
|
// Authenticate
|
||||||
|
res = await agent.post('/auth/login')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({
|
||||||
|
csrf: csrf,
|
||||||
|
identifier: 'i_do_not_exist@invalid.org',
|
||||||
|
auth_method: 'magic_link',
|
||||||
|
})
|
||||||
|
.expect(400);
|
||||||
|
expect(res.body.messages?.identifier?.name).toStrictEqual('UnknownRelationValidationError');
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Non-existing email (automatic auth_method)', async () => {
|
||||||
|
let res = await agent.get('/csrf').expect(200);
|
||||||
|
const cookies = res.get('Set-Cookie');
|
||||||
|
const csrf = res.text;
|
||||||
|
|
||||||
|
// Not authenticated
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
|
|
||||||
|
// Authenticate
|
||||||
|
res = await agent.post('/auth/login')
|
||||||
|
.set('Cookie', cookies)
|
||||||
|
.send({
|
||||||
|
csrf: csrf,
|
||||||
|
identifier: 'i_do_not_exist@invalid.org',
|
||||||
|
})
|
||||||
|
.expect(400);
|
||||||
|
expect(res.body.messages?.identifier?.name).toStrictEqual('UnknownRelationValidationError');
|
||||||
|
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
Loading…
Reference in New Issue
Block a user