Authentication tests: add authenticate with username and password tests
This commit is contained in:
parent
35129cd4f1
commit
a5ee9922ec
@ -10,6 +10,7 @@ import UserNameComponent from "../src/auth/models/UserNameComponent";
|
||||
import UserPasswordComponent from "../src/auth/password/UserPasswordComponent";
|
||||
import {popEmail} from "./_mail_server";
|
||||
import AuthComponent from "../src/auth/AuthComponent";
|
||||
import {log} from "../src/Logger";
|
||||
|
||||
let app: TestApp;
|
||||
useApp(async (addr, port) => {
|
||||
@ -55,6 +56,20 @@ async function followMagicLinkFromMail(cookies: string[]): Promise<void> {
|
||||
.expect('Location', '/');
|
||||
}
|
||||
|
||||
async function testLogout(cookies: string[], csrf: string): Promise<void> {
|
||||
// Authenticated
|
||||
await agent.get('/is-auth').set('Cookie', cookies).expect(200);
|
||||
|
||||
// Logout
|
||||
await agent.post('/auth/logout')
|
||||
.set('Cookie', cookies)
|
||||
.send({csrf: csrf})
|
||||
.expect(302);
|
||||
|
||||
// Not authenticated
|
||||
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||
}
|
||||
|
||||
let agent: supertest.SuperTest<supertest.Test>;
|
||||
|
||||
beforeAll(() => {
|
||||
@ -305,7 +320,163 @@ describe('Register with email (magic_link)', () => {
|
||||
});
|
||||
});
|
||||
|
||||
describe('Authenticating with email (magic_link)', () => {
|
||||
describe('Authenticate with username and password', () => {
|
||||
test('Force auth_method', async () => {
|
||||
let res = await agent.get('/csrf').expect(200);
|
||||
const cookies = res.get('Set-Cookie');
|
||||
const csrf = res.text;
|
||||
|
||||
// Not authenticated
|
||||
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||
|
||||
// Bad password
|
||||
res = await agent.post('/auth/login')
|
||||
.set('Cookie', cookies)
|
||||
.send({
|
||||
csrf: csrf,
|
||||
identifier: 'entrapta',
|
||||
password: 'darla_is_not_cute',
|
||||
auth_method: 'password',
|
||||
})
|
||||
.expect(400);
|
||||
expect(res.body.messages?.password?.name).toStrictEqual('InvalidFormatValidationError');
|
||||
|
||||
// Authenticate
|
||||
await agent.post('/auth/login')
|
||||
.set('Cookie', cookies)
|
||||
.send({
|
||||
csrf: csrf,
|
||||
identifier: 'entrapta',
|
||||
password: 'darla_is_cute',
|
||||
auth_method: 'password',
|
||||
})
|
||||
.expect(302)
|
||||
.expect('Location', '/');
|
||||
|
||||
await testLogout(cookies, csrf);
|
||||
});
|
||||
|
||||
test('Automatic auth_method', async () => {
|
||||
let res = await agent.get('/csrf').expect(200);
|
||||
const cookies = res.get('Set-Cookie');
|
||||
const csrf = res.text;
|
||||
|
||||
// Not authenticated
|
||||
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||
|
||||
// Bad password
|
||||
res = await agent.post('/auth/login')
|
||||
.set('Cookie', cookies)
|
||||
.send({
|
||||
csrf: csrf,
|
||||
identifier: 'entrapta',
|
||||
password: 'darla_is_not_cute',
|
||||
})
|
||||
.expect(400);
|
||||
expect(res.body.messages?.password?.name).toStrictEqual('InvalidFormatValidationError');
|
||||
|
||||
// Authenticate
|
||||
await agent.post('/auth/login')
|
||||
.set('Cookie', cookies)
|
||||
.send({
|
||||
csrf: csrf,
|
||||
identifier: 'entrapta',
|
||||
password: 'darla_is_cute',
|
||||
})
|
||||
.expect(302)
|
||||
.expect('Location', '/');
|
||||
|
||||
await testLogout(cookies, csrf);
|
||||
});
|
||||
|
||||
test('Non-existing username', async () => {
|
||||
let res = await agent.get('/csrf').expect(200);
|
||||
const cookies = res.get('Set-Cookie');
|
||||
const csrf = res.text;
|
||||
|
||||
// Not authenticated
|
||||
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||
|
||||
// Authenticate
|
||||
res = await agent.post('/auth/login')
|
||||
.set('Cookie', cookies)
|
||||
.send({
|
||||
csrf: csrf,
|
||||
identifier: 'i_do_not_exist',
|
||||
password: 'there_is_no_point',
|
||||
auth_method: 'password',
|
||||
})
|
||||
.expect(400);
|
||||
expect(res.body.messages?.identifier?.name).toStrictEqual('UnknownRelationValidationError');
|
||||
|
||||
// Authenticate (automatic method)
|
||||
res = await agent.post('/auth/login')
|
||||
.set('Cookie', cookies)
|
||||
.send({
|
||||
csrf: csrf,
|
||||
identifier: 'i_do_not_exist',
|
||||
password: 'there_is_no_point',
|
||||
auth_method: 'password',
|
||||
})
|
||||
.expect(400);
|
||||
expect(res.body.messages?.identifier?.name).toStrictEqual('UnknownRelationValidationError');
|
||||
});
|
||||
|
||||
test('No password user', async () => {
|
||||
let res = await agent.get('/csrf').expect(200);
|
||||
const cookies = res.get('Set-Cookie');
|
||||
const csrf = res.text;
|
||||
|
||||
// Not authenticated
|
||||
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||
|
||||
// Authenticate
|
||||
res = await agent.post('/auth/login')
|
||||
.set('Cookie', cookies)
|
||||
.send({
|
||||
csrf: csrf,
|
||||
identifier: 'glimmer',
|
||||
password: '',
|
||||
auth_method: 'password',
|
||||
})
|
||||
.expect(400);
|
||||
expect(res.body.messages?.password?.name).toStrictEqual('InvalidFormatValidationError');
|
||||
|
||||
// Authenticate (automatic method)
|
||||
res = await agent.post('/auth/login')
|
||||
.set('Cookie', cookies)
|
||||
.send({
|
||||
csrf: csrf,
|
||||
identifier: 'glimmer',
|
||||
password: '',
|
||||
})
|
||||
.expect(400);
|
||||
expect(res.body.messages?.password?.name).toStrictEqual('InvalidFormatValidationError');
|
||||
|
||||
// Authenticate without password
|
||||
res = await agent.post('/auth/login')
|
||||
.set('Cookie', cookies)
|
||||
.send({
|
||||
csrf: csrf,
|
||||
identifier: 'angella',
|
||||
auth_method: 'password',
|
||||
})
|
||||
.expect(400);
|
||||
expect(res.body.messages?.password?.name).toStrictEqual('InvalidFormatValidationError');
|
||||
|
||||
// Authenticate without password (automatic method)
|
||||
res = await agent.post('/auth/login')
|
||||
.set('Cookie', cookies)
|
||||
.send({
|
||||
csrf: csrf,
|
||||
identifier: 'angella',
|
||||
})
|
||||
.expect(400);
|
||||
expect(res.body.messages?.password?.name).toStrictEqual('InvalidFormatValidationError');
|
||||
});
|
||||
});
|
||||
|
||||
describe('Authenticate with email (magic_link)', () => {
|
||||
test('Force auth_method', async () => {
|
||||
const res = await agent.get('/csrf').expect(200);
|
||||
const cookies = res.get('Set-Cookie');
|
||||
@ -327,17 +498,7 @@ describe('Authenticating with email (magic_link)', () => {
|
||||
|
||||
await followMagicLinkFromMail(cookies);
|
||||
|
||||
// Authenticated
|
||||
await agent.get('/is-auth').set('Cookie', cookies).expect(200);
|
||||
|
||||
// Logout
|
||||
await agent.post('/auth/logout')
|
||||
.set('Cookie', cookies)
|
||||
.send({csrf: csrf})
|
||||
.expect(302);
|
||||
|
||||
// Not authenticated
|
||||
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||
await testLogout(cookies, csrf);
|
||||
});
|
||||
|
||||
test('Automatic auth_method', async () => {
|
||||
@ -360,17 +521,7 @@ describe('Authenticating with email (magic_link)', () => {
|
||||
|
||||
await followMagicLinkFromMail(cookies);
|
||||
|
||||
// Authenticated
|
||||
await agent.get('/is-auth').set('Cookie', cookies).expect(200);
|
||||
|
||||
// Logout
|
||||
await agent.post('/auth/logout')
|
||||
.set('Cookie', cookies)
|
||||
.send({csrf: csrf})
|
||||
.expect(302);
|
||||
|
||||
// Not authenticated
|
||||
await agent.get('/is-auth').set('Cookie', cookies).expect(401);
|
||||
await testLogout(cookies, csrf);
|
||||
});
|
||||
|
||||
test('Non-existing email (forced auth_method)', async () => {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user