import TestApp from "../src/TestApp"; import useApp from "./_app"; import Controller from "../src/Controller"; import supertest from "supertest"; import CsrfProtectionComponent from "../src/components/CsrfProtectionComponent"; import MysqlConnectionManager from "../src/db/MysqlConnectionManager"; import config from "config"; import {log} from "../src/Logger"; import User from "../src/auth/models/User"; import UserNameComponent from "../src/auth/models/UserNameComponent"; import UserPasswordComponent from "../src/auth/password/UserPasswordComponent"; import {popEmail} from "./_mail_server"; let app: TestApp; useApp(async (addr, port) => { await MysqlConnectionManager.prepare(); await MysqlConnectionManager.query('DROP DATABASE IF EXISTS ' + config.get('mysql.database')); await MysqlConnectionManager.endPool(); return app = new class extends TestApp { protected async init(): Promise { this.use(new class extends Controller { public routes(): void { this.get('/', (req, res) => { res.render('home'); }, 'home'); this.get('/csrf', (req, res) => { res.send(CsrfProtectionComponent.getCsrfToken(req.getSession())); }, 'csrf'); } }()); await super.init(); } }(addr, port); }); let agent: supertest.SuperTest; describe('Authentication system', () => { test('Obtain session cookies', async () => { agent = supertest(app.getExpressApp()); }); test('Register with email with username', async () => { const res = await agent.get('/csrf').expect(200); const cookies = res.get('Set-Cookie'); const csrf = res.text; expect(cookies).toBeDefined(); await agent.post('/auth/register') .set('Cookie', cookies) .send({ csrf: csrf, auth_method: 'password', identifier: 'entrapta', password: 'darla_is_cute', password_confirmation: 'darla_is_cute', terms: 'on', }) .expect(302) .expect('Location', '/'); // Verify saved user const user = await User.select() .where('name', 'entrapta') .first(); expect(user).toBeDefined(); expect(user?.as(UserNameComponent).name).toStrictEqual('entrapta'); await expect(user?.as(UserPasswordComponent).verifyPassword('darla_is_cute')).resolves.toStrictEqual(true); }); test('Register with email with email (magic_link)', async () => { let res = await agent.get('/csrf').expect(200); const cookies = res.get('Set-Cookie'); const csrf = res.text; expect(cookies).toBeDefined(); res = await agent.post('/auth/register') .set('Cookie', cookies) .send({ csrf: csrf, auth_method: 'magic_link', identifier: 'glimmer@example.org', name: 'glimmer', }) .expect(302) .expect('Location', '/magic/lobby?redirect_uri=%2Fcsrf'); const mail: Record | null = await popEmail(); expect(mail).not.toBeNull(); const query = (mail?.text as string).split('/magic/link?')[1].split('\n')[0]; expect(query).toBeDefined(); // .expect('Location', '/'); res = await agent.get('/magic/link?' + query) .expect(200); res = await agent.get('/magic/lobby') .set('Cookie', cookies) .expect(302) .expect('Location', '/'); log.debug(res.status, res.headers, res.body, res.text); // Verify saved user const user = await User.select() .with('mainEmail') .where('name', 'glimmer') .first(); expect(user).toBeDefined(); const email = user?.mainEmail.getOrFail(); expect(email).toBeDefined(); expect(email?.email).toStrictEqual('glimmer@example.org'); expect(user?.as(UserNameComponent).name).toStrictEqual('glimmer'); await expect(user?.as(UserPasswordComponent).verifyPassword('')).resolves.toStrictEqual(false); }); });