import querystring from "querystring"; import supertest from "supertest"; import User from "../src/auth/models/User.js"; import UserApprovedComponent from "../src/auth/models/UserApprovedComponent.js"; import useApp from "./_app.js"; import {authAppProvider, followMagicLinkFromMail} from "./_authentication_common.js"; import {popEmail} from "./_mail_server.js"; const app = useApp(authAppProvider(true, true)); let agent: supertest.SuperTest; beforeAll(() => { agent = supertest(app().getExpressApp()); }); test('Approval Mode', () => { expect(User.isApprovalMode()).toStrictEqual(true); }); describe('Register with username and password (password)', () => { let cookies: string[]; let csrf: string; test('General case', async () => { const res = await agent.get('/csrf').expect(200); cookies = res.get('Set-Cookie'); csrf = res.text; // Register user await agent.post('/auth/register') .set('Cookie', cookies) .send({ csrf: csrf, auth_method: 'password', identifier: 'entrapta2', password: 'darla_is_cute', password_confirmation: 'darla_is_cute', terms: 'on', }) .expect(302) .expect('Location', '/auth/'); // Verify saved user const user = await User.select() .where('name', 'entrapta2') .first(); expect(user).toBeDefined(); expect(user?.isApproved()).toBeFalsy(); expect(user?.as(UserApprovedComponent).approved).toBeFalsy(); // Proof must be revoked await agent.get('/has-any-password-auth-proof') .set('Cookie', cookies) .expect(404); await popEmail(); }); }); describe('Register with email (magic_link)', () => { test('General case', async () => { const res = await agent.get('/csrf').expect(200); const cookies = res.get('Set-Cookie'); const csrf = res.text; await agent.post('/auth/register?' + querystring.stringify({redirect_uri: '/redirect-uri'})) .set('Cookie', cookies) .send({ csrf: csrf, auth_method: 'magic_link', identifier: 'glimmer2@example.org', name: 'glimmer2', }) .expect(302) .expect('Location', '/magic/lobby?redirect_uri=%2Fredirect-uri'); await followMagicLinkFromMail(agent, cookies, '/auth/'); // Verify saved user const user = await User.select() .with('mainEmail') .where('name', 'glimmer2') .first(); expect(user).toBeDefined(); const email = user?.mainEmail.getOrFail(); expect(email).toBeDefined(); expect(user?.isApproved()).toBeFalsy(); expect(user?.as(UserApprovedComponent).approved).toBeFalsy(); // Proof must be revoked await agent.get('/has-any-magic-link') .set('Cookie', cookies) .expect(404); await popEmail(); }); }); describe('Authenticate with username and password (password)', () => { test('Force auth_method', async () => { const res = await agent.get('/csrf').expect(200); const cookies = res.get('Set-Cookie'); const csrf = res.text; // Not authenticated await agent.get('/is-auth').set('Cookie', cookies).expect(401); // Authenticate await agent.post('/auth/login?' + querystring.stringify({redirect_uri: '/redirect-uri'})) .set('Cookie', cookies) .send({ csrf: csrf, identifier: 'entrapta2', password: 'darla_is_cute', auth_method: 'password', }) .expect(302) .expect('Location', '/auth/'); // Proof must be revoked await agent.get('/has-any-password-auth-proof') .set('Cookie', cookies) .expect(404); }); }); describe('Authenticate with email (magic_link)', () => { test('Force auth_method', async () => { const res = await agent.get('/csrf').expect(200); const cookies = res.get('Set-Cookie'); const csrf = res.text; // Not authenticated await agent.get('/is-auth').set('Cookie', cookies).expect(401); // Authenticate await agent.post('/auth/login?' + querystring.stringify({redirect_uri: '/redirect-uri'})) .set('Cookie', cookies) .send({ csrf: csrf, identifier: 'glimmer2@example.org', auth_method: 'magic_link', }) .expect(302) .expect('Location', '/magic/lobby?redirect_uri=%2Fredirect-uri'); await followMagicLinkFromMail(agent, cookies, '/auth/'); // Proof must be revoked await agent.get('/has-any-magic-link') .set('Cookie', cookies) .expect(404); }); });