2021-04-16 15:29:23 +02:00
|
|
|
import test from 'ava';
|
|
|
|
import dbInit from '../helpers/database-init';
|
|
|
|
import getLogger from '../../fixtures/no-logger';
|
|
|
|
import ResetTokenService from '../../../lib/services/reset-token-service';
|
|
|
|
import UserService from '../../../lib/services/user-service';
|
|
|
|
import { AccessService } from '../../../lib/services/access-service';
|
|
|
|
import NotFoundError from '../../../lib/error/notfound-error';
|
|
|
|
import { EmailService } from '../../../lib/services/email-service';
|
2021-04-22 23:40:52 +02:00
|
|
|
import User from '../../../lib/types/user';
|
2021-04-22 10:07:10 +02:00
|
|
|
import { IUnleashConfig } from '../../../lib/types/option';
|
2021-04-22 15:04:08 +02:00
|
|
|
import { createTestConfig } from '../../config/test-config';
|
2021-04-27 09:16:44 +02:00
|
|
|
import SessionService from '../../../lib/services/session-service';
|
2021-04-16 15:29:23 +02:00
|
|
|
|
2021-04-22 15:04:08 +02:00
|
|
|
const config: IUnleashConfig = createTestConfig();
|
2021-04-16 15:29:23 +02:00
|
|
|
|
|
|
|
let stores;
|
|
|
|
let db;
|
|
|
|
let adminUser;
|
|
|
|
let userToCreateResetFor: User;
|
|
|
|
let userIdToCreateResetFor: number;
|
|
|
|
let accessService: AccessService;
|
|
|
|
let userService: UserService;
|
|
|
|
let resetTokenService: ResetTokenService;
|
2021-04-27 09:16:44 +02:00
|
|
|
let sessionService: SessionService;
|
2021-04-16 15:29:23 +02:00
|
|
|
test.before(async () => {
|
|
|
|
db = await dbInit('reset_token_service_serial', getLogger);
|
|
|
|
stores = db.stores;
|
|
|
|
accessService = new AccessService(stores, config);
|
|
|
|
resetTokenService = new ResetTokenService(stores, config);
|
2021-04-27 09:16:44 +02:00
|
|
|
sessionService = new SessionService(stores, config);
|
2021-04-22 10:07:10 +02:00
|
|
|
const emailService = new EmailService(undefined, config.getLogger);
|
2021-04-16 15:29:23 +02:00
|
|
|
|
|
|
|
userService = new UserService(stores, config, {
|
|
|
|
accessService,
|
|
|
|
resetTokenService,
|
|
|
|
emailService,
|
2021-04-27 09:16:44 +02:00
|
|
|
sessionService,
|
2021-04-16 15:29:23 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
adminUser = await userService.createUser({
|
|
|
|
username: 'admin@test.com',
|
|
|
|
rootRole: 1,
|
|
|
|
});
|
|
|
|
|
|
|
|
userToCreateResetFor = await userService.createUser({
|
|
|
|
username: 'test@test.com',
|
|
|
|
rootRole: 2,
|
|
|
|
});
|
|
|
|
userIdToCreateResetFor = userToCreateResetFor.id;
|
|
|
|
});
|
|
|
|
|
|
|
|
test.after.always(async () => {
|
|
|
|
db.destroy();
|
|
|
|
});
|
|
|
|
|
|
|
|
test.serial('Should create a reset link', async t => {
|
|
|
|
const url = await resetTokenService.createResetPasswordUrl(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
|
2021-05-07 10:38:41 +02:00
|
|
|
t.is(
|
|
|
|
url.toString().substring(0, url.toString().indexOf('=')),
|
|
|
|
`${config.server.unleashUrl}/reset-password?token`,
|
|
|
|
);
|
2021-04-16 15:29:23 +02:00
|
|
|
});
|
|
|
|
|
2021-05-11 14:43:41 +02:00
|
|
|
test.serial(
|
|
|
|
'Should create a reset link with unleashUrl with context path',
|
|
|
|
async t => {
|
|
|
|
const localConfig = createTestConfig({
|
|
|
|
server: { unleashUrl: 'http://localhost:4242/my/sub/path' },
|
|
|
|
});
|
|
|
|
const resetToken: ResetTokenService = new ResetTokenService(
|
|
|
|
stores,
|
|
|
|
localConfig,
|
|
|
|
);
|
|
|
|
|
|
|
|
const url = await resetToken.createResetPasswordUrl(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
t.is(
|
|
|
|
url.toString().substring(0, url.toString().indexOf('=')),
|
|
|
|
`${localConfig.server.unleashUrl}/reset-password?token`,
|
|
|
|
);
|
|
|
|
},
|
|
|
|
);
|
|
|
|
|
2021-04-16 15:29:23 +02:00
|
|
|
test.serial('Should create a welcome link', async t => {
|
2021-04-23 10:58:47 +02:00
|
|
|
const url = await resetTokenService.createNewUserUrl(
|
2021-04-16 15:29:23 +02:00
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser.username,
|
|
|
|
);
|
2021-05-07 10:38:41 +02:00
|
|
|
const urlS = url.toString();
|
|
|
|
t.is(
|
|
|
|
urlS.substring(0, urlS.indexOf('=')),
|
|
|
|
`${config.server.unleashUrl}/new-user?token`,
|
|
|
|
);
|
2021-04-16 15:29:23 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
test.serial('Tokens should be one-time only', async t => {
|
|
|
|
const token = await resetTokenService.createToken(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
|
|
|
|
const accessGranted = await resetTokenService.useAccessToken(token);
|
|
|
|
t.is(accessGranted, true);
|
|
|
|
const secondGo = await resetTokenService.useAccessToken(token);
|
|
|
|
t.is(secondGo, false);
|
|
|
|
});
|
|
|
|
|
|
|
|
test.serial('Creating a new token should expire older tokens', async t => {
|
|
|
|
const firstToken = await resetTokenService.createToken(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
const secondToken = await resetTokenService.createToken(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
await t.throwsAsync<NotFoundError>(async () =>
|
|
|
|
resetTokenService.isValid(firstToken.token),
|
|
|
|
);
|
|
|
|
const validToken = await resetTokenService.isValid(secondToken.token);
|
|
|
|
t.is(secondToken.token, validToken.token);
|
|
|
|
});
|
2021-04-23 10:58:47 +02:00
|
|
|
|
|
|
|
test.serial(
|
|
|
|
'Retrieving valid invitation links should retrieve an object with userid key and token value',
|
|
|
|
async t => {
|
2021-05-11 14:43:41 +02:00
|
|
|
const token = await resetTokenService.createToken(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
t.truthy(token);
|
2021-04-23 10:58:47 +02:00
|
|
|
const activeInvitations = await resetTokenService.getActiveInvitations();
|
|
|
|
t.true(Object.keys(activeInvitations).length === 1);
|
|
|
|
t.true(+Object.keys(activeInvitations)[0] === userIdToCreateResetFor);
|
|
|
|
t.truthy(activeInvitations[userIdToCreateResetFor]);
|
|
|
|
},
|
|
|
|
);
|