2021-04-16 15:29:23 +02:00
|
|
|
import dbInit from '../helpers/database-init';
|
|
|
|
import getLogger from '../../fixtures/no-logger';
|
|
|
|
import ResetTokenService from '../../../lib/services/reset-token-service';
|
|
|
|
import UserService from '../../../lib/services/user-service';
|
|
|
|
import { AccessService } from '../../../lib/services/access-service';
|
|
|
|
import { EmailService } from '../../../lib/services/email-service';
|
2021-04-22 10:07:10 +02:00
|
|
|
import { IUnleashConfig } from '../../../lib/types/option';
|
2021-04-22 15:04:08 +02:00
|
|
|
import { createTestConfig } from '../../config/test-config';
|
2021-04-27 09:16:44 +02:00
|
|
|
import SessionService from '../../../lib/services/session-service';
|
2021-05-28 11:10:24 +02:00
|
|
|
import InvalidTokenError from '../../../lib/error/invalid-token-error';
|
2021-08-12 15:04:37 +02:00
|
|
|
import { IUser } from '../../../lib/types/user';
|
2021-04-16 15:29:23 +02:00
|
|
|
|
2021-04-22 15:04:08 +02:00
|
|
|
const config: IUnleashConfig = createTestConfig();
|
2021-04-16 15:29:23 +02:00
|
|
|
|
|
|
|
let stores;
|
|
|
|
let db;
|
|
|
|
let adminUser;
|
2021-08-12 15:04:37 +02:00
|
|
|
let userToCreateResetFor: IUser;
|
2021-04-16 15:29:23 +02:00
|
|
|
let userIdToCreateResetFor: number;
|
|
|
|
let accessService: AccessService;
|
|
|
|
let userService: UserService;
|
|
|
|
let resetTokenService: ResetTokenService;
|
2021-04-27 09:16:44 +02:00
|
|
|
let sessionService: SessionService;
|
2021-05-28 11:10:24 +02:00
|
|
|
beforeAll(async () => {
|
2021-04-16 15:29:23 +02:00
|
|
|
db = await dbInit('reset_token_service_serial', getLogger);
|
|
|
|
stores = db.stores;
|
|
|
|
accessService = new AccessService(stores, config);
|
|
|
|
resetTokenService = new ResetTokenService(stores, config);
|
2021-04-27 09:16:44 +02:00
|
|
|
sessionService = new SessionService(stores, config);
|
2021-04-22 10:07:10 +02:00
|
|
|
const emailService = new EmailService(undefined, config.getLogger);
|
2021-04-16 15:29:23 +02:00
|
|
|
|
|
|
|
userService = new UserService(stores, config, {
|
|
|
|
accessService,
|
|
|
|
resetTokenService,
|
|
|
|
emailService,
|
2021-04-27 09:16:44 +02:00
|
|
|
sessionService,
|
2021-04-16 15:29:23 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
adminUser = await userService.createUser({
|
|
|
|
username: 'admin@test.com',
|
|
|
|
rootRole: 1,
|
|
|
|
});
|
|
|
|
|
|
|
|
userToCreateResetFor = await userService.createUser({
|
|
|
|
username: 'test@test.com',
|
|
|
|
rootRole: 2,
|
|
|
|
});
|
|
|
|
userIdToCreateResetFor = userToCreateResetFor.id;
|
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
afterAll(async () => {
|
|
|
|
if (db) {
|
|
|
|
await db.destroy();
|
|
|
|
}
|
2021-04-16 15:29:23 +02:00
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('Should create a reset link', async () => {
|
2021-04-16 15:29:23 +02:00
|
|
|
const url = await resetTokenService.createResetPasswordUrl(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
expect(url.toString().substring(0, url.toString().indexOf('='))).toBe(
|
2021-05-07 10:38:41 +02:00
|
|
|
`${config.server.unleashUrl}/reset-password?token`,
|
|
|
|
);
|
2021-04-16 15:29:23 +02:00
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('Should create a reset link with unleashUrl with context path', async () => {
|
|
|
|
const localConfig = createTestConfig({
|
|
|
|
server: { unleashUrl: 'http://localhost:4242/my/sub/path' },
|
|
|
|
});
|
|
|
|
const resetToken: ResetTokenService = new ResetTokenService(
|
|
|
|
stores,
|
|
|
|
localConfig,
|
|
|
|
);
|
2021-05-11 14:43:41 +02:00
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
const url = await resetToken.createResetPasswordUrl(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
expect(url.toString().substring(0, url.toString().indexOf('='))).toBe(
|
|
|
|
`${localConfig.server.unleashUrl}/reset-password?token`,
|
|
|
|
);
|
|
|
|
});
|
2021-05-11 14:43:41 +02:00
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('Should create a welcome link', async () => {
|
2021-04-23 10:58:47 +02:00
|
|
|
const url = await resetTokenService.createNewUserUrl(
|
2021-04-16 15:29:23 +02:00
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser.username,
|
|
|
|
);
|
2021-05-07 10:38:41 +02:00
|
|
|
const urlS = url.toString();
|
2021-05-28 11:10:24 +02:00
|
|
|
expect(urlS.substring(0, urlS.indexOf('='))).toBe(
|
2021-05-07 10:38:41 +02:00
|
|
|
`${config.server.unleashUrl}/new-user?token`,
|
|
|
|
);
|
2021-04-16 15:29:23 +02:00
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('Tokens should be one-time only', async () => {
|
2021-04-16 15:29:23 +02:00
|
|
|
const token = await resetTokenService.createToken(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
|
|
|
|
const accessGranted = await resetTokenService.useAccessToken(token);
|
2021-05-28 11:10:24 +02:00
|
|
|
expect(accessGranted).toBe(true);
|
2021-04-16 15:29:23 +02:00
|
|
|
const secondGo = await resetTokenService.useAccessToken(token);
|
2021-05-28 11:10:24 +02:00
|
|
|
expect(secondGo).toBe(false);
|
2021-04-16 15:29:23 +02:00
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('Creating a new token should expire older tokens', async () => {
|
2021-04-16 15:29:23 +02:00
|
|
|
const firstToken = await resetTokenService.createToken(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
const secondToken = await resetTokenService.createToken(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
2021-05-28 11:10:24 +02:00
|
|
|
await expect(async () =>
|
2021-04-16 15:29:23 +02:00
|
|
|
resetTokenService.isValid(firstToken.token),
|
2021-05-28 11:10:24 +02:00
|
|
|
).rejects.toThrow(InvalidTokenError);
|
2021-04-16 15:29:23 +02:00
|
|
|
const validToken = await resetTokenService.isValid(secondToken.token);
|
2021-05-28 11:10:24 +02:00
|
|
|
expect(secondToken.token).toBe(validToken.token);
|
2021-04-16 15:29:23 +02:00
|
|
|
});
|
2021-04-23 10:58:47 +02:00
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('Retrieving valid invitation links should retrieve an object with userid key and token value', async () => {
|
|
|
|
const token = await resetTokenService.createToken(
|
|
|
|
userIdToCreateResetFor,
|
|
|
|
adminUser,
|
|
|
|
);
|
|
|
|
expect(token).toBeTruthy();
|
|
|
|
const activeInvitations = await resetTokenService.getActiveInvitations();
|
|
|
|
expect(Object.keys(activeInvitations).length === 1).toBe(true);
|
|
|
|
expect(+Object.keys(activeInvitations)[0] === userIdToCreateResetFor).toBe(
|
|
|
|
true,
|
|
|
|
);
|
|
|
|
expect(activeInvitations[userIdToCreateResetFor]).toBeTruthy();
|
|
|
|
});
|