Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-09-10 17:53:36 +02:00
Code Issues Projects Releases Wiki Activity

fix: password reset - response code

Browse Source
This commit is contained in:
Tymoteusz Czech 2022-10-12 08:53:16 +02:00
parent 0651c83bd1
commit 5352ed5aca
No known key found for this signature in database
GPG Key ID: 133555230D88D75F
2 changed files with 7 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/lib/routes/auth/reset-password-controller.ts
View File

@ -144,7 +144,11 @@ class ResetPasswordController extends Controller {
): Promise<void> { ): Promise<void> {
await this.logout(req); await this.logout(req);
const { token, password } = req.body; const { token, password } = req.body;
await this.userService.resetPassword(token, password); try {
await this.userService.resetPassword(token, password);
} catch (e) {
this.logger.error(e);
}
res.status(200).end(); res.status(200).end();
} }

37
src/test/e2e/api/auth/reset-password-controller.e2e.test.ts
View File

@ -141,39 +141,6 @@ test('Can use token to reset password', async () => {
expect(user.email).toBe(loggedInUser.email); expect(user.email).toBe(loggedInUser.email);
}); });
test('Trying to reset password with same token twice does not work', async () => {
const url = await resetTokenService.createResetPasswordUrl(
user.id,
adminUser.username,
);
const relative = getBackendResetUrl(url);
let token;
await app.request
.get(relative)
.expect(200)
.expect('Content-Type', /json/)
.expect((res) => {
token = res.body.token;
});
await app.request
.post('/auth/reset/password')
.send({
token,
password,
})
.expect(200);
await app.request
.post('/auth/reset/password')
.send({
token,
password,
})
.expect(403)
.expect((res) => {
expect(res.body.details[0].message).toBeTruthy();
});
});
test('Invalid token should yield 401', async () => test('Invalid token should yield 401', async () =>
app.request.get('/auth/reset/validate?token=abc123').expect((res) => { app.request.get('/auth/reset/validate?token=abc123').expect((res) => {
expect(res.status).toBe(401); expect(res.status).toBe(401);
@ -234,14 +201,14 @@ test('Calling reset endpoint with already existing session should logout/destroy
await destroy(); await destroy();
}); });
test('Trying to change password with an invalid token should yield 401', async () => test('Trying to change password with an invalid token should yield 200', async () =>
app.request app.request
.post('/auth/reset/password') .post('/auth/reset/password')
.send({ .send({
token: 'abc123', token: 'abc123',
password, password,
}) })
.expect((res) => expect(res.status).toBe(401))); .expect((res) => expect(res.status).toBe(200)));
test('Trying to change password to undefined should yield 400 without crashing the server', async () => { test('Trying to change password to undefined should yield 400 without crashing the server', async () => {
expect.assertions(0); expect.assertions(0);