You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
101 lines
2.5 KiB
TypeScript
101 lines
2.5 KiB
TypeScript
import axios from "axios";
|
|
import assert from "assert";
|
|
import TheApp from "../app.js";
|
|
import { withProdApp } from "../test_utils/with-prod-app.js";
|
|
import { LONG_TEST_TIMEOUT } from "../test_utils/webhint.js";
|
|
|
|
describe("password-reset-intents", function () {
|
|
//ts-ignore
|
|
async function createAUser(app: TheApp) {
|
|
await app.collections.users.suCreate({
|
|
username: "user",
|
|
email: "user@example.com",
|
|
password: "password",
|
|
roles: [],
|
|
});
|
|
}
|
|
|
|
it(
|
|
"tells you if the email address doesn't exist",
|
|
async function () {
|
|
return withProdApp(async ({ app, base_url }) => {
|
|
const email = "fake@example.com";
|
|
try {
|
|
await axios.post(
|
|
`${base_url}/api/v1/collections/password-reset-intents`,
|
|
{
|
|
email: email,
|
|
}
|
|
);
|
|
} catch (e) {
|
|
assert.equal(
|
|
e.response.data.data.field_messages.email.message,
|
|
app.i18n("invalid_existing_value", ["users", "email", email])
|
|
);
|
|
return;
|
|
}
|
|
throw new Error("it didn't throw");
|
|
});
|
|
},
|
|
LONG_TEST_TIMEOUT
|
|
);
|
|
|
|
it(
|
|
"allows anyone to create an intent, if the email exists",
|
|
async () =>
|
|
withProdApp(async ({ app, base_url }) => {
|
|
await createAUser(app);
|
|
const { email, token } = (
|
|
await axios.post(
|
|
`${base_url}/api/v1/collections/password-reset-intents`,
|
|
{
|
|
email: "user@example.com",
|
|
}
|
|
)
|
|
).data;
|
|
assert.deepEqual(
|
|
{ email, token },
|
|
{
|
|
email: "user@example.com",
|
|
token: "it's a secret to everybody",
|
|
}
|
|
);
|
|
}),
|
|
LONG_TEST_TIMEOUT
|
|
);
|
|
|
|
it("tells you if the email address is malformed", async () =>
|
|
withProdApp(async ({ app, base_url }) => {
|
|
const email = "incorrect-address";
|
|
try {
|
|
await axios.post(
|
|
`${base_url}/api/v1/collections/password-reset-intents`,
|
|
{
|
|
email: email,
|
|
}
|
|
);
|
|
} catch (e) {
|
|
assert.equal(
|
|
e.response.data.data.field_messages.email.message,
|
|
app.i18n("invalid_email", [email])
|
|
);
|
|
return;
|
|
}
|
|
throw new Error("it didn't throw");
|
|
}));
|
|
|
|
it("sends an email with the reset password link", async () =>
|
|
withProdApp(async ({ app, base_url, mail_api }) => {
|
|
await createAUser(app);
|
|
await axios.post(`${base_url}/api/v1/collections/password-reset-intents`, {
|
|
email: "user@example.com",
|
|
});
|
|
const messages = (await mail_api.getMessages()).filter(
|
|
(message) => message.recipients[0] == "<user@example.com>"
|
|
);
|
|
assert.equal(messages.length, 1);
|
|
assert.equal(messages[0].recipients.length, 1);
|
|
assert.equal(messages[0].recipients[0], "<user@example.com>");
|
|
}));
|
|
});
|