Dimitrie Stefanescu
223 lines
7.0 KiB
JavaScript
223 lines
7.0 KiB
JavaScript
/* istanbul ignore file */
|
|
const chai = require( 'chai' )
|
|
const chaiHttp = require( 'chai-http' )
|
|
const assert = require( 'assert' )
|
|
const appRoot = require( 'app-root-path' )
|
|
|
|
const { init } = require( `${appRoot}/app` )
|
|
|
|
const expect = chai.expect
|
|
chai.use( chaiHttp )
|
|
|
|
const knex = require( `${appRoot}/db/knex` )
|
|
|
|
const { createUser, findOrCreateUser, getUser, searchUsers, updateUser, deleteUser, validatePasssword, updateUserPassword } = require( '../services/users' )
|
|
const { createPersonalAccessToken, createAppToken, revokeToken, revokeTokenById, validateToken, getUserTokens } = require( '../services/tokens' )
|
|
|
|
describe( 'Actors & Tokens @user-services', ( ) => {
|
|
let myTestActor = {
|
|
name: 'Dimitrie Stefanescu',
|
|
email: 'didimitrie@gmail.com',
|
|
password: 'sn3aky-1337-b1m'
|
|
}
|
|
|
|
let otherUser = {}
|
|
|
|
before( async ( ) => {
|
|
await knex.migrate.rollback( )
|
|
await knex.migrate.latest( )
|
|
await init()
|
|
|
|
let actorId = await createUser( myTestActor )
|
|
myTestActor.id = actorId
|
|
|
|
} )
|
|
|
|
after( async ( ) => {
|
|
await knex.migrate.rollback( )
|
|
} )
|
|
|
|
|
|
describe( 'Users @core-users', ( ) => {
|
|
|
|
it( 'First created user should be a server admin', async ( ) => {
|
|
|
|
} )
|
|
|
|
it( 'Should create an user', async ( ) => {
|
|
let newUser = { ...myTestActor }
|
|
newUser.name = 'Bill Gates'
|
|
newUser.email = 'bill@gates.com'
|
|
newUser.password = 'testthebest'
|
|
|
|
let actorId = await createUser( newUser )
|
|
newUser.id = actorId
|
|
otherUser = { ...newUser }
|
|
|
|
expect( actorId ).to.be.a( 'string' )
|
|
} )
|
|
|
|
it( 'Should not create a user with a too small password', async () => {
|
|
try {
|
|
await createUser( { name: 'Dim Sum', email: 'dim@gmail.com', password: '1234567' } )
|
|
} catch ( e ) {
|
|
// pass
|
|
}
|
|
} )
|
|
|
|
it( 'Should not create an user with the same email', async ( ) => {
|
|
|
|
let newUser = { ...myTestActor }
|
|
newUser.name = 'Bill Gates'
|
|
newUser.email = 'bill@gates.com'
|
|
newUser.password = 'testthebest'
|
|
|
|
try {
|
|
let actorId = await createUser( newUser )
|
|
assert.fail( 'dupe email' )
|
|
} catch ( e ) {
|
|
// pass
|
|
}
|
|
|
|
} )
|
|
|
|
it( 'Find or create should create a user', async ( ) => {
|
|
|
|
let newUser = { ...myTestActor }
|
|
newUser.name = 'Steve Ballmer Balls'
|
|
newUser.email = 'ballmer@balls.com'
|
|
newUser.password = 'testthebest'
|
|
|
|
let { id } = await findOrCreateUser( { user: newUser } )
|
|
expect( id ).to.be.a( 'string' )
|
|
|
|
} )
|
|
|
|
it( 'Find or create should NOT create a user', async ( ) => {
|
|
|
|
let newUser = { ...myTestActor }
|
|
newUser.name = 'Steve Ballmer Balls'
|
|
newUser.email = 'ballmer@balls.com'
|
|
newUser.password = 'testthebest'
|
|
newUser.suuid = 'really it does not matter'
|
|
|
|
let { id } = await findOrCreateUser( { user: newUser } )
|
|
expect( id ).to.be.a( 'string' )
|
|
|
|
} )
|
|
|
|
it( 'Should get an user', async ( ) => {
|
|
let actor = await getUser( myTestActor.id )
|
|
expect( actor ).to.not.have.property( 'passwordDigest' )
|
|
} )
|
|
|
|
it( 'Should search and get an users', async ( ) => {
|
|
let { users } = await searchUsers( 'gates', 20, null )
|
|
expect( users ).to.have.lengthOf( 1 )
|
|
expect( users[ 0 ].name ).to.equal( 'Bill Gates' )
|
|
} )
|
|
|
|
it( 'Should update an user', async ( ) => {
|
|
let updatedActor = { ...myTestActor }
|
|
updatedActor.name = 'didimitrie'
|
|
|
|
await updateUser( myTestActor.id, updatedActor )
|
|
|
|
let actor = await getUser( myTestActor.id )
|
|
expect( actor.name ).to.equal( updatedActor.name )
|
|
|
|
} )
|
|
|
|
it( 'Should not update password', async ( ) => {
|
|
let updatedActor = { ...myTestActor }
|
|
updatedActor.password = 'failwhale'
|
|
|
|
await updateUser( myTestActor.id, updatedActor )
|
|
|
|
let match = await validatePasssword( { email: myTestActor.email, password: 'failwhale' } )
|
|
expect( match ).to.equal( false )
|
|
} )
|
|
|
|
it( 'Should validate user password', async ( ) => {
|
|
let actor = {}
|
|
actor.password = 'super-test-200'
|
|
actor.email = 'e@ma.il'
|
|
actor.name = 'Bob Gates'
|
|
|
|
let id = await createUser( actor )
|
|
|
|
let match = await validatePasssword( { email: actor.email, password: 'super-test-200' } )
|
|
expect( match ).to.equal( true )
|
|
let match_wrong = await validatePasssword( { email: actor.email, password: 'super-test-2000' } )
|
|
expect( match_wrong ).to.equal( false )
|
|
|
|
} )
|
|
|
|
it( 'Should update the password of a user', async() => {
|
|
let id = await createUser( { name: 'D', email:'tester@mcbester.com', password:'H4!b5at+kWls-8yh4Guq' } ) // https://mostsecure.pw
|
|
await updateUserPassword( { id, newPassword: 'Hello Dogs and Cats' } )
|
|
|
|
let match = await validatePasssword( { email: 'tester@mcbester.com', password: 'Hello Dogs and Cats' } )
|
|
expect( match ).to.equal( true )
|
|
} )
|
|
} )
|
|
|
|
describe( 'API Tokens @core-apitokens', ( ) => {
|
|
let myFirstToken
|
|
let pregeneratedToken
|
|
let revokedToken
|
|
let someOtherToken
|
|
let expireSoonToken
|
|
|
|
before( async ( ) => {
|
|
pregeneratedToken = await createPersonalAccessToken( myTestActor.id, 'Whabadub', [ 'streams:read', 'streams:write', 'profile:read', 'users:email' ] )
|
|
revokedToken = await createPersonalAccessToken( myTestActor.id, 'Mr. Revoked', [ 'streams:read' ] )
|
|
someOtherToken = await createPersonalAccessToken( otherUser.id, 'Hello World', [ 'streams:write' ] )
|
|
expireSoonToken = await createPersonalAccessToken( myTestActor.id, 'Mayfly', [ 'streams:read' ], 1 ) // 1ms lifespan
|
|
} )
|
|
|
|
it( 'Should create an personal api token', async ( ) => {
|
|
let scopes = [ 'streams:write', 'profile:read' ]
|
|
let name = 'My Test Token'
|
|
|
|
myFirstToken = await createPersonalAccessToken( myTestActor.id, name, scopes )
|
|
expect( myFirstToken ).to.have.lengthOf( 42 )
|
|
} )
|
|
|
|
// it( 'Should create an api token for an app', async ( ) => {
|
|
// let test = await createAppToken( { userId: myTestActor.id, appId: 'spklwebapp' } )
|
|
// expect( test ).to.have.lengthOf( 42 )
|
|
// } )
|
|
|
|
it( 'Should validate a token', async ( ) => {
|
|
let res = await validateToken( pregeneratedToken )
|
|
expect( res ).to.have.property( 'valid' )
|
|
expect( res.valid ).to.equal( true )
|
|
expect( res ).to.have.property( 'scopes' )
|
|
expect( res ).to.have.property( 'userId' )
|
|
expect( res ).to.have.property( 'role' )
|
|
} )
|
|
|
|
it( 'Should revoke an api token', async ( ) => {
|
|
await revokeToken( revokedToken, myTestActor.id )
|
|
let res = await validateToken( revokedToken )
|
|
expect( res ).to.have.property( 'valid' )
|
|
expect( res.valid ).to.equal( false )
|
|
} )
|
|
|
|
it( 'Should refuse an expired token', async ( ) => {
|
|
let res = await validateToken( expireSoonToken )
|
|
expect( res.valid ).to.equal( false )
|
|
// assert.fail( )
|
|
} )
|
|
|
|
it( 'Should get the tokens of an user', async ( ) => {
|
|
let userTokens = await getUserTokens( myTestActor.id )
|
|
expect( userTokens ).to.be.an( 'array' )
|
|
expect( userTokens ).to.have.lengthOf( 2 )
|
|
} )
|
|
} )
|
|
|
|
|
|
} )
|