const request = require('supertest'); var application = require('../../../config/server'); var path = require('path'); const api_version = path.resolve(__dirname, '..').split(path.sep).pop(); var models_test = application.app[api_version].models; describe('auth module - test login, request password, recover password and change password', function () { let connectionSql; let headers; let user_instance = null let user_id = null let email_register = "demo@andrealmeida.net" beforeAll(async () => { connectionSql = application.config.dbMySQLConnection(); }); afterAll(async () => { await connectionSql.close(); }); test('Test to create a new account - should be "Leaked Password"', async () => { let obj = { "email": email_register, "password": "Ab123456?", "confirm_password": "Ab123456?" } let response = await request(application).post("/" + api_version + "/auth/signup").send(obj); expect(response.statusCode).toBe(400); expect(response.body).toEqual({ error: 'Please choose another one - Leaked password', code: 400 }) }); test('Test to create a new account - should be "Password Strength Validation"', async () => { let obj = { "email": email_register, "password": "Ab123", "confirm_password": "Ab123" } let response = await request(application).post("/" + api_version + "/auth/signup").send(obj); expect(response.statusCode).toBe(401); expect(response.body).toEqual({ error: 'Password Strength Validation', code: 401 }) }); test('Test to create a new account - should be "Password is not match with confirm passowrd"', async () => { let obj = { "email": email_register, "password": "Ab123", "confirm_password": "Ab12" } let response = await request(application).post("/" + api_version + "/auth/signup").send(obj); expect(response.statusCode).toBe(401); expect(response.body).toEqual({ error: 'Password is not match with confirm passowrd', code: 401 }) }); test('Test to create a new account', async () => { let obj = { "email": email_register, "password": "6$h@3$um328@Lhi7&!y62YMtH@$95x55", "confirm_password": "6$h@3$um328@Lhi7&!y62YMtH@$95x55" } let response = await request(application).post("/" + api_version + "/auth/signup").send(obj); expect(response.statusCode).toBe(200); expect(response.body).toEqual({ code: 200, message: 'User created sucessfully!' }) user_instance = await new models_test.user(connectionSql, models_test).user.findOne({ where: { "email": obj.email } }) }); test('Test to create a new account - should be "Choose another email"', async () => { let obj = { "email": email_register, "password": "Ab123456_?**", "confirm_password": "Ab123456_?**" } let response = await request(application).post("/" + api_version + "/auth/signup").send(obj); expect(response.statusCode).toBe(400); expect(response.body).toEqual({ error: 'Choose another email', code: 400 }) }); test('Test to request password', async () => { let obj = { "email": email_register } let response = await request(application).post("/" + api_version + "/auth/requestpassword").send(obj); expect(response.statusCode).toBe(200); }); test('Test to recover the password', async () => { user_instance = await new models_test.user(connectionSql, models_test).user.findOne({ where: { "email": email_register } }) let obj = { "recover_token": user_instance.recover_token, "email": user_instance.email, "password": "Ab123456X?", "confirm_password": "Ab123456X?" } let response = await request(application).post("/" + api_version + "/auth/recoverpassword").send(obj); expect(response.statusCode).toBe(200); expect(response.body.result.auth.token).not.toBe(null) }); test('Test to recover the password with the same values', async () => { let obj = { "recover_token": user_instance.recover_token, "email": user_instance.email, "password": "Ab123456X?", "confirm_password": "Ab123456X?" } let response = await request(application).post("/" + api_version + "/auth/recoverpassword").send(obj); expect(response.statusCode).toBe(400); expect(response.body).toEqual({ error: 'Bad Request', code: 400 }) }); test('Test to recover the password with an expired token', async () => { let obj = { "recover_token": "10828f10-aeb8-11ec-8057-b96fcad2e43c_1638486611", "email": user_instance.email, "password": "Ab123456X?", "confirm_password": "Ab123456X?" } let response = await request(application).post("/" + api_version + "/auth/recoverpassword").send(obj); expect(response.statusCode).toBe(401); expect(response.body).toEqual({ "error": "Expired Request", "code": 401 }) }); test('Test the login into the app', async () => { let login_obj = { "user": user_instance.email, "password": "Ab123456X?" } let response = await request(application).post("/" + api_version + "/auth/signin").auth(login_obj.user, login_obj.password).send(); headers = { auth_token: response.body.result.auth.token } expect(response.statusCode).toBe(200); user_id = response.body.result.user.id }); test('Test to change the current password', async () => { user_instance = await new models_test.user(connectionSql, models_test).user.findOne({ where: { id: user_id } }) headers.auth_token = user_instance.auth_token let obj = { "email": user_instance.email, "password": "Ab123456xpto$", "confirm_password": "Ab123456xpto$" } let response = await request(application).post("/" + api_version + "/auth/changepassword").set(headers).send(obj); expect(response.statusCode).toBe(200); }); test('Test login with wrong credencials', async () => { let login_obj = { "user": user_instance.email, "password": "Ab123456xxxa$" } let response = await request(application).post("/" + api_version + "/auth/signin").send().auth(login_obj.user, login_obj.password); expect(response.statusCode).toBe(401); expect(response.body).toEqual({ "error": "Unauthorized access", "code": 401 }) }); test('Test to change the current password again - leaked password', async () => { user_instance = await new models_test.user(connectionSql, models_test).user.findOne({ where: { id: user_id } }) headers.auth_token = user_instance.auth_token let obj = { "email": user_instance.email, "password": "Ab123456?", "confirm_password": "Ab123456?" } let response = await request(application).post("/" + api_version + "/auth/changepassword").set(headers).send(obj); expect(response.statusCode).toBe(400); expect(response.body).toEqual({ error: 'Please choose another one - Leaked password', code: 400 }) }); test('Test to change the current password to the first one', async () => { user_instance = await new models_test.user(connectionSql, models_test).user.findOne({ where: { id: user_id } }) headers.auth_token = user_instance.auth_token let obj = { "email": user_instance.email, "password": "6$h@3$um328@Lhi7&!y62YMtH@$95x55", "confirm_password": "6$h@3$um328@Lhi7&!y62YMtH@$95x55" } let response = await request(application).post("/" + api_version + "/auth/changepassword").set(headers).send(obj); expect(response.statusCode).toBe(200); }); test('Test the login into the app again', async () => { let login_obj = { "user": user_instance.email, "password": "6$h@3$um328@Lhi7&!y62YMtH@$95x55" } let response = await request(application).post("/" + api_version + "/auth/signin").auth(login_obj.user, login_obj.password).send(); headers = { auth_token: response.body.result.auth.token } expect(response.statusCode).toBe(200); }); test('Test to delete an specific user', async () => { let response = await request(application).delete("/" + api_version + "/auth/deleteaccount").set(headers).send(); console.log("response.body ", response.body) expect(response.statusCode).toBe(200); expect(response.body).toEqual({ code: 200, message: "User deleted successfully!" }); }); });