diff options
Diffstat (limited to 'tests/functional/dashboard/reset-password.spec.ts')
-rw-r--r-- | tests/functional/dashboard/reset-password.spec.ts | 122 |
1 files changed, 122 insertions, 0 deletions
diff --git a/tests/functional/dashboard/reset-password.spec.ts b/tests/functional/dashboard/reset-password.spec.ts new file mode 100644 index 0000000..e488482 --- /dev/null +++ b/tests/functional/dashboard/reset-password.spec.ts | |||
@@ -0,0 +1,122 @@ | |||
1 | import { test } from '@japa/runner'; | ||
2 | import Token from 'App/Models/Token'; | ||
3 | import UserFactory from 'Database/factories/UserFactory'; | ||
4 | import TokenFactory from 'Database/factories/TokenFactory'; | ||
5 | |||
6 | test.group('Dashboard / Reset password page', () => { | ||
7 | test('returns a `Invalid token` message when opening without a token', async ({ | ||
8 | client, | ||
9 | }) => { | ||
10 | const response = await client.get('/user/reset'); | ||
11 | |||
12 | response.assertStatus(200); | ||
13 | response.assertTextIncludes('Invalid token'); | ||
14 | }); | ||
15 | |||
16 | test('displays the form when a token is provided', async ({ client }) => { | ||
17 | const response = await client.get( | ||
18 | '/user/reset?token=randomtokenbutitworks', | ||
19 | ); | ||
20 | |||
21 | response.assertStatus(200); | ||
22 | response.assertTextIncludes('Reset Your Password'); | ||
23 | }); | ||
24 | |||
25 | test('returns `passwords do not match` message when passwords do not match', async ({ | ||
26 | client, | ||
27 | }) => { | ||
28 | const response = await client.post('/user/reset').fields({ | ||
29 | token: 'randomnotworkingtoken', | ||
30 | password: 'password', | ||
31 | password_confirmation: 'not_matching', | ||
32 | }); | ||
33 | |||
34 | response.assertTextIncludes('Passwords do not match'); | ||
35 | }); | ||
36 | |||
37 | test('returns `Cannot reset your password` when token does not exist', async ({ | ||
38 | client, | ||
39 | }) => { | ||
40 | const response = await client.post('/user/reset').fields({ | ||
41 | token: 'randomnotworkingtoken', | ||
42 | password: 'password', | ||
43 | password_confirmation: 'password', | ||
44 | }); | ||
45 | |||
46 | response.assertTextIncludes('Cannot reset your password'); | ||
47 | }); | ||
48 | |||
49 | test('returns `Cannot reset your password` when token is older than 24 hours', async ({ | ||
50 | client, | ||
51 | }) => { | ||
52 | const token = await TokenFactory.merge({ | ||
53 | // eslint-disable-next-line unicorn/no-await-expression-member | ||
54 | user_id: (await UserFactory.create()).id, | ||
55 | }) | ||
56 | .apply('old_token') | ||
57 | .create(); | ||
58 | |||
59 | const response = await client.post('/user/reset').fields({ | ||
60 | token: token.token, | ||
61 | password: 'password', | ||
62 | password_confirmation: 'password', | ||
63 | }); | ||
64 | |||
65 | response.assertTextIncludes('Cannot reset your password'); | ||
66 | }); | ||
67 | |||
68 | test('returns `Cannot reset your password` when token is revoked', async ({ | ||
69 | client, | ||
70 | }) => { | ||
71 | const token = await TokenFactory.merge({ | ||
72 | // eslint-disable-next-line unicorn/no-await-expression-member | ||
73 | user_id: (await UserFactory.create()).id, | ||
74 | }) | ||
75 | .apply('revoked') | ||
76 | .create(); | ||
77 | |||
78 | const response = await client.post('/user/reset').fields({ | ||
79 | token: token.token, | ||
80 | password: 'password', | ||
81 | password_confirmation: 'password', | ||
82 | }); | ||
83 | |||
84 | response.assertTextIncludes('Cannot reset your password'); | ||
85 | }); | ||
86 | |||
87 | test('correctly resets password and deletes token and able to login with new password', async ({ | ||
88 | client, | ||
89 | assert, | ||
90 | }) => { | ||
91 | const userEmail = 'working-reset-password-login@ferdium.org'; | ||
92 | const token = await TokenFactory.merge({ | ||
93 | user_id: | ||
94 | ( | ||
95 | await UserFactory.merge({ | ||
96 | email: userEmail, | ||
97 | }).create() | ||
98 | // prettier-ignore | ||
99 | // eslint-disable-next-line unicorn/no-await-expression-member | ||
100 | ).id, | ||
101 | }).create(); | ||
102 | |||
103 | const response = await client.post('/user/reset').fields({ | ||
104 | token: token.token, | ||
105 | password: 'new_password', | ||
106 | password_confirmation: 'new_password', | ||
107 | }); | ||
108 | |||
109 | // Assert response is as expected | ||
110 | response.assertTextIncludes('Successfully reset your password'); | ||
111 | |||
112 | // Token should be deleted from database | ||
113 | assert.isNull(await Token.query().where('token', token.token).first()); | ||
114 | |||
115 | const loginResponse = await client.post('/user/login').fields({ | ||
116 | mail: userEmail, | ||
117 | password: 'new_password', | ||
118 | }); | ||
119 | |||
120 | loginResponse.assertRedirectsTo('/user/account'); | ||
121 | }); | ||
122 | }); | ||