1 files changed, 122 insertions, 0 deletions
diff --git a/tests/functional/dashboard/reset-password.spec.ts b/tests/functional/dashboard/reset-password.spec.ts
new file mode 100644
index 0000000..e488482
--- /dev/null
+++ b/tests/functional/dashboard/reset-password.spec.ts
@@ -0,0 +1,122 @@
+import { test } from '@japa/runner';
+import Token from 'App/Models/Token';
+import UserFactory from 'Database/factories/UserFactory';
+import TokenFactory from 'Database/factories/TokenFactory';
+test.group('Dashboard / Reset password page', () => {
+  test('returns a `Invalid token` message when opening without a token', async ({
+    client,
+  }) => {
+    const response = await client.get('/user/reset');
+    response.assertStatus(200);
+    response.assertTextIncludes('Invalid token');
+  });
+  test('displays the form when a token is provided', async ({ client }) => {
+    const response = await client.get(
+      '/user/reset?token=randomtokenbutitworks',
+    );
+    response.assertStatus(200);
+    response.assertTextIncludes('Reset Your Password');
+  });
+  test('returns `passwords do not match` message when passwords do not match', async ({
+    client,
+  }) => {
+    const response = await client.post('/user/reset').fields({
+      token: 'randomnotworkingtoken',
+      password: 'password',
+      password_confirmation: 'not_matching',
+    });
+    response.assertTextIncludes('Passwords do not match');
+  });
+  test('returns `Cannot reset your password` when token does not exist', async ({
+    client,
+  }) => {
+    const response = await client.post('/user/reset').fields({
+      token: 'randomnotworkingtoken',
+      password: 'password',
+      password_confirmation: 'password',
+    });
+    response.assertTextIncludes('Cannot reset your password');
+  });
+  test('returns `Cannot reset your password` when token is older than 24 hours', async ({
+    client,
+  }) => {
+    const token = await TokenFactory.merge({
+      // eslint-disable-next-line unicorn/no-await-expression-member
+      user_id: (await UserFactory.create()).id,
+    })
+      .apply('old_token')
+      .create();
+    const response = await client.post('/user/reset').fields({
+      token: token.token,
+      password: 'password',
+      password_confirmation: 'password',
+    });
+    response.assertTextIncludes('Cannot reset your password');
+  });
+  test('returns `Cannot reset your password` when token is revoked', async ({
+    client,
+  }) => {
+    const token = await TokenFactory.merge({
+      // eslint-disable-next-line unicorn/no-await-expression-member
+      user_id: (await UserFactory.create()).id,
+    })
+      .apply('revoked')
+      .create();
+    const response = await client.post('/user/reset').fields({
+      token: token.token,
+      password: 'password',
+      password_confirmation: 'password',
+    });
+    response.assertTextIncludes('Cannot reset your password');
+  });
+  test('correctly resets password and deletes token and able to login with new password', async ({
+    client,
+    assert,
+  }) => {
+    const userEmail = 'working-reset-password-login@ferdium.org';
+    const token = await TokenFactory.merge({
+      user_id:
+        (
+          await UserFactory.merge({
+            email: userEmail,
+          }).create()
+        // prettier-ignore
+        // eslint-disable-next-line unicorn/no-await-expression-member
+        ).id,
+    }).create();
+    const response = await client.post('/user/reset').fields({
+      token: token.token,
+      password: 'new_password',
+      password_confirmation: 'new_password',
+    });
+    // Assert response is as expected
+    response.assertTextIncludes('Successfully reset your password');
+    // Token should be deleted from database
+    assert.isNull(await Token.query().where('token', token.token).first());
+    const loginResponse = await client.post('/user/login').fields({
+      mail: userEmail,
+      password: 'new_password',
+    });
+    loginResponse.assertRedirectsTo('/user/account');
+  });
+});

diff --git a/tests/functional/dashboard/reset-password.spec.ts b/tests/functional/dashboard/reset-password.spec.ts new file mode 100644 index 0000000..e488482 --- /dev/null +++ b/tests/functional/dashboard/reset-password.spec.ts
@@ -0,0 +1,122 @@
	1	import { test } from '@japa/runner';
	2	import Token from 'App/Models/Token';
	3	import UserFactory from 'Database/factories/UserFactory';
	4	import TokenFactory from 'Database/factories/TokenFactory';
	5
	6	test.group('Dashboard / Reset password page', () => {
	7	test('returns a `Invalid token` message when opening without a token', async ({
	8	client,
	9	}) => {
	10	const response = await client.get('/user/reset');
	11
	12	response.assertStatus(200);
	13	response.assertTextIncludes('Invalid token');
	14	});
	15
	16	test('displays the form when a token is provided', async ({ client }) => {
	17	const response = await client.get(
	18	'/user/reset?token=randomtokenbutitworks',
	19	);
	20
	21	response.assertStatus(200);
	22	response.assertTextIncludes('Reset Your Password');
	23	});
	24
	25	test('returns `passwords do not match` message when passwords do not match', async ({
	26	client,
	27	}) => {
	28	const response = await client.post('/user/reset').fields({
	29	token: 'randomnotworkingtoken',
	30	password: 'password',
	31	password_confirmation: 'not_matching',
	32	});
	33
	34	response.assertTextIncludes('Passwords do not match');
	35	});
	36
	37	test('returns `Cannot reset your password` when token does not exist', async ({
	38	client,
	39	}) => {
	40	const response = await client.post('/user/reset').fields({
	41	token: 'randomnotworkingtoken',
	42	password: 'password',
	43	password_confirmation: 'password',
	44	});
	45
	46	response.assertTextIncludes('Cannot reset your password');
	47	});
	48
	49	test('returns `Cannot reset your password` when token is older than 24 hours', async ({
	50	client,
	51	}) => {
	52	const token = await TokenFactory.merge({
	53	// eslint-disable-next-line unicorn/no-await-expression-member
	54	user_id: (await UserFactory.create()).id,
	55	})
	56	.apply('old_token')
	57	.create();
	58
	59	const response = await client.post('/user/reset').fields({
	60	token: token.token,
	61	password: 'password',
	62	password_confirmation: 'password',
	63	});
	64
	65	response.assertTextIncludes('Cannot reset your password');
	66	});
	67
	68	test('returns `Cannot reset your password` when token is revoked', async ({
	69	client,
	70	}) => {
	71	const token = await TokenFactory.merge({
	72	// eslint-disable-next-line unicorn/no-await-expression-member
	73	user_id: (await UserFactory.create()).id,
	74	})
	75	.apply('revoked')
	76	.create();
	77
	78	const response = await client.post('/user/reset').fields({
	79	token: token.token,
	80	password: 'password',
	81	password_confirmation: 'password',
	82	});
	83
	84	response.assertTextIncludes('Cannot reset your password');
	85	});
	86
	87	test('correctly resets password and deletes token and able to login with new password', async ({
	88	client,
	89	assert,
	90	}) => {
	91	const userEmail = 'working-reset-password-login@ferdium.org';
	92	const token = await TokenFactory.merge({
	93	user_id:
	94	(
	95	await UserFactory.merge({
	96	email: userEmail,
	97	}).create()
	98	// prettier-ignore
	99	// eslint-disable-next-line unicorn/no-await-expression-member
	100	).id,
	101	}).create();
	102
	103	const response = await client.post('/user/reset').fields({
	104	token: token.token,
	105	password: 'new_password',
	106	password_confirmation: 'new_password',
	107	});
	108
	109	// Assert response is as expected
	110	response.assertTextIncludes('Successfully reset your password');
	111
	112	// Token should be deleted from database
	113	assert.isNull(await Token.query().where('token', token.token).first());
	114
	115	const loginResponse = await client.post('/user/login').fields({
	116	mail: userEmail,
	117	password: 'new_password',
	118	});
	119
	120	loginResponse.assertRedirectsTo('/user/account');
	121	});
	122	});