2021-07-31 15:57:43 +00:00
|
|
|
import { hash256, SecurePassword } from "blitz";
|
2021-07-31 14:33:18 +00:00
|
|
|
|
2021-07-31 15:57:43 +00:00
|
|
|
import db from "../../../db";
|
|
|
|
|
import resetPassword from "./reset-password";
|
2021-07-31 14:33:18 +00:00
|
|
|
|
|
|
|
|
beforeEach(async () => {
|
2021-07-31 15:57:43 +00:00
|
|
|
await db.$reset();
|
|
|
|
|
});
|
2021-07-31 14:33:18 +00:00
|
|
|
|
|
|
|
|
const mockCtx: any = {
|
|
|
|
|
session: {
|
|
|
|
|
$create: jest.fn,
|
|
|
|
|
},
|
2021-07-31 15:57:43 +00:00
|
|
|
};
|
2021-07-31 14:33:18 +00:00
|
|
|
|
2021-07-31 15:57:43 +00:00
|
|
|
describe.skip("resetPassword mutation", () => {
|
2021-07-31 14:33:18 +00:00
|
|
|
it("works correctly", async () => {
|
2021-07-31 15:57:43 +00:00
|
|
|
expect(true).toBe(true);
|
2021-07-31 14:33:18 +00:00
|
|
|
|
|
|
|
|
// Create test user
|
2021-07-31 15:57:43 +00:00
|
|
|
const goodToken = "randomPasswordResetToken";
|
|
|
|
|
const expiredToken = "expiredRandomPasswordResetToken";
|
|
|
|
|
const future = new Date();
|
|
|
|
|
future.setHours(future.getHours() + 4);
|
|
|
|
|
const past = new Date();
|
|
|
|
|
past.setHours(past.getHours() - 4);
|
2021-07-31 14:33:18 +00:00
|
|
|
|
|
|
|
|
const user = await db.user.create({
|
|
|
|
|
data: {
|
|
|
|
|
email: "user@example.com",
|
|
|
|
|
tokens: {
|
|
|
|
|
// Create old token to ensure it's deleted
|
|
|
|
|
create: [
|
|
|
|
|
{
|
|
|
|
|
type: "RESET_PASSWORD",
|
|
|
|
|
hashedToken: hash256(expiredToken),
|
|
|
|
|
expiresAt: past,
|
|
|
|
|
sentTo: "user@example.com",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
type: "RESET_PASSWORD",
|
|
|
|
|
hashedToken: hash256(goodToken),
|
|
|
|
|
expiresAt: future,
|
|
|
|
|
sentTo: "user@example.com",
|
|
|
|
|
},
|
|
|
|
|
],
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
include: { tokens: true },
|
2021-07-31 15:57:43 +00:00
|
|
|
});
|
2021-07-31 14:33:18 +00:00
|
|
|
|
2021-07-31 15:57:43 +00:00
|
|
|
const newPassword = "newPassword";
|
2021-07-31 14:33:18 +00:00
|
|
|
|
|
|
|
|
// Non-existent token
|
|
|
|
|
await expect(
|
2021-08-01 12:04:04 +00:00
|
|
|
resetPassword({ token: "no-token", password: "", passwordConfirmation: "" }, mockCtx),
|
2021-07-31 15:57:43 +00:00
|
|
|
).rejects.toThrowError();
|
2021-07-31 14:33:18 +00:00
|
|
|
|
|
|
|
|
// Expired token
|
|
|
|
|
await expect(
|
|
|
|
|
resetPassword(
|
|
|
|
|
{ token: expiredToken, password: newPassword, passwordConfirmation: newPassword },
|
2021-08-01 12:04:04 +00:00
|
|
|
mockCtx,
|
|
|
|
|
),
|
2021-07-31 15:57:43 +00:00
|
|
|
).rejects.toThrowError();
|
2021-07-31 14:33:18 +00:00
|
|
|
|
|
|
|
|
// Good token
|
|
|
|
|
await resetPassword(
|
|
|
|
|
{ token: goodToken, password: newPassword, passwordConfirmation: newPassword },
|
2021-08-01 12:04:04 +00:00
|
|
|
mockCtx,
|
2021-07-31 15:57:43 +00:00
|
|
|
);
|
2021-07-31 14:33:18 +00:00
|
|
|
|
|
|
|
|
// Delete's the token
|
2021-07-31 15:57:43 +00:00
|
|
|
const numberOfTokens = await db.token.count({ where: { userId: user.id } });
|
|
|
|
|
expect(numberOfTokens).toBe(0);
|
2021-07-31 14:33:18 +00:00
|
|
|
|
|
|
|
|
// Updates user's password
|
2021-07-31 15:57:43 +00:00
|
|
|
const updatedUser = await db.user.findFirst({ where: { id: user.id } });
|
2021-07-31 14:33:18 +00:00
|
|
|
expect(await SecurePassword.verify(updatedUser!.hashedPassword, newPassword)).toBe(
|
2021-08-01 12:04:04 +00:00
|
|
|
SecurePassword.VALID,
|
2021-07-31 15:57:43 +00:00
|
|
|
);
|
|
|
|
|
});
|
|
|
|
|
});
|
