users-verification.ts 5.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186
  1. /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
  2. import * as chai from 'chai'
  3. import 'mocha'
  4. import {
  5. cleanupTests,
  6. flushAndRunServer,
  7. getMyUserInformation,
  8. getUserInformation,
  9. login,
  10. registerUser,
  11. ServerInfo,
  12. updateCustomSubConfig,
  13. updateMyUser,
  14. userLogin,
  15. verifyEmail
  16. } from '../../../../shared/extra-utils'
  17. import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
  18. import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
  19. import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
  20. import { User } from '../../../../shared/models/users'
  21. const expect = chai.expect
  22. describe('Test users account verification', function () {
  23. let server: ServerInfo
  24. let userId: number
  25. let userAccessToken: string
  26. let verificationString: string
  27. let expectedEmailsLength = 0
  28. const user1 = {
  29. username: 'user_1',
  30. password: 'super password'
  31. }
  32. const user2 = {
  33. username: 'user_2',
  34. password: 'super password'
  35. }
  36. const emails: object[] = []
  37. before(async function () {
  38. this.timeout(30000)
  39. const port = await MockSmtpServer.Instance.collectEmails(emails)
  40. const overrideConfig = {
  41. smtp: {
  42. hostname: 'localhost',
  43. port
  44. }
  45. }
  46. server = await flushAndRunServer(1, overrideConfig)
  47. await setAccessTokensToServers([ server ])
  48. })
  49. it('Should register user and send verification email if verification required', async function () {
  50. this.timeout(30000)
  51. await updateCustomSubConfig(server.url, server.accessToken, {
  52. signup: {
  53. enabled: true,
  54. requiresEmailVerification: true,
  55. limit: 10
  56. }
  57. })
  58. await registerUser(server.url, user1.username, user1.password)
  59. await waitJobs(server)
  60. expectedEmailsLength++
  61. expect(emails).to.have.lengthOf(expectedEmailsLength)
  62. const email = emails[expectedEmailsLength - 1]
  63. const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
  64. expect(verificationStringMatches).not.to.be.null
  65. verificationString = verificationStringMatches[1]
  66. expect(verificationString).to.have.length.above(2)
  67. const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
  68. expect(userIdMatches).not.to.be.null
  69. userId = parseInt(userIdMatches[1], 10)
  70. const resUserInfo = await getUserInformation(server.url, server.accessToken, userId)
  71. expect(resUserInfo.body.emailVerified).to.be.false
  72. })
  73. it('Should not allow login for user with unverified email', async function () {
  74. const resLogin = await login(server.url, server.client, user1, 400)
  75. expect(resLogin.body.error).to.contain('User email is not verified.')
  76. })
  77. it('Should verify the user via email and allow login', async function () {
  78. await verifyEmail(server.url, userId, verificationString)
  79. const res = await login(server.url, server.client, user1)
  80. userAccessToken = res.body.access_token
  81. const resUserVerified = await getUserInformation(server.url, server.accessToken, userId)
  82. expect(resUserVerified.body.emailVerified).to.be.true
  83. })
  84. it('Should be able to change the user email', async function () {
  85. this.timeout(10000)
  86. let updateVerificationString: string
  87. {
  88. await updateMyUser({
  89. url: server.url,
  90. accessToken: userAccessToken,
  91. email: 'updated@example.com',
  92. currentPassword: user1.password
  93. })
  94. await waitJobs(server)
  95. expectedEmailsLength++
  96. expect(emails).to.have.lengthOf(expectedEmailsLength)
  97. const email = emails[expectedEmailsLength - 1]
  98. const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
  99. updateVerificationString = verificationStringMatches[1]
  100. }
  101. {
  102. const res = await getMyUserInformation(server.url, userAccessToken)
  103. const me: User = res.body
  104. expect(me.email).to.equal('user_1@example.com')
  105. expect(me.pendingEmail).to.equal('updated@example.com')
  106. }
  107. {
  108. await verifyEmail(server.url, userId, updateVerificationString, true)
  109. const res = await getMyUserInformation(server.url, userAccessToken)
  110. const me: User = res.body
  111. expect(me.email).to.equal('updated@example.com')
  112. expect(me.pendingEmail).to.be.null
  113. }
  114. })
  115. it('Should register user not requiring email verification if setting not enabled', async function () {
  116. this.timeout(5000)
  117. await updateCustomSubConfig(server.url, server.accessToken, {
  118. signup: {
  119. enabled: true,
  120. requiresEmailVerification: false,
  121. limit: 10
  122. }
  123. })
  124. await registerUser(server.url, user2.username, user2.password)
  125. await waitJobs(server)
  126. expect(emails).to.have.lengthOf(expectedEmailsLength)
  127. const accessToken = await userLogin(server, user2)
  128. const resMyUserInfo = await getMyUserInformation(server.url, accessToken)
  129. expect(resMyUserInfo.body.emailVerified).to.be.null
  130. })
  131. it('Should allow login for user with unverified email when setting later enabled', async function () {
  132. await updateCustomSubConfig(server.url, server.accessToken, {
  133. signup: {
  134. enabled: true,
  135. requiresEmailVerification: true,
  136. limit: 10
  137. }
  138. })
  139. await userLogin(server, user2)
  140. })
  141. after(async function () {
  142. MockSmtpServer.Instance.kill()
  143. await cleanupTests([ server ])
  144. })
  145. })