2020-01-12 02:58:02 +13:00
|
|
|
<?php
|
|
|
|
|
2020-01-12 19:35:37 +13:00
|
|
|
namespace Tests\E2E\Services\Account;
|
2020-01-12 02:58:02 +13:00
|
|
|
|
|
|
|
use Tests\E2E\Client;
|
2023-02-06 09:07:46 +13:00
|
|
|
use Utopia\Database\Helpers\ID;
|
2023-03-02 01:00:36 +13:00
|
|
|
use Utopia\Database\Validator\Datetime as DatetimeValidator;
|
2024-01-26 04:44:05 +13:00
|
|
|
use Utopia\Database\Query;
|
2020-01-12 02:58:02 +13:00
|
|
|
|
|
|
|
trait AccountBase
|
|
|
|
{
|
2022-06-03 00:47:07 +12:00
|
|
|
public function testCreateAccount(): array
|
2020-01-12 02:58:02 +13:00
|
|
|
{
|
2022-06-03 00:47:07 +12:00
|
|
|
$email = uniqid() . 'user@localhost.test';
|
2020-01-12 10:53:57 +13:00
|
|
|
$password = 'password';
|
2020-01-12 02:58:02 +13:00
|
|
|
$name = 'User Name';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test for SUCCESS
|
|
|
|
*/
|
2020-01-13 10:28:26 +13:00
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
2020-01-12 02:58:02 +13:00
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
2020-02-17 20:16:11 +13:00
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
2020-01-13 10:28:26 +13:00
|
|
|
]), [
|
2022-08-14 22:33:36 +12:00
|
|
|
'userId' => ID::unique(),
|
2020-01-12 02:58:02 +13:00
|
|
|
'email' => $email,
|
|
|
|
'password' => $password,
|
|
|
|
'name' => $name,
|
|
|
|
]);
|
|
|
|
|
2020-02-17 20:16:11 +13:00
|
|
|
$id = $response['body']['$id'];
|
2020-01-12 02:58:02 +13:00
|
|
|
|
2023-10-27 03:04:47 +13:00
|
|
|
$this->assertEquals(201, $response['headers']['status-code']);
|
2020-01-12 02:58:02 +13:00
|
|
|
$this->assertNotEmpty($response['body']);
|
2020-02-17 20:16:11 +13:00
|
|
|
$this->assertNotEmpty($response['body']['$id']);
|
2023-02-06 09:39:41 +13:00
|
|
|
$this->assertEquals(true, (new DatetimeValidator())->isValid($response['body']['registration']));
|
2020-01-12 02:58:02 +13:00
|
|
|
$this->assertEquals($response['body']['email'], $email);
|
|
|
|
$this->assertEquals($response['body']['name'], $name);
|
2023-05-27 12:15:38 +12:00
|
|
|
$this->assertEquals($response['body']['labels'], []);
|
2023-07-07 12:12:39 +12:00
|
|
|
$this->assertArrayHasKey('accessedAt', $response['body']);
|
|
|
|
$this->assertNotEmpty($response['body']['accessedAt']);
|
2020-01-12 02:58:02 +13:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Test for FAILURE
|
|
|
|
*/
|
2024-01-30 00:19:13 +13:00
|
|
|
// Deny request from blocked IP
|
2020-01-13 10:28:26 +13:00
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
2020-01-12 02:58:02 +13:00
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
2024-02-05 20:55:52 +13:00
|
|
|
'x-appwrite-project' => 'console',
|
2024-01-30 00:19:13 +13:00
|
|
|
'x-forwarded-for' => '103.152.127.250' // Test IP for denied access region
|
2024-01-25 01:54:48 +13:00
|
|
|
]), [
|
|
|
|
'userId' => ID::unique(),
|
|
|
|
'email' => $email,
|
|
|
|
'password' => $password,
|
|
|
|
'name' => $name,
|
|
|
|
]);
|
|
|
|
|
2024-02-02 20:20:27 +13:00
|
|
|
$this->assertEquals(451, $response['headers']['status-code']);
|
2024-01-25 01:54:48 +13:00
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
2020-02-17 20:16:11 +13:00
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
2020-01-13 10:28:26 +13:00
|
|
|
]), [
|
2022-08-14 22:33:36 +12:00
|
|
|
'userId' => ID::unique(),
|
2020-01-12 02:58:02 +13:00
|
|
|
'email' => $email,
|
|
|
|
'password' => $password,
|
|
|
|
'name' => $name,
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals($response['headers']['status-code'], 409);
|
|
|
|
|
2021-02-17 02:49:21 +13:00
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
2022-08-14 22:33:36 +12:00
|
|
|
'userId' => ID::unique(),
|
2021-02-17 02:49:21 +13:00
|
|
|
'email' => '',
|
|
|
|
'password' => '',
|
|
|
|
]);
|
|
|
|
|
2023-10-27 03:04:47 +13:00
|
|
|
$this->assertEquals(400, $response['headers']['status-code']);
|
2021-02-17 02:49:21 +13:00
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
2022-08-14 22:33:36 +12:00
|
|
|
'userId' => ID::unique(),
|
2021-02-17 02:49:21 +13:00
|
|
|
'email' => $email,
|
|
|
|
'password' => '',
|
|
|
|
]);
|
|
|
|
|
2023-10-27 03:04:47 +13:00
|
|
|
$this->assertEquals(400, $response['headers']['status-code']);
|
2021-02-17 02:49:21 +13:00
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
2022-08-14 22:33:36 +12:00
|
|
|
'userId' => ID::unique(),
|
2021-02-17 02:49:21 +13:00
|
|
|
'email' => '',
|
|
|
|
'password' => $password,
|
|
|
|
]);
|
|
|
|
|
2023-10-27 03:04:47 +13:00
|
|
|
$this->assertEquals(400, $response['headers']['status-code']);
|
2021-02-17 02:49:21 +13:00
|
|
|
|
2024-01-02 23:59:35 +13:00
|
|
|
$shortPassword = 'short';
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'userId' => ID::unique(),
|
|
|
|
'email' => 'shortpass@appwrite.io',
|
|
|
|
'password' => $shortPassword
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals($response['headers']['status-code'], 400);
|
|
|
|
|
|
|
|
$longPassword = '';
|
|
|
|
for ($i = 0; $i < 257; $i++) { // 256 is the limit
|
|
|
|
$longPassword .= 'p';
|
|
|
|
}
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'userId' => ID::unique(),
|
|
|
|
'email' => 'longpass@appwrite.io',
|
|
|
|
'password' => $longPassword,
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals($response['headers']['status-code'], 400);
|
|
|
|
|
2020-01-12 02:58:02 +13:00
|
|
|
return [
|
2020-04-22 19:03:34 +12:00
|
|
|
'id' => $id,
|
2020-01-12 02:58:02 +13:00
|
|
|
'email' => $email,
|
|
|
|
'password' => $password,
|
|
|
|
'name' => $name,
|
|
|
|
];
|
|
|
|
}
|
2024-01-20 02:42:26 +13:00
|
|
|
|
|
|
|
public function testEmailOTPSession(): void
|
|
|
|
{
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account/tokens/email', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'userId' => ID::unique(),
|
|
|
|
'email' => 'otpuser@appwrite.io'
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals($response['headers']['status-code'], 201);
|
|
|
|
$this->assertNotEmpty($response['body']['$id']);
|
|
|
|
$this->assertNotEmpty($response['body']['$createdAt']);
|
|
|
|
$this->assertNotEmpty($response['body']['userId']);
|
|
|
|
$this->assertNotEmpty($response['body']['expire']);
|
|
|
|
$this->assertEmpty($response['body']['secret']);
|
2024-02-01 23:41:01 +13:00
|
|
|
$this->assertEmpty($response['body']['phrase']);
|
2024-01-20 02:42:26 +13:00
|
|
|
|
|
|
|
$userId = $response['body']['userId'];
|
|
|
|
|
|
|
|
$lastEmail = $this->getLastEmail();
|
|
|
|
$this->assertEquals('otpuser@appwrite.io', $lastEmail['to'][0]['address']);
|
2024-01-23 03:41:23 +13:00
|
|
|
$this->assertEquals('OTP for ' . $this->getProject()['name'] . ' Login', $lastEmail['subject']);
|
2024-01-20 02:42:26 +13:00
|
|
|
|
|
|
|
// FInd 6 concurrent digits in email text - OTP
|
|
|
|
preg_match_all("/\b\d{6}\b/", $lastEmail['text'], $matches);
|
|
|
|
$code = ($matches[0] ?? [])[0] ?? '';
|
|
|
|
|
|
|
|
$this->assertNotEmpty($code);
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/token', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'userId' => $userId,
|
|
|
|
'secret' => $code
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals(201, $response['headers']['status-code']);
|
|
|
|
$this->assertEquals($userId, $response['body']['userId']);
|
|
|
|
$this->assertNotEmpty($response['body']['$id']);
|
|
|
|
$this->assertNotEmpty($response['body']['expire']);
|
|
|
|
$this->assertEmpty($response['body']['secret']);
|
|
|
|
|
|
|
|
$session = $response['cookies']['a_session_' . $this->getProject()['$id']];
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_GET, '/account', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
|
|
|
|
]));
|
|
|
|
|
|
|
|
$this->assertEquals(200, $response['headers']['status-code']);
|
|
|
|
$this->assertEquals($userId, $response['body']['$id']);
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/token', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'userId' => $userId,
|
|
|
|
'secret' => $code
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals(401, $response['headers']['status-code']);
|
|
|
|
$this->assertEquals('user_invalid_token', $response['body']['type']);
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account/tokens/email', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'userId' => ID::unique(),
|
|
|
|
'email' => 'otpuser@appwrite.io',
|
2024-02-01 23:41:01 +13:00
|
|
|
'phrase' => true
|
2024-01-20 02:42:26 +13:00
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals($response['headers']['status-code'], 201);
|
2024-02-01 23:41:01 +13:00
|
|
|
$this->assertNotEmpty($response['body']['phrase']);
|
2024-01-20 02:42:26 +13:00
|
|
|
$this->assertEmpty($response['body']['secret']);
|
|
|
|
$this->assertEquals($userId, $response['body']['userId']);
|
|
|
|
|
2024-02-02 03:13:30 +13:00
|
|
|
$phrase = $response['body']['phrase'];
|
2024-01-20 02:42:26 +13:00
|
|
|
|
|
|
|
$lastEmail = $this->getLastEmail();
|
|
|
|
$this->assertEquals('otpuser@appwrite.io', $lastEmail['to'][0]['address']);
|
2024-01-23 03:46:53 +13:00
|
|
|
$this->assertEquals('OTP for ' . $this->getProject()['name'] . ' Login', $lastEmail['subject']);
|
2024-01-20 02:42:26 +13:00
|
|
|
$this->assertStringContainsStringIgnoringCase('security phrase', $lastEmail['text']);
|
2024-02-02 03:13:30 +13:00
|
|
|
$this->assertStringContainsStringIgnoringCase($phrase, $lastEmail['text']);
|
2024-01-20 02:42:26 +13:00
|
|
|
|
2024-01-20 03:42:06 +13:00
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account/tokens/email', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'userId' => ID::unique(),
|
|
|
|
'email' => 'wrongemail'
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals(400, $response['headers']['status-code']);
|
|
|
|
$this->assertEquals('general_argument_invalid', $response['body']['type']);
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account/tokens/email', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'userId' => 'wrongId$',
|
|
|
|
'email' => 'email@appwrite.io'
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals(400, $response['headers']['status-code']);
|
|
|
|
$this->assertEquals('general_argument_invalid', $response['body']['type']);
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account/tokens/email', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'userId' => ID::unique(),
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals(400, $response['headers']['status-code']);
|
|
|
|
$this->assertEquals('general_argument_invalid', $response['body']['type']);
|
2024-01-20 02:42:26 +13:00
|
|
|
}
|
2024-01-10 00:58:36 +13:00
|
|
|
|
|
|
|
public function testDeleteAccount(): void
|
|
|
|
{
|
|
|
|
$email = uniqid() . 'user@localhost.test';
|
|
|
|
$password = 'password';
|
|
|
|
$name = 'User Name';
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'userId' => ID::unique(),
|
|
|
|
'email' => $email,
|
|
|
|
'password' => $password,
|
|
|
|
'name' => $name,
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals($response['headers']['status-code'], 201);
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
]), [
|
|
|
|
'email' => $email,
|
|
|
|
'password' => $password,
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->assertEquals($response['headers']['status-code'], 201);
|
|
|
|
|
|
|
|
$session = $response['cookies']['a_session_' . $this->getProject()['$id']];
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_DELETE, '/account', array_merge([
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
|
|
|
|
]));
|
|
|
|
|
|
|
|
$this->assertEquals($response['headers']['status-code'], 204);
|
|
|
|
}
|
2022-06-03 00:47:07 +12:00
|
|
|
}
|