e2e tests for password re-hashing
This commit is contained in:
parent
19eb6c7e50
commit
215c02ac47
2 changed files with 45 additions and 83 deletions
12
composer.lock
generated
12
composer.lock
generated
|
@ -4124,16 +4124,16 @@
|
|||
},
|
||||
{
|
||||
"name": "sebastian/comparator",
|
||||
"version": "4.0.7",
|
||||
"version": "4.0.8",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/sebastianbergmann/comparator.git",
|
||||
"reference": "7fa545db548c90bdebeb9da0583001a252be5578"
|
||||
"reference": "fa0f136dd2334583309d32b62544682ee972b51a"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/7fa545db548c90bdebeb9da0583001a252be5578",
|
||||
"reference": "7fa545db548c90bdebeb9da0583001a252be5578",
|
||||
"url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/fa0f136dd2334583309d32b62544682ee972b51a",
|
||||
"reference": "fa0f136dd2334583309d32b62544682ee972b51a",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
|
@ -4186,7 +4186,7 @@
|
|||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/sebastianbergmann/comparator/issues",
|
||||
"source": "https://github.com/sebastianbergmann/comparator/tree/4.0.7"
|
||||
"source": "https://github.com/sebastianbergmann/comparator/tree/4.0.8"
|
||||
},
|
||||
"funding": [
|
||||
{
|
||||
|
@ -4194,7 +4194,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
],
|
||||
"time": "2022-09-14T06:33:43+00:00"
|
||||
"time": "2022-09-14T12:41:17+00:00"
|
||||
},
|
||||
{
|
||||
"name": "sebastian/complexity",
|
||||
|
|
|
@ -180,89 +180,51 @@ trait UsersBase
|
|||
*/
|
||||
public function testCreateUserSessionHashed(array $data): void
|
||||
{
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'email' => 'md5@appwrite.io',
|
||||
'password' => 'appwrite',
|
||||
]);
|
||||
$userIds = [ 'md5', 'bcrypt', 'argon2', 'sha512', 'scrypt', 'phpass', 'scrypt-modified' ];
|
||||
|
||||
$this->assertEquals($response['headers']['status-code'], 201);
|
||||
$this->assertEquals($response['body']['userId'], 'md5');
|
||||
foreach ($userIds as $userId) {
|
||||
// Ensure sessions can be created with hashed passwords
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'email' => $userId . '@appwrite.io',
|
||||
'password' => 'appwrite',
|
||||
]);
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'email' => 'bcrypt@appwrite.io',
|
||||
'password' => 'appwrite',
|
||||
]);
|
||||
$this->assertEquals(201, $response['headers']['status-code']);
|
||||
$this->assertEquals($userId, $response['body']['userId']);
|
||||
}
|
||||
|
||||
$this->assertEquals($response['headers']['status-code'], 201);
|
||||
$this->assertEquals($response['body']['userId'], 'bcrypt');
|
||||
foreach ($userIds as $userId) {
|
||||
// Ensure all passwords were re-hashed
|
||||
$response = $this->client->call(Client::METHOD_GET, '/users/' . $userId, array_merge([
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
], $this->getHeaders()), []);
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'email' => 'argon2@appwrite.io',
|
||||
'password' => 'appwrite',
|
||||
]);
|
||||
$this->assertEquals(200, $response['headers']['status-code']);
|
||||
$this->assertEquals($userId, $response['body']['$id']);
|
||||
$this->assertEquals($userId . '@appwrite.io', $response['body']['email']);
|
||||
$this->assertEquals('argon2', $response['body']['hash']);
|
||||
$this->assertStringStartsWith('$argon2', $response['body']['password']);
|
||||
}
|
||||
|
||||
$this->assertEquals($response['headers']['status-code'], 201);
|
||||
$this->assertEquals($response['body']['userId'], 'argon2');
|
||||
foreach ($userIds as $userId) {
|
||||
// Ensure sessions can be created after re-hashing of passwords
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'email' => $userId . '@appwrite.io',
|
||||
'password' => 'appwrite',
|
||||
]);
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'email' => 'sha512@appwrite.io',
|
||||
'password' => 'appwrite',
|
||||
]);
|
||||
|
||||
$this->assertEquals($response['headers']['status-code'], 201);
|
||||
$this->assertEquals($response['body']['userId'], 'sha512');
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'email' => 'scrypt@appwrite.io',
|
||||
'password' => 'appwrite',
|
||||
]);
|
||||
|
||||
$this->assertEquals($response['headers']['status-code'], 201);
|
||||
$this->assertEquals($response['body']['userId'], 'scrypt');
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'email' => 'phpass@appwrite.io',
|
||||
'password' => 'appwrite',
|
||||
]);
|
||||
|
||||
$this->assertEquals($response['headers']['status-code'], 201);
|
||||
$this->assertEquals($response['body']['userId'], 'phpass');
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'email' => 'scrypt-modified@appwrite.io',
|
||||
'password' => 'appwrite',
|
||||
]);
|
||||
|
||||
$this->assertEquals($response['headers']['status-code'], 201);
|
||||
$this->assertEquals($response['body']['userId'], 'scrypt-modified');
|
||||
$this->assertEquals(201, $response['headers']['status-code']);
|
||||
$this->assertEquals($userId, $response['body']['userId']);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in a new issue