test: add create email session test for server

2024-07-01 04:30:59 +12:00 · 2024-01-17 11:58:40 +00:00 · 2024-01-17 11:58:40 +00:00 · 498ddbf14c
parent 39a351adc1
commit 498ddbf14c
3 changed files with 109 additions and 2 deletions
--- a/app/controllers/api/account.php
+++ b/app/controllers/api/account.php
@ -2851,6 +2851,7 @@ App::post('/v1/account/verification')
        $isPrivilegedUser = Auth::isPrivilegedUser($roles);
        $isAppUser = Auth::isAppUser($roles);
        $verificationSecret = Auth::tokenGenerator(Auth::TOKEN_LENGTH_VERIFICATION);
+        var_dump($verificationSecret);
        $expire = DateTime::addSeconds(new \DateTime(), Auth::TOKEN_EXPIRATION_CONFIRM);

        $verification = new Document([
@ -2996,6 +2997,7 @@ App::put('/v1/account/verification')
    ->inject('dbForProject')
    ->inject('queueForEvents')
    ->action(function (string $userId, string $secret, Response $response, Document $user, Database $dbForProject, Event $queueForEvents) {
+        var_dump($secret);

        $profile = Authorization::skip(fn() => $dbForProject->getDocument('users', $userId));

--- a/src/Appwrite/Auth/Auth.php
+++ b/src/Appwrite/Auth/Auth.php
@ -80,8 +80,8 @@ class Auth
     * Token Lengths.
     */
    public const TOKEN_LENGTH_MAGIC_URL = 64;
-    public const TOKEN_LENGTH_VERIFICATION = 64;
-    public const TOKEN_LENGTH_RECOVERY = 64;
+    public const TOKEN_LENGTH_VERIFICATION = 256;
+    public const TOKEN_LENGTH_RECOVERY = 256;
    public const TOKEN_LENGTH_OAUTH2 = 64;
    public const TOKEN_LENGTH_SESSION = 256;

--- a/tests/e2e/Services/Account/AccountCustomServerTest.php
+++ b/tests/e2e/Services/Account/AccountCustomServerTest.php
@ -11,9 +11,114 @@ use Utopia\Database\Helpers\ID;

 class AccountCustomServerTest extends Scope
 {
+    use AccountBase;
    use ProjectCustom;
    use SideServer;

+    /**
+     * @depends testCreateAccount
+     */
+    public function testCreateAccountSession($data): array
+    {
+        $email = $data['email'] ?? '';
+        $password = $data['password'] ?? '';
+
+        /**
+         * Test for SUCCESS
+         */
+        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $this->getProject()['$id'],
+        ], $this->getHeaders()), [
+            'email' => $email,
+            'password' => $password,
+        ]);
+
+        $this->assertEquals(201, $response['headers']['status-code']);
+        $this->assertNotFalse(\DateTime::createFromFormat('Y-m-d\TH:i:s.uP', $response['body']['expire']));
+
+        $sessionId = $response['body']['$id'];
+        $session = $response['body']['secret'];
+        $userId = $response['body']['userId'];
+
+        $response = $this->client->call(Client::METHOD_GET, '/users/' . $userId, array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $this->getProject()['$id'],
+        ], $this->getHeaders()));
+
+        $this->assertEquals(200, $response['headers']['status-code']);
+        $this->assertArrayHasKey('accessedAt', $response['body']);
+        $this->assertNotEmpty($response['body']['accessedAt']);
+
+        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $this->getProject()['$id'],
+        ], $this->getHeaders()), [
+            'email' => $email,
+            'password' => $password,
+        ]);
+
+        $this->assertEquals(201, $response['headers']['status-code']);
+        $this->assertNotEmpty($response['body']['secret']);
+        $this->assertNotFalse(\DateTime::createFromFormat('Y-m-d\TH:i:s.uP', $response['body']['expire']));
+
+        // already logged in
+        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $this->getProject()['$id'],
+            'x-appwrite-session' => $session,
+        ], $this->getHeaders()), [
+            'email' => $email,
+            'password' => $password,
+        ]);
+
+        $this->assertEquals(201, $response['headers']['status-code']);
+
+        /**
+         * Test for FAILURE
+         */
+        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $this->getProject()['$id'],
+        ], $this->getHeaders()), [
+            'email' => $email . 'x',
+            'password' => $password,
+        ]);
+
+        $this->assertEquals(401, $response['headers']['status-code']);
+
+        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $this->getProject()['$id'],
+        ], $this->getHeaders()), [
+            'email' => $email,
+            'password' => $password . 'x',
+        ]);
+
+        $this->assertEquals(401, $response['headers']['status-code']);
+
+        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $this->getProject()['$id'],
+        ], $this->getHeaders()), [
+            'email' => '',
+            'password' => '',
+        ]);
+
+        $this->assertEquals(400, $response['headers']['status-code']);
+
+        return array_merge($data, [
+            'sessionId' => $sessionId,
+            'session' => $session,
+        ]);
+    }

    public function testCreateAnonymousAccount()
    {