From 08d15f9d0336c9a0ccccb649b37ed00f000b38d6 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Wed, 10 Mar 2021 12:20:07 +0000
Subject: [PATCH] Adding auth tests.

---
 packages/server/src/api/controllers/auth.js   |   2 +
 .../server/src/api/routes/tests/auth.spec.js  | 106 ++++++++++++++++++
 .../tests/utilities/TestConfiguration.js      |  20 +++-
 3 files changed, 127 insertions(+), 1 deletion(-)
 create mode 100644 packages/server/src/api/routes/tests/auth.spec.js

diff --git a/packages/server/src/api/controllers/auth.js b/packages/server/src/api/controllers/auth.js
index 1cc6db3185..e5c0f9a029 100644
--- a/packages/server/src/api/controllers/auth.js
+++ b/packages/server/src/api/controllers/auth.js
@@ -46,6 +46,7 @@ exports.authenticate = async ctx => {
       version: app.version,
     }
     // if in cloud add the user api key, unless self hosted
+    /* istanbul ignore next */
     if (env.CLOUD && !env.SELF_HOSTED) {
       const { apiKey } = await getAPIKey(ctx.user.appId)
       payload.apiKey = apiKey
@@ -70,6 +71,7 @@ exports.authenticate = async ctx => {
 
 exports.fetchSelf = async ctx => {
   const { userId, appId } = ctx.user
+  /* istanbul ignore next */
   if (!userId || !appId) {
     ctx.body = {}
     return
diff --git a/packages/server/src/api/routes/tests/auth.spec.js b/packages/server/src/api/routes/tests/auth.spec.js
new file mode 100644
index 0000000000..0eb0b6d851
--- /dev/null
+++ b/packages/server/src/api/routes/tests/auth.spec.js
@@ -0,0 +1,106 @@
+const { checkBuilderEndpoint } = require("./utilities/TestFunctions")
+const setup = require("./utilities")
+
+describe("/authenticate", () => {
+  let request = setup.getRequest()
+  let config = setup.getConfig()
+
+  afterAll(setup.afterAll)
+
+  beforeEach(async () => {
+    await config.init()
+  })
+
+  describe("authenticate", () => {
+    it("should be able to create a layout", async () => {
+      await config.createUser("test@test.com", "p4ssw0rd")
+      const res = await request
+        .post(`/api/authenticate`)
+        .send({
+          email: "test@test.com",
+          password: "p4ssw0rd",
+        })
+        .set(config.publicHeaders())
+        .expect("Content-Type", /json/)
+        .expect(200)
+      expect(res.body.token).toBeDefined()
+      expect(res.body.email).toEqual("test@test.com")
+      expect(res.body.password).toBeUndefined()
+    })
+
+    it("should error if no app specified", async () => {
+      await request
+        .post(`/api/authenticate`)
+        .expect(400)
+    })
+
+    it("should error if no email specified", async () => {
+      await request
+        .post(`/api/authenticate`)
+        .send({
+          password: "test",
+        })
+        .set(config.publicHeaders())
+        .expect(400)
+    })
+
+    it("should error if no password specified", async () => {
+      await request
+        .post(`/api/authenticate`)
+        .send({
+          email: "test",
+        })
+        .set(config.publicHeaders())
+        .expect(400)
+    })
+
+    it("should error if invalid user specified", async () => {
+      await request
+        .post(`/api/authenticate`)
+        .send({
+          email: "test",
+          password: "test",
+        })
+        .set(config.publicHeaders())
+        .expect(401)
+    })
+
+    it("should throw same error if wrong password specified", async () => {
+      await config.createUser("test@test.com", "password")
+      await request
+        .post(`/api/authenticate`)
+        .send({
+          email: "test@test.com",
+          password: "test",
+        })
+        .set(config.publicHeaders())
+        .expect(401)
+    })
+
+    it("should throw an error for inactive users", async () => {
+      await config.createUser("test@test.com", "password")
+      await config.makeUserInactive("test@test.com")
+      await request
+        .post(`/api/authenticate`)
+        .send({
+          email: "test@test.com",
+          password: "password",
+        })
+        .set(config.publicHeaders())
+        .expect(401)
+    })
+  })
+
+  describe("fetch self", () => {
+    it("should be able to delete the layout", async () => {
+      await config.createUser("test@test.com", "p4ssw0rd")
+      const headers = await config.login("test@test.com", "p4ssw0rd")
+      const res = await request
+        .get(`/api/self`)
+        .set(headers)
+        .expect("Content-Type", /json/)
+        .expect(200)
+      expect(res.body.email).toEqual("test@test.com")
+    })
+  })
+})
\ No newline at end of file
diff --git a/packages/server/src/api/routes/tests/utilities/TestConfiguration.js b/packages/server/src/api/routes/tests/utilities/TestConfiguration.js
index b72f4f4e5f..31989894ee 100644
--- a/packages/server/src/api/routes/tests/utilities/TestConfiguration.js
+++ b/packages/server/src/api/routes/tests/utilities/TestConfiguration.js
@@ -241,7 +241,7 @@ class TestConfiguration {
   async createUser(
     email = EMAIL,
     password = PASSWORD,
-    roleId = BUILTIN_ROLE_IDS.POWER
+    roleId = BUILTIN_ROLE_IDS.POWER,
   ) {
     return this._req(
       {
@@ -254,6 +254,24 @@ class TestConfiguration {
     )
   }
 
+  async makeUserInactive(email) {
+    const user = await this._req(
+      null,
+      {
+        email,
+      },
+      controllers.user.find
+    )
+    return this._req(
+      {
+        ...user,
+        status: "inactive",
+      },
+      null,
+      controllers.user.update
+    )
+  }
+
   async login(email, password) {
     if (!email || !password) {
       await this.createUser()