From 17980d4bcc57f2aaa444cdb64583b5fbc7d45381 Mon Sep 17 00:00:00 2001 From: jvcalderon Date: Mon, 31 Jul 2023 16:09:45 +0200 Subject: [PATCH] Merge account-portal-auth-api-testing --- packages/backend-core/src/constants/misc.ts | 2 + qa-core/src/account-api/api/apis/AuthAPI.ts | 44 ++++++++++++++++++ .../accounts/accounts.cloud.internal.spec.ts | 5 +- .../tests/accounts/accounts.cloud.spec.ts | 5 +- .../account-api/tests/auth/auth.cloud.spec.ts | 46 +++++++++++++++++++ yarn.lock | 20 ++------ 6 files changed, 104 insertions(+), 18 deletions(-) create mode 100644 qa-core/src/account-api/tests/auth/auth.cloud.spec.ts diff --git a/packages/backend-core/src/constants/misc.ts b/packages/backend-core/src/constants/misc.ts index 0c68798164..8ef34196ed 100644 --- a/packages/backend-core/src/constants/misc.ts +++ b/packages/backend-core/src/constants/misc.ts @@ -22,6 +22,8 @@ export enum Header { TENANT_ID = "x-budibase-tenant-id", VERIFICATION_CODE = "x-budibase-verification-code", RETURN_VERIFICATION_CODE = "x-budibase-return-verification-code", + RESET_PASSWORD_CODE = "x-budibase-reset-password-code", + RETURN_RESET_PASSWORD_CODE = "x-budibase-return-reset-password-code", TOKEN = "x-budibase-token", CSRF_TOKEN = "x-csrf-token", CORRELATION_ID = "x-budibase-correlation-id", diff --git a/qa-core/src/account-api/api/apis/AuthAPI.ts b/qa-core/src/account-api/api/apis/AuthAPI.ts index 50345c891b..ba5a73f586 100644 --- a/qa-core/src/account-api/api/apis/AuthAPI.ts +++ b/qa-core/src/account-api/api/apis/AuthAPI.ts @@ -2,6 +2,7 @@ import { Response } from "node-fetch" import AccountInternalAPIClient from "../AccountInternalAPIClient" import { APIRequestOpts } from "../../../types" import BaseAPI from "./BaseAPI" +import { Header } from "@budibase/backend-core" export default class AuthAPI extends BaseAPI { client: AccountInternalAPIClient @@ -27,4 +28,47 @@ export default class AuthAPI extends BaseAPI { return [res, cookie] }, opts) } + + async logout(opts: APIRequestOpts = { status: 200 }) { + return this.doRequest(() => { + return this.client.post(`/api/auth/logout`) + }, opts) + } + + async resetPassword( + email: string, + opts: APIRequestOpts = { status: 200 } + ): Promise<[Response, string]> { + return this.doRequest(async () => { + const [response] = await this.client.post(`/api/auth/reset`, { + body: { email }, + headers: { + [Header.RETURN_RESET_PASSWORD_CODE]: "1", + }, + }) + const code = response.headers.get(Header.RESET_PASSWORD_CODE) + return [response, code] + }, opts) + } + + async resetPasswordUpdate( + resetCode: string, + password: string, + opts: APIRequestOpts = { status: 200 } + ) { + return this.doRequest(() => { + return this.client.post(`/api/auth/reset/update`, { + body: { + resetCode: resetCode, + password: password, + }, + }) + }, opts) + } + + async self(opts: APIRequestOpts = { status: 200 }) { + return this.doRequest(() => { + return this.client.get(`/api/auth/self`) + }, opts) + } } diff --git a/qa-core/src/account-api/tests/accounts/accounts.cloud.internal.spec.ts b/qa-core/src/account-api/tests/accounts/accounts.cloud.internal.spec.ts index 6c1d7eacac..56f9110322 100644 --- a/qa-core/src/account-api/tests/accounts/accounts.cloud.internal.spec.ts +++ b/qa-core/src/account-api/tests/accounts/accounts.cloud.internal.spec.ts @@ -1,6 +1,7 @@ import TestConfiguration from "../../config/TestConfiguration" import * as fixtures from "../../fixtures" import { generator } from "../../../shared" +import { Hosting } from "@budibase/types" describe("Account Internal Operations", () => { const config = new TestConfiguration() @@ -20,7 +21,9 @@ describe("Account Internal Operations", () => { // Create new account const [_, account] = await config.api.accounts.create({ - ...fixtures.accounts.generateAccount(), + ...fixtures.accounts.generateAccount({ + hosting: Hosting.CLOUD, + }), }) // New account can be deleted diff --git a/qa-core/src/account-api/tests/accounts/accounts.cloud.spec.ts b/qa-core/src/account-api/tests/accounts/accounts.cloud.spec.ts index e3a4d4eacf..9455bf4b19 100644 --- a/qa-core/src/account-api/tests/accounts/accounts.cloud.spec.ts +++ b/qa-core/src/account-api/tests/accounts/accounts.cloud.spec.ts @@ -1,6 +1,7 @@ import TestConfiguration from "../../config/TestConfiguration" import * as fixtures from "../../fixtures" import { generator } from "../../../shared" +import { Hosting } from "@budibase/types" describe("Accounts", () => { const config = new TestConfiguration() @@ -16,7 +17,9 @@ describe("Accounts", () => { it("performs signup and deletion flow", async () => { await config.doInNewState(async () => { // Create account - const createAccountRequest = fixtures.accounts.generateAccount() + const createAccountRequest = fixtures.accounts.generateAccount({ + hosting: Hosting.CLOUD, + }) const email = createAccountRequest.email const tenantId = createAccountRequest.tenantId diff --git a/qa-core/src/account-api/tests/auth/auth.cloud.spec.ts b/qa-core/src/account-api/tests/auth/auth.cloud.spec.ts new file mode 100644 index 0000000000..3a5e291063 --- /dev/null +++ b/qa-core/src/account-api/tests/auth/auth.cloud.spec.ts @@ -0,0 +1,46 @@ +import TestConfiguration from "../../config/TestConfiguration" +import * as fixtures from "../../fixtures" +import { generator } from "../../../shared" +import { Hosting } from "@budibase/types" + +describe("Accounts", () => { + const config = new TestConfiguration() + + beforeAll(async () => { + await config.beforeAll() + }) + + afterAll(async () => { + await config.afterAll() + }) + + it("performs password reset flow", async () => { + // Create account + const createAccountRequest = fixtures.accounts.generateAccount({ + hosting: Hosting.CLOUD, + }) + await config.api.accounts.create(createAccountRequest, { autoVerify: true }) + + // Request password reset to get code + const [_, code] = await config.api.auth.resetPassword( + createAccountRequest.email + ) + + // Change password using code + const password = generator.string() + await config.api.auth.resetPasswordUpdate(code, password) + + // Login using the new password + await config.api.auth.login(createAccountRequest.email, password) + + // Logout of account + await config.api.auth.logout() + + // Cannot log in using old password + await config.api.auth.login( + createAccountRequest.email, + createAccountRequest.password, + { status: 403 } + ) + }) +}) diff --git a/yarn.lock b/yarn.lock index d1f22e7699..ef3e9acbc4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -15494,10 +15494,10 @@ jest-snapshot@^29.6.2: pretty-format "^29.6.2" semver "^7.5.3" -jest-util@^29.0.0: - version "29.6.1" - resolved "https://registry.yarnpkg.com/jest-util/-/jest-util-29.6.1.tgz#c9e29a87a6edbf1e39e6dee2b4689b8a146679cb" - integrity sha512-NRFCcjc+/uO3ijUVyNOQJluf8PtGCe/W6cix36+M3cTFgiYqFOOW5MgN4JOOcvbUhcKTYVd1CvHz/LWi8d16Mg== +jest-util@^29.0.0, jest-util@^29.6.2: + version "29.6.2" + resolved "https://registry.yarnpkg.com/jest-util/-/jest-util-29.6.2.tgz#8a052df8fff2eebe446769fd88814521a517664d" + integrity sha512-3eX1qb6L88lJNCFlEADKOkjpXJQyZRiavX1INZ4tRnrBVr2COd3RgcTLyUiEXMNBlDU/cgYq6taUS0fExrWW4w== dependencies: "@jest/types" "^29.6.1" "@types/node" "*" @@ -15518,18 +15518,6 @@ jest-util@^29.4.3: graceful-fs "^4.2.9" picomatch "^2.2.3" -jest-util@^29.6.2: - version "29.6.2" - resolved "https://registry.yarnpkg.com/jest-util/-/jest-util-29.6.2.tgz#8a052df8fff2eebe446769fd88814521a517664d" - integrity sha512-3eX1qb6L88lJNCFlEADKOkjpXJQyZRiavX1INZ4tRnrBVr2COd3RgcTLyUiEXMNBlDU/cgYq6taUS0fExrWW4w== - dependencies: - "@jest/types" "^29.6.1" - "@types/node" "*" - chalk "^4.0.0" - ci-info "^3.2.0" - graceful-fs "^4.2.9" - picomatch "^2.2.3" - jest-validate@^29.6.2: version "29.6.2" resolved "https://registry.yarnpkg.com/jest-validate/-/jest-validate-29.6.2.tgz#25d972af35b2415b83b1373baf1a47bb266c1082"