mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-12-27 19:52:34 +00:00
Add E2E tests for login and registration
Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
parent
c02f845ecb
commit
0fc2b1309a
1 changed files with 139 additions and 0 deletions
139
test/private-api/register-and-login.e2e-spec.ts
Normal file
139
test/private-api/register-and-login.e2e-spec.ts
Normal file
|
@ -0,0 +1,139 @@
|
|||
/*
|
||||
* SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file)
|
||||
*
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
import request from 'supertest';
|
||||
|
||||
import { LoginDto } from '../../src/identity/local/login.dto';
|
||||
import { RegisterDto } from '../../src/identity/local/register.dto';
|
||||
import { TestSetup } from '../test-setup';
|
||||
|
||||
describe('Register and Login', () => {
|
||||
let testSetup: TestSetup;
|
||||
|
||||
const USERNAME = 'testuser';
|
||||
const DISPLAYNAME = 'A Test User';
|
||||
const PASSWORD = 'secure';
|
||||
|
||||
beforeEach(async () => {
|
||||
testSetup = await TestSetup.create();
|
||||
await testSetup.app.init();
|
||||
});
|
||||
|
||||
afterEach(async () => {
|
||||
await testSetup.app.close();
|
||||
});
|
||||
|
||||
test('a user can successfully create a local account and log in', async () => {
|
||||
// register a new user
|
||||
const registrationDto: RegisterDto = {
|
||||
displayname: DISPLAYNAME,
|
||||
password: PASSWORD,
|
||||
username: USERNAME,
|
||||
};
|
||||
await request(testSetup.app.getHttpServer())
|
||||
.post('/api/private/auth/local')
|
||||
.set('Content-Type', 'application/json')
|
||||
.send(JSON.stringify(registrationDto))
|
||||
.expect(201);
|
||||
|
||||
// log in with the new user and create a session
|
||||
const loginDto: LoginDto = {
|
||||
password: PASSWORD,
|
||||
username: USERNAME,
|
||||
};
|
||||
const session = request.agent(testSetup.app.getHttpServer());
|
||||
await session
|
||||
.post('/api/private/auth/local/login')
|
||||
.set('Content-Type', 'application/json')
|
||||
.send(JSON.stringify(loginDto))
|
||||
.expect(201);
|
||||
|
||||
// request user profile
|
||||
const profile = await session.get('/api/private/me').expect(200);
|
||||
expect(profile.body.username).toEqual(USERNAME);
|
||||
expect(profile.body.displayName).toEqual(DISPLAYNAME);
|
||||
|
||||
// logout again
|
||||
await session.delete('/api/private/auth/logout').expect(200);
|
||||
|
||||
// not allowed to request profile now
|
||||
await session.get('/api/private/me').expect(401);
|
||||
});
|
||||
|
||||
test('a username cannot be used twice', async () => {
|
||||
// register a new user
|
||||
const registrationDto: RegisterDto = {
|
||||
displayname: DISPLAYNAME,
|
||||
password: PASSWORD,
|
||||
username: USERNAME,
|
||||
};
|
||||
await request(testSetup.app.getHttpServer())
|
||||
.post('/api/private/auth/local')
|
||||
.set('Content-Type', 'application/json')
|
||||
.send(JSON.stringify(registrationDto))
|
||||
.expect(201);
|
||||
|
||||
// try to use the same username again
|
||||
await request(testSetup.app.getHttpServer())
|
||||
.post('/api/private/auth/local')
|
||||
.set('Content-Type', 'application/json')
|
||||
.send(JSON.stringify(registrationDto))
|
||||
.expect(409);
|
||||
});
|
||||
|
||||
test('a user can create a local account and change the password', async () => {
|
||||
// register a new user
|
||||
const registrationDto: RegisterDto = {
|
||||
displayname: DISPLAYNAME,
|
||||
password: PASSWORD,
|
||||
username: USERNAME,
|
||||
};
|
||||
await request(testSetup.app.getHttpServer())
|
||||
.post('/api/private/auth/local')
|
||||
.set('Content-Type', 'application/json')
|
||||
.send(JSON.stringify(registrationDto))
|
||||
.expect(201);
|
||||
|
||||
// log in with the new user and create a session
|
||||
const loginDto: LoginDto = {
|
||||
password: PASSWORD,
|
||||
username: USERNAME,
|
||||
};
|
||||
let session = request.agent(testSetup.app.getHttpServer());
|
||||
await session
|
||||
.post('/api/private/auth/local/login')
|
||||
.set('Content-Type', 'application/json')
|
||||
.send(JSON.stringify(loginDto))
|
||||
.expect(201);
|
||||
|
||||
// change the password
|
||||
await session
|
||||
.put('/api/private/auth/local')
|
||||
.set('Content-Type', 'application/json')
|
||||
.send(
|
||||
JSON.stringify({
|
||||
newPassword: 'newPassword',
|
||||
}),
|
||||
)
|
||||
.expect(200);
|
||||
|
||||
// get new session
|
||||
session = request.agent(testSetup.app.getHttpServer());
|
||||
|
||||
// not allowed to request profile now
|
||||
await session.get('/api/private/me').expect(401);
|
||||
|
||||
// login with new password
|
||||
loginDto.password = 'newPassword';
|
||||
await session
|
||||
.post('/api/private/auth/local/login')
|
||||
.set('Content-Type', 'application/json')
|
||||
.send(JSON.stringify(loginDto))
|
||||
.expect(201);
|
||||
|
||||
// allowed to request profile now
|
||||
await session.get('/api/private/me').expect(200);
|
||||
});
|
||||
});
|
Loading…
Reference in a new issue