2014-05-15 12:16:20 -04:00
|
|
|
should = require('chai').should()
|
|
|
|
SandboxedModule = require('sandboxed-module')
|
|
|
|
assert = require('assert')
|
|
|
|
path = require('path')
|
|
|
|
sinon = require('sinon')
|
2015-05-26 10:24:09 -04:00
|
|
|
modulePath = path.join __dirname, "../../../../app/js/Features/Security/OneTimeTokenHandler"
|
2014-05-15 12:16:20 -04:00
|
|
|
expect = require("chai").expect
|
|
|
|
|
2015-05-26 10:24:09 -04:00
|
|
|
describe "OneTimeTokenHandler", ->
|
2014-05-15 12:16:20 -04:00
|
|
|
|
|
|
|
beforeEach ->
|
2015-05-26 10:24:09 -04:00
|
|
|
@value = "user id here"
|
2014-05-16 05:52:31 -04:00
|
|
|
@stubbedToken = require("crypto").randomBytes(32)
|
2014-05-15 12:16:20 -04:00
|
|
|
|
|
|
|
@settings =
|
|
|
|
redis:
|
|
|
|
web:{}
|
|
|
|
@redisMulti =
|
|
|
|
set:sinon.stub()
|
2014-05-15 12:20:42 -04:00
|
|
|
get:sinon.stub()
|
|
|
|
del:sinon.stub()
|
2014-05-15 12:16:20 -04:00
|
|
|
expire:sinon.stub()
|
|
|
|
exec:sinon.stub()
|
|
|
|
self = @
|
2015-05-26 10:24:09 -04:00
|
|
|
@OneTimeTokenHandler = SandboxedModule.require modulePath, requires:
|
2017-05-04 10:22:54 -04:00
|
|
|
"../../infrastructure/RedisWrapper" :
|
|
|
|
client: =>
|
2014-05-15 12:16:20 -04:00
|
|
|
auth:->
|
|
|
|
multi: -> return self.redisMulti
|
|
|
|
|
|
|
|
"settings-sharelatex":@settings
|
|
|
|
"logger-sharelatex": log:->
|
2014-05-16 06:01:36 -04:00
|
|
|
"crypto": randomBytes: () => @stubbedToken
|
2014-05-15 12:16:20 -04:00
|
|
|
|
|
|
|
|
|
|
|
describe "getNewToken", ->
|
|
|
|
|
|
|
|
it "should set a new token into redis with a ttl", (done)->
|
|
|
|
@redisMulti.exec.callsArgWith(0)
|
2018-06-19 08:55:34 -04:00
|
|
|
@OneTimeTokenHandler.getNewToken 'password', @value, (err, token) =>
|
2015-05-26 10:24:09 -04:00
|
|
|
@redisMulti.set.calledWith("password_token:#{@stubbedToken.toString("hex")}", @value).should.equal true
|
2014-05-16 06:01:36 -04:00
|
|
|
@redisMulti.expire.calledWith("password_token:#{@stubbedToken.toString("hex")}", 60 * 60).should.equal true
|
2014-05-15 12:16:20 -04:00
|
|
|
done()
|
|
|
|
|
|
|
|
it "should return if there was an error", (done)->
|
|
|
|
@redisMulti.exec.callsArgWith(0, "error")
|
2018-06-19 08:55:34 -04:00
|
|
|
@OneTimeTokenHandler.getNewToken 'password', @value, (err, token)=>
|
2014-05-15 12:16:20 -04:00
|
|
|
err.should.exist
|
|
|
|
done()
|
2014-05-15 12:20:42 -04:00
|
|
|
|
2015-03-19 10:22:48 -04:00
|
|
|
it "should allow the expiry time to be overridden", (done) ->
|
|
|
|
@redisMulti.exec.callsArgWith(0)
|
|
|
|
@ttl = 42
|
2018-06-19 08:55:34 -04:00
|
|
|
@OneTimeTokenHandler.getNewToken 'password', @value, {expiresIn: @ttl}, (err, token) =>
|
2015-03-19 10:22:48 -04:00
|
|
|
@redisMulti.expire.calledWith("password_token:#{@stubbedToken.toString("hex")}", @ttl).should.equal true
|
|
|
|
done()
|
2014-05-15 12:20:42 -04:00
|
|
|
|
2015-05-26 10:24:09 -04:00
|
|
|
describe "getValueFromTokenAndExpire", ->
|
2014-05-15 12:20:42 -04:00
|
|
|
|
|
|
|
it "should get and delete the token", (done)->
|
2015-05-26 10:24:09 -04:00
|
|
|
@redisMulti.exec.callsArgWith(0, null, [@value])
|
2018-06-19 08:55:34 -04:00
|
|
|
@OneTimeTokenHandler.getValueFromTokenAndExpire 'password', @stubbedToken, (err, value)=>
|
2015-05-26 10:24:09 -04:00
|
|
|
value.should.equal @value
|
2014-05-15 12:58:25 -04:00
|
|
|
@redisMulti.get.calledWith("password_token:#{@stubbedToken}").should.equal true
|
|
|
|
@redisMulti.del.calledWith("password_token:#{@stubbedToken}").should.equal true
|
2014-05-15 12:20:42 -04:00
|
|
|
done()
|
|
|
|
|
|
|
|
|