UNPKG

@budibase/worker

Version:

Budibase background service

github.com/Budibase/budibase

Budibase/budibase

93 lines (69 loc) 3.27 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
import { cache, context, sessions, utils } from "@budibase/backend-core" import { loginUser, resetUpdate } from "../auth" import { generator, structures } from "@budibase/backend-core/tests" import { TestConfiguration } from "../../../tests" describe("auth", () => { const config = new TestConfiguration() afterAll(config.afterAll) describe("resetUpdate", () => { it("providing a valid code will update the password", async () => { await context.doInTenant(structures.tenant.id(), async () => { const user = await config.createUser() const previousPassword = user.password const code = await cache.passwordReset.createCode(user._id!, {}) const newPassword = generator.hash() await resetUpdate(code, newPassword) const persistedUser = await config.getUser(user.email) expect(persistedUser.password).not.toBe(previousPassword) expect( await utils.compare(newPassword, persistedUser.password!) ).toBeTruthy() }) }) it("wrong code will not allow to reset the password", async () => { await context.doInTenant(structures.tenant.id(), async () => { const code = generator.hash() const newPassword = generator.hash() await expect(resetUpdate(code, newPassword)).rejects.toThrow( "Provided information is not valid, cannot reset password - please try again." ) }) }) it("the same code cannot be used twice", async () => { await context.doInTenant(structures.tenant.id(), async () => { const user = await config.createUser() const code = await cache.passwordReset.createCode(user._id!, {}) const newPassword = generator.hash() await resetUpdate(code, newPassword) await expect(resetUpdate(code, newPassword)).rejects.toThrow( "Provided information is not valid, cannot reset password - please try again." ) }) }) it("updating the password will invalidate all the sessions", async () => { await context.doInTenant(structures.tenant.id(), async () => { const user = await config.createUser() await loginUser(user) expect(await sessions.getSessionsForUser(user._id!)).toHaveLength(1) const code = await cache.passwordReset.createCode(user._id!, {}) const newPassword = generator.hash() await resetUpdate(code, newPassword) expect(await sessions.getSessionsForUser(user._id!)).toHaveLength(0) }) }) it("loginUser should return session invalidation count", async () => { await context.doInTenant(structures.tenant.id(), async () => { const user = await config.createUser() const loginResult1 = await loginUser(user) expect(loginResult1.invalidatedSessionCount).toBe(0) const loginResult2 = await loginUser(user) expect(loginResult2.invalidatedSessionCount).toBe(0) const loginResult3 = await loginUser(user) expect(loginResult3.invalidatedSessionCount).toBe(0) const loginResult4 = await loginUser(user) expect(loginResult4.invalidatedSessionCount).toBe(1) expect(await sessions.getSessionsForUser(user._id!)).toHaveLength(3) }) }) }) })