UNPKG

node-local-auth

Version:

Framework agnostic library for secure username/email/password authentication including registration and password management

github.com/emertechie/node-local-auth

emertechie/node-local-auth

145 lines (114 loc) 5.26 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
'use strict'; const chai = require('chai'); const assert = chai.assert; const UserStoreFake = require('./fakes/userStoreFake'); const TokenStoreFake = require('./fakes/tokenStoreFake'); const EmailServiceFake = require('./fakes/emailServiceFake'); const hashAlgoFake = require('./fakes/hashAlgoFake'); const Registration = require('../lib/registration'); const ChangePassword = require('../lib/changePassword'); const _ = require('lodash'); const testUtils = require('./testUtils'); describe('Change Password', () => { let userStoreFake; let verifyEmailTokenStoreFake; let passwordResetTokenStoreFake; let emailServiceFake; let registration; const existingUserEmail = 'foo@example.com'; const existingUserPassword = 'bar'; const ValidNewPassword = 'password'; let sut; let loggedInUserEmail; beforeEach(function*() { userStoreFake = new UserStoreFake(); verifyEmailTokenStoreFake = new TokenStoreFake(); passwordResetTokenStoreFake = new TokenStoreFake(); emailServiceFake = new EmailServiceFake(); sut = createSut(); const user = yield registerUser(existingUserEmail, existingUserPassword); loggedInUserEmail = user.email; }); function createSut(options, services) { const opts = _.merge({ userStore: userStoreFake, verifyEmailTokenStore: verifyEmailTokenStoreFake, passwordResetTokenStore: passwordResetTokenStoreFake, hashAlgo: hashAlgoFake, emailService: emailServiceFake }, services); registration = new Registration( opts.userStore, opts.verifyEmailTokenStore, opts.hashAlgo, opts.emailService, options ); return new ChangePassword( opts.userStore, opts.hashAlgo, opts.emailService, options); } it('ensures user is logged in', function *() { const loggedInUserEmail = null; const err = yield testUtils.assertThrows(function *() { yield sut.changePassword(loggedInUserEmail, existingUserPassword, ValidNewPassword, ValidNewPassword); }); assert.equal(err.message, 'Unauthenticated'); }); it('requires existing password', function *() { const existingPassword = ''; const err = yield testUtils.assertThrows(function *() { yield sut.changePassword(loggedInUserEmail, existingPassword, ValidNewPassword, ValidNewPassword); }); assert.equal(err.message, 'Old password required'); }); it('requires new password', function *() { const newPassword = ''; const err = yield testUtils.assertThrows(function *() { yield sut.changePassword(loggedInUserEmail, existingUserPassword, newPassword, ValidNewPassword); }); assert.equal(err.message, 'New password required'); }); it('requires new password confirmation', function *() { const newConfirmPassword = ''; const err = yield testUtils.assertThrows(function *() { yield sut.changePassword(loggedInUserEmail, existingUserPassword, ValidNewPassword, newConfirmPassword); }); assert.equal(err.message, 'New password confirmation required'); }); it('ensures new password and new password confirmation match', function *() { const newPassword = 'foo'; const newConfirmPassword = 'bar'; const err = yield testUtils.assertThrows(function *() { yield sut.changePassword(loggedInUserEmail, existingUserPassword, newPassword, newConfirmPassword); }); assert.equal(err.message, 'New password and confirm password do not match'); }); it('forbids password change given incorrect existing password', function *() { const incorrectPwd = existingUserPassword + 'X'; const err = yield testUtils.assertThrows(function *() { yield sut.changePassword(loggedInUserEmail, incorrectPwd, ValidNewPassword, ValidNewPassword); }); assert.equal(err.message, 'Incorrect password'); }); it('allows changing password given correct existing password', function *() { assert.lengthOf(userStoreFake.users, 1, '1 user registered'); yield sut.changePassword(loggedInUserEmail, existingUserPassword, 'new-password', 'new-password'); assert.lengthOf(userStoreFake.users, 1, 'Still 1 user registered'); const user = userStoreFake.users[0]; assert.equal(user.hashedPassword, 'hashed:new-password'); }); it('emails user when password changed', function *() { assert.lengthOf(emailServiceFake.calls.sendPasswordSuccessfullyChangedEmail, 0); yield sut.changePassword(loggedInUserEmail, existingUserPassword, 'new-password', 'new-password'); assert.lengthOf(emailServiceFake.calls.sendPasswordSuccessfullyChangedEmail, 1); const args = emailServiceFake.calls.sendPasswordSuccessfullyChangedEmail[0]; const user = args[0]; assert.equal(user.email, existingUserEmail); }); function *registerUser(email, password) { return yield registration.register(email, password); } });