beenull/tellform
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

added tests to cover reset password routes

Browse source
This commit is contained in:
David Baldwynn 2017-10-29 15:47:01 -07:00
parent 3dbfe2f88d
commit 9fffdf5328
3 changed files with 235 additions and 72 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
app/controllers/users/users.password.server.controller.js
View file

@ -84,7 +84,6 @@ exports.forgot = function(req, res) {
const fn = pug.compileFile(__dirname + "/../../views/templates/reset-password-email.server.view.pug");
res.locals['url'] = 'http://' + req.headers.host + '/auth/reset/' + token;
console.log(res.locals);
var renderedHtml = fn(res.locals);
done(null, renderedHtml, user);
},
@ -142,9 +141,9 @@ exports.validateResetToken = function(req, res) {
});
}
if (!user) {
return res.redirect('/#!/password/reset/invalid');
return res.redirect(400, '/#!/password/reset/invalid');
}
res.redirect('/#!/password/reset/' + req.params.token);
});
};
@ -187,7 +186,7 @@ exports.reset = function(req, res, next) {
done(null, savedUser);
});
} else {
done('Password reset token is invalid or has expired.', null);
done('invalid_reset_token', null);
}
});
},
@ -211,12 +210,18 @@ exports.reset = function(req, res, next) {
}
], function(err) {
if (err) {
res.status(500).send({
if(err === 'invalid_reset_token'){
return res.status(400).send({
message: 'Password reset token is invalid or has expired.'
});
}
return res.status(500).send({
message: err.message || err
});
}
return res.json({
res.json({
message: 'Successfully changed your password!'
});
});

68
app/tests/form.server.routes.test.js
View file

@ -9,7 +9,8 @@ var should = require('should'),
User = mongoose.model('User'),
Form = mongoose.model('Form'),
Field = mongoose.model('Field'),
FormSubmission = mongoose.model('FormSubmission');
FormSubmission = mongoose.model('FormSubmission'),
async = require('async');
/**
* Globals
@ -191,7 +192,6 @@ describe('Form Routes Unit tests', function() {
done();
});
});
it(' > should be able to create a Form if form_fields are undefined', function(done) {
@ -242,7 +242,6 @@ describe('Form Routes Unit tests', function() {
done();
});
});
});
it(' > should be able to delete a Form if signed in', function(done) {
@ -277,7 +276,6 @@ describe('Form Routes Unit tests', function() {
done();
});
});
});
it('should be able to save new form while logged in', function(done){
@ -310,14 +308,70 @@ describe('Form Routes Unit tests', function() {
});
});
it(' > should be able to get list of users\' forms sorted by date created while logged in', function(done) {
var myForm1 = {
title: 'First Form',
language: 'en',
admin: user.id,
form_fields: [
new Field({'fieldType':'textfield', 'title':'First Name', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'nascar', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'hockey', 'fieldValue': ''})
],
isLive: true
};
var myForm2 = {
title: 'Second Form',
language: 'en',
admin: user.id,
form_fields: [
new Field({'fieldType':'textfield', 'title':'Last Name', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'formula one', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'football', 'fieldValue': ''})
],
isLive: true
};
var FormObj1 = new Form(myForm1);
var FormObj2 = new Form(myForm2);
async.waterfall([
function(callback) {
FormObj1.save(function(err){
callback(err);
});
},
function(callback) {
FormObj2.save(function(err){
callback(err);
});
},
function(callback) {
loginSession.get('/forms')
.expect(200)
.end(function(err, res) {
res.body.length.should.equal(2);
res.body[0].title.should.equal('Second Form');
res.body[1].title.should.equal('First Form');
// Call the assertion callback
callback(err);
});
}
], function (err) {
done(err);
});
});
afterEach('should be able to signout user', function(done){
authenticatedSession.get('/auth/signout')
.expect(200)
.end(function(signoutErr, signoutRes) {
console.log(signoutRes.error.text);
// Handle signout error
if (signoutErr) return done(signoutErr);
if (signoutErr) {
return done(signoutErr);
}
authenticatedSession.destroy();
done();
});

222
app/tests/user.server.routes.test.js
View file

@ -6,20 +6,19 @@ var should = require('should'),
mongoose = require('mongoose'),
User = mongoose.model('User'),
config = require('../../config/config'),
tmpUser = mongoose.model(config.tempUserCollection);
tmpUser = mongoose.model(config.tempUserCollection),
async = require('async');
/**
* Globals
*/
var credentials, _User, activateToken, userSession;
var credentials, _User, userSession;
/**
* Form routes tests
*/
describe('User CRUD tests', function() {
this.timeout(30000);
beforeEach(function() {
before(function() {
// Create user credentials
credentials = {
email: 'test732@test.com',
@ -31,77 +30,182 @@ describe('User CRUD tests', function() {
_User = {
email: credentials.email,
username: credentials.username,
password: credentials.password
password: credentials.password,
firstName: 'John',
lastName: 'Smith'
};
//Initialize Session
userSession = Session(app);
});
it(' > Create, Verify and Activate a User > ', function() {
describe(' > Create, Verify and Activate a User > ', function() {
this.timeout(5000);
it('should be able to create a temporary (non-activated) User', function(done) {
userSession.post('/auth/signup')
.send(_User)
.expect(200)
.end(function(FormSaveErr) {
// Handle error
should.not.exist(FormSaveErr);
tmpUser.findOne({username: _User.username}, function (err, user) {
should.not.exist(err);
it('should be able to create and activate a User', function(done) {
async.waterfall([
function(callback) {
userSession.post('/auth/signup')
.send(_User)
.expect(200)
.end(function(err) {
callback(err)
});
},
function(callback) {
tmpUser.findOne({username: _User.username})
.lean()
.exec(function (err, user) {
should.exist(user);
_User.username.should.equal(user.username);
_User.firstName.should.equal(user.firstName);
_User.lastName.should.equal(user.lastName);
activateToken = user.GENERATED_VERIFYING_URL;
userSession.get('/auth/verify/'+activateToken)
.expect(200)
.end(function(VerifyErr, VerifyRes) {
// Handle error
if (VerifyErr) {
return done(VerifyErr);
}
(VerifyRes.text).should.equal('User successfully verified');
userSession.post('/auth/signin')
.send(credentials)
.expect('Content-Type', /json/)
.expect(200)
.end(function(signinErr, signinRes) {
// Handle signin error
if (signinErr) {
return done(signinErr);
}
var user = signinRes.body;
(user.username).should.equal(credentials.username);
userSession.get('/auth/signout')
.expect(200)
.end(function(signoutErr, signoutRes) {
// Handle signout error
if (signoutErr) {
return done(signoutErr);
}
(signoutRes.text).should.equal('You have successfully logged out.');
done();
});
});
});
callback(err, user.GENERATED_VERIFYING_URL);
});
});
},
function(activateToken, callback) {
userSession.get('/auth/verify/' + activateToken)
.expect(200)
.end(function(err, res) {
(res.text).should.equal('User successfully verified');
callback(err);
});
},
function(callback) {
userSession.post('/auth/signin')
.send(credentials)
.expect('Content-Type', /json/)
.expect(200)
.end(function(err, res) {
(res.body.username).should.equal(credentials.username);
callback(err);
});
},
function(callback) {
userSession.get('/auth/signout')
.expect(200)
.end(function(err, res) {
(res.text).should.equal('You have successfully logged out.');
callback(err);
});
},
function(callback) {
User.findOne({ username: _User.username })
.lean()
.exec(function(err, user){
should.exist(user);
callback(err);
});
}
], function (err) {
done(err);
});
});
it('should be able to reset password of a created User with a valid passwordResetToken', function(done) {
var changedPassword = 'password1234';
var resetPasswordToken;
async.waterfall([
function(callback) {
userSession.post('/auth/forgot')
.send({ username: _User.username })
.expect(200)
.end(function(err) {
callback(err);
});
},
function(callback) {
User.findOne({ username: _User.username })
.lean()
.exec(function(err, user){
if(err){
callback(err);
}
callback(null, user.resetPasswordToken)
});
},
function(resetPasswordToken, callback) {
userSession.get('/auth/reset/' + resetPasswordToken)
.expect(302)
.end(function(err) {
callback(err, resetPasswordToken);
});
},
function(resetPasswordToken, callback) {
userSession.post('/auth/reset/' + resetPasswordToken)
.send({
newPassword: changedPassword,
verifyPassword: changedPassword
})
.expect(200)
.end(function(err, res) {
callback(err, resetPasswordToken);
});
},
function(resetPasswordToken, callback) {
User.findOne({ username: _User.username })
.exec(function(err, user){
should.exist(user);
user.authenticate(changedPassword).should.be.true();
should.not.exist(user.resetPasswordToken);
callback(err);
});
}
], function (err, result) {
done(err);
});
});
it('should be not able to reset password of a created User with a invalid passwordResetToken', function(done) {
var changedPassword = 'password4321';
var resetPasswordToken = 'thisIsNotAValidToken';
async.waterfall([
function(callback) {
userSession.post('/auth/forgot')
.send({ username: credentials.username })
.expect(200)
.end(function(err, res) {
callback(err);
});
},
function(callback) {
userSession.get('/auth/reset/' + resetPasswordToken)
.expect(400)
.end(function(err) {
callback(err);
});
},
function(callback) {
userSession.post('/auth/reset/' + resetPasswordToken)
.send({
newPassword: changedPassword,
verifyPassword: changedPassword
})
.expect(400)
.end(function(err, res) {
callback(err);
});
},
function(callback) {
User.findOne({ username: _User.username })
.exec(function(err, user){
should.exist(user);
user.authenticate(changedPassword).should.be.false();
callback(err);
});
}
], function (err, result) {
done(err);
});
});
});
afterEach(function(done) {
after(function(done) {
User.remove().exec(function () {
tmpUser.remove().exec(function(){
userSession.destroy();