beenull/tellform
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

added tests to cover reset password routes

Browse source
This commit is contained in:
David Baldwynn 2017-10-29 15:47:01 -07:00
parent 3dbfe2f88d
commit 9fffdf5328
3 changed files with 235 additions and 72 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
app/controllers/users/users.password.server.controller.js
View file

@ -84,7 +84,6 @@ exports.forgot = function(req, res) {
const fn = pug.compileFile(__dirname + "/../../views/templates/reset-password-email.server.view.pug"); const fn = pug.compileFile(__dirname + "/../../views/templates/reset-password-email.server.view.pug");
res.locals['url'] = 'http://' + req.headers.host + '/auth/reset/' + token; res.locals['url'] = 'http://' + req.headers.host + '/auth/reset/' + token;
console.log(res.locals);
var renderedHtml = fn(res.locals); var renderedHtml = fn(res.locals);
done(null, renderedHtml, user); done(null, renderedHtml, user);
}, },
@ -142,9 +141,9 @@ exports.validateResetToken = function(req, res) {
}); });
} }
if (!user) { if (!user) {
return res.redirect('/#!/password/reset/invalid'); return res.redirect(400, '/#!/password/reset/invalid');
} }
res.redirect('/#!/password/reset/' + req.params.token); res.redirect('/#!/password/reset/' + req.params.token);
}); });
}; };
@ -187,7 +186,7 @@ exports.reset = function(req, res, next) {
done(null, savedUser); done(null, savedUser);
}); });
} else { } else {
done('Password reset token is invalid or has expired.', null); done('invalid_reset_token', null);
} }
}); });
}, },
@ -211,12 +210,18 @@ exports.reset = function(req, res, next) {
} }
], function(err) { ], function(err) {
if (err) { if (err) {
res.status(500).send({ if(err === 'invalid_reset_token'){
return res.status(400).send({
message: 'Password reset token is invalid or has expired.'
});
}
return res.status(500).send({
message: err.message || err message: err.message || err
}); });
} }
return res.json({ res.json({
message: 'Successfully changed your password!' message: 'Successfully changed your password!'
}); });
}); });

68
app/tests/form.server.routes.test.js
View file

@ -9,7 +9,8 @@ var should = require('should'),
User = mongoose.model('User'), User = mongoose.model('User'),
Form = mongoose.model('Form'), Form = mongoose.model('Form'),
Field = mongoose.model('Field'), Field = mongoose.model('Field'),
FormSubmission = mongoose.model('FormSubmission'); FormSubmission = mongoose.model('FormSubmission'),
async = require('async');
/** /**
* Globals * Globals
@ -191,7 +192,6 @@ describe('Form Routes Unit tests', function() {
done(); done();
}); });
}); });
it(' > should be able to create a Form if form_fields are undefined', function(done) { it(' > should be able to create a Form if form_fields are undefined', function(done) {
@ -242,7 +242,6 @@ describe('Form Routes Unit tests', function() {
done(); done();
}); });
}); });
}); });
it(' > should be able to delete a Form if signed in', function(done) { it(' > should be able to delete a Form if signed in', function(done) {
@ -277,7 +276,6 @@ describe('Form Routes Unit tests', function() {
done(); done();
}); });
}); });
}); });
it('should be able to save new form while logged in', function(done){ it('should be able to save new form while logged in', function(done){
@ -310,14 +308,70 @@ describe('Form Routes Unit tests', function() {
}); });
}); });
it(' > should be able to get list of users\' forms sorted by date created while logged in', function(done) {
var myForm1 = {
title: 'First Form',
language: 'en',
admin: user.id,
form_fields: [
new Field({'fieldType':'textfield', 'title':'First Name', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'nascar', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'hockey', 'fieldValue': ''})
],
isLive: true
};
var myForm2 = {
title: 'Second Form',
language: 'en',
admin: user.id,
form_fields: [
new Field({'fieldType':'textfield', 'title':'Last Name', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'formula one', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'football', 'fieldValue': ''})
],
isLive: true
};
var FormObj1 = new Form(myForm1);
var FormObj2 = new Form(myForm2);
async.waterfall([
function(callback) {
FormObj1.save(function(err){
callback(err);
});
},
function(callback) {
FormObj2.save(function(err){
callback(err);
});
},
function(callback) {
loginSession.get('/forms')
.expect(200)
.end(function(err, res) {
res.body.length.should.equal(2);
res.body[0].title.should.equal('Second Form');
res.body[1].title.should.equal('First Form');
// Call the assertion callback
callback(err);
});
}
], function (err) {
done(err);
});
});
afterEach('should be able to signout user', function(done){ afterEach('should be able to signout user', function(done){
authenticatedSession.get('/auth/signout') authenticatedSession.get('/auth/signout')
.expect(200) .expect(200)
.end(function(signoutErr, signoutRes) { .end(function(signoutErr, signoutRes) {
console.log(signoutRes.error.text);
// Handle signout error // Handle signout error
if (signoutErr) return done(signoutErr); if (signoutErr) {
return done(signoutErr);
}
authenticatedSession.destroy(); authenticatedSession.destroy();
done(); done();
}); });

222
app/tests/user.server.routes.test.js
View file

@ -6,20 +6,19 @@ var should = require('should'),
mongoose = require('mongoose'), mongoose = require('mongoose'),
User = mongoose.model('User'), User = mongoose.model('User'),
config = require('../../config/config'), config = require('../../config/config'),
tmpUser = mongoose.model(config.tempUserCollection); tmpUser = mongoose.model(config.tempUserCollection),
async = require('async');
/** /**
* Globals * Globals
*/ */
var credentials, _User, activateToken, userSession; var credentials, _User, userSession;
/** /**
* Form routes tests * Form routes tests
*/ */
describe('User CRUD tests', function() { describe('User CRUD tests', function() {
this.timeout(30000); before(function() {
beforeEach(function() {
// Create user credentials // Create user credentials
credentials = { credentials = {
email: 'test732@test.com', email: 'test732@test.com',
@ -31,77 +30,182 @@ describe('User CRUD tests', function() {
_User = { _User = {
email: credentials.email, email: credentials.email,
username: credentials.username, username: credentials.username,
password: credentials.password password: credentials.password,
firstName: 'John',
lastName: 'Smith'
}; };
//Initialize Session //Initialize Session
userSession = Session(app); userSession = Session(app);
}); });
it(' > Create, Verify and Activate a User > ', function() { describe(' > Create, Verify and Activate a User > ', function() {
this.timeout(5000);
it('should be able to create a temporary (non-activated) User', function(done) { it('should be able to create and activate a User', function(done) {
userSession.post('/auth/signup') async.waterfall([
.send(_User) function(callback) {
.expect(200) userSession.post('/auth/signup')
.end(function(FormSaveErr) { .send(_User)
// Handle error .expect(200)
should.not.exist(FormSaveErr); .end(function(err) {
callback(err)
tmpUser.findOne({username: _User.username}, function (err, user) { });
should.not.exist(err); },
function(callback) {
tmpUser.findOne({username: _User.username})
.lean()
.exec(function (err, user) {
should.exist(user); should.exist(user);
_User.username.should.equal(user.username); _User.username.should.equal(user.username);
_User.firstName.should.equal(user.firstName); _User.firstName.should.equal(user.firstName);
_User.lastName.should.equal(user.lastName); _User.lastName.should.equal(user.lastName);
activateToken = user.GENERATED_VERIFYING_URL; callback(err, user.GENERATED_VERIFYING_URL);
userSession.get('/auth/verify/'+activateToken)
.expect(200)
.end(function(VerifyErr, VerifyRes) {
// Handle error
if (VerifyErr) {
return done(VerifyErr);
}
(VerifyRes.text).should.equal('User successfully verified');
userSession.post('/auth/signin')
.send(credentials)
.expect('Content-Type', /json/)
.expect(200)
.end(function(signinErr, signinRes) {
// Handle signin error
if (signinErr) {
return done(signinErr);
}
var user = signinRes.body;
(user.username).should.equal(credentials.username);
userSession.get('/auth/signout')
.expect(200)
.end(function(signoutErr, signoutRes) {
// Handle signout error
if (signoutErr) {
return done(signoutErr);
}
(signoutRes.text).should.equal('You have successfully logged out.');
done();
});
});
});
}); });
}); },
function(activateToken, callback) {
userSession.get('/auth/verify/' + activateToken)
.expect(200)
.end(function(err, res) {
(res.text).should.equal('User successfully verified');
callback(err);
});
},
function(callback) {
userSession.post('/auth/signin')
.send(credentials)
.expect('Content-Type', /json/)
.expect(200)
.end(function(err, res) {
(res.body.username).should.equal(credentials.username);
callback(err);
});
},
function(callback) {
userSession.get('/auth/signout')
.expect(200)
.end(function(err, res) {
(res.text).should.equal('You have successfully logged out.');
callback(err);
});
},
function(callback) {
User.findOne({ username: _User.username })
.lean()
.exec(function(err, user){
should.exist(user);
callback(err);
});
}
], function (err) {
done(err);
});
});
it('should be able to reset password of a created User with a valid passwordResetToken', function(done) {
var changedPassword = 'password1234';
var resetPasswordToken;
async.waterfall([
function(callback) {
userSession.post('/auth/forgot')
.send({ username: _User.username })
.expect(200)
.end(function(err) {
callback(err);
});
},
function(callback) {
User.findOne({ username: _User.username })
.lean()
.exec(function(err, user){
if(err){
callback(err);
}
callback(null, user.resetPasswordToken)
});
},
function(resetPasswordToken, callback) {
userSession.get('/auth/reset/' + resetPasswordToken)
.expect(302)
.end(function(err) {
callback(err, resetPasswordToken);
});
},
function(resetPasswordToken, callback) {
userSession.post('/auth/reset/' + resetPasswordToken)
.send({
newPassword: changedPassword,
verifyPassword: changedPassword
})
.expect(200)
.end(function(err, res) {
callback(err, resetPasswordToken);
});
},
function(resetPasswordToken, callback) {
User.findOne({ username: _User.username })
.exec(function(err, user){
should.exist(user);
user.authenticate(changedPassword).should.be.true();
should.not.exist(user.resetPasswordToken);
callback(err);
});
}
], function (err, result) {
done(err);
});
});
it('should be not able to reset password of a created User with a invalid passwordResetToken', function(done) {
var changedPassword = 'password4321';
var resetPasswordToken = 'thisIsNotAValidToken';
async.waterfall([
function(callback) {
userSession.post('/auth/forgot')
.send({ username: credentials.username })
.expect(200)
.end(function(err, res) {
callback(err);
});
},
function(callback) {
userSession.get('/auth/reset/' + resetPasswordToken)
.expect(400)
.end(function(err) {
callback(err);
});
},
function(callback) {
userSession.post('/auth/reset/' + resetPasswordToken)
.send({
newPassword: changedPassword,
verifyPassword: changedPassword
})
.expect(400)
.end(function(err, res) {
callback(err);
});
},
function(callback) {
User.findOne({ username: _User.username })
.exec(function(err, user){
should.exist(user);
user.authenticate(changedPassword).should.be.false();
callback(err);
});
}
], function (err, result) {
done(err);
});
}); });
}); });
afterEach(function(done) { after(function(done) {
User.remove().exec(function () { User.remove().exec(function () {
tmpUser.remove().exec(function(){ tmpUser.remove().exec(function(){
userSession.destroy(); userSession.destroy();