0ef0aed205
This will 'time travel', i.e. change the inserted_at and update_at fields of the object in question. This is used to backdate things were we used sleeping before to ensure time differences.
120 lines
3.4 KiB
Elixir
120 lines
3.4 KiB
Elixir
# Pleroma: A lightweight social networking server
|
|
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
defmodule Pleroma.Web.TwitterAPI.PasswordControllerTest do
|
|
use Pleroma.Web.ConnCase
|
|
|
|
alias Pleroma.PasswordResetToken
|
|
alias Pleroma.User
|
|
alias Pleroma.Web.OAuth.Token
|
|
import Pleroma.Factory
|
|
|
|
describe "GET /api/pleroma/password_reset/token" do
|
|
test "it returns error when token invalid", %{conn: conn} do
|
|
response =
|
|
conn
|
|
|> get("/api/pleroma/password_reset/token")
|
|
|> html_response(:ok)
|
|
|
|
assert response =~ "<h2>Invalid Token</h2>"
|
|
end
|
|
|
|
test "it shows password reset form", %{conn: conn} do
|
|
user = insert(:user)
|
|
{:ok, token} = PasswordResetToken.create_token(user)
|
|
|
|
response =
|
|
conn
|
|
|> get("/api/pleroma/password_reset/#{token.token}")
|
|
|> html_response(:ok)
|
|
|
|
assert response =~ "<h2>Password Reset for #{user.nickname}</h2>"
|
|
end
|
|
|
|
test "it returns an error when the token has expired", %{conn: conn} do
|
|
clear_config([:instance, :password_reset_token_validity], 0)
|
|
|
|
user = insert(:user)
|
|
{:ok, token} = PasswordResetToken.create_token(user)
|
|
{:ok, token} = time_travel(token, -2)
|
|
|
|
response =
|
|
conn
|
|
|> get("/api/pleroma/password_reset/#{token.token}")
|
|
|> html_response(:ok)
|
|
|
|
assert response =~ "<h2>Invalid Token</h2>"
|
|
end
|
|
end
|
|
|
|
describe "POST /api/pleroma/password_reset" do
|
|
test "it fails for an expired token", %{conn: conn} do
|
|
clear_config([:instance, :password_reset_token_validity], 0)
|
|
|
|
user = insert(:user)
|
|
{:ok, token} = PasswordResetToken.create_token(user)
|
|
{:ok, token} = time_travel(token, -2)
|
|
{:ok, _access_token} = Token.create(insert(:oauth_app), user, %{})
|
|
|
|
params = %{
|
|
"password" => "test",
|
|
password_confirmation: "test",
|
|
token: token.token
|
|
}
|
|
|
|
response =
|
|
conn
|
|
|> assign(:user, user)
|
|
|> post("/api/pleroma/password_reset", %{data: params})
|
|
|> html_response(:ok)
|
|
|
|
refute response =~ "<h2>Password changed!</h2>"
|
|
end
|
|
|
|
test "it returns HTTP 200", %{conn: conn} do
|
|
user = insert(:user)
|
|
{:ok, token} = PasswordResetToken.create_token(user)
|
|
{:ok, _access_token} = Token.create(insert(:oauth_app), user, %{})
|
|
|
|
params = %{
|
|
"password" => "test",
|
|
password_confirmation: "test",
|
|
token: token.token
|
|
}
|
|
|
|
response =
|
|
conn
|
|
|> assign(:user, user)
|
|
|> post("/api/pleroma/password_reset", %{data: params})
|
|
|> html_response(:ok)
|
|
|
|
assert response =~ "<h2>Password changed!</h2>"
|
|
|
|
user = refresh_record(user)
|
|
assert Pbkdf2.verify_pass("test", user.password_hash)
|
|
assert Enum.empty?(Token.get_user_tokens(user))
|
|
end
|
|
|
|
test "it sets password_reset_pending to false", %{conn: conn} do
|
|
user = insert(:user, password_reset_pending: true)
|
|
|
|
{:ok, token} = PasswordResetToken.create_token(user)
|
|
{:ok, _access_token} = Token.create(insert(:oauth_app), user, %{})
|
|
|
|
params = %{
|
|
"password" => "test",
|
|
password_confirmation: "test",
|
|
token: token.token
|
|
}
|
|
|
|
conn
|
|
|> assign(:user, user)
|
|
|> post("/api/pleroma/password_reset", %{data: params})
|
|
|> html_response(:ok)
|
|
|
|
assert User.get_by_id(user.id).password_reset_pending == false
|
|
end
|
|
end
|
|
end
|