Home Explore Help
Sign In
akillibulut
/
porter
mirror of https://github.com/porter-dev/porter
2
0
Fork 0
Files Issues 0 Wiki
Branch: multiapp-parse
Branches Tags
porter
/
api
/
server
/
handlers
/
user
/
email_verify_test.go

email_verify_test.go 2.6 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 
  1. package user_test
    2. 

  2. 

  3. import (
    4. 

  4. 	"fmt"
    5. 

  5. 	"net/url"
    6. 

  6. 	"testing"
    7. 

  7. 

  8. 	"github.com/porter-dev/porter/api/server/handlers"
    9. 

  9. 	"github.com/porter-dev/porter/api/server/handlers/user"
    10. 

  10. 	"github.com/porter-dev/porter/api/server/shared"
    11. 

  11. 	"github.com/porter-dev/porter/api/server/shared/apitest"
    12. 

  12. 	"github.com/porter-dev/porter/api/types"
    13. 

  13. 	"github.com/stretchr/testify/assert"
    14. 

  14. 	"golang.org/x/crypto/bcrypt"
    15. 

  15. )
    16. 

  16. 

  17. func TestEmailVerifyInitiateSuccessful(t *testing.T) {
    18. 

  18. 	config := apitest.LoadConfig(t)
    19. 

  19. 	authUser := apitest.CreateTestUser(t, config, true)
    20. 

  20. 	req, rr := apitest.GetRequestAndRecorder(t, string(types.HTTPVerbPost), "/api/email/verify/initiate", nil)
    21. 

  21. 

  22. 	req = apitest.WithAuthenticatedUser(t, req, authUser)
    23. 

  23. 

  24. 	handler := user.NewVerifyEmailInitiateHandler(config)
    25. 

  25. 

  26. 	handler.ServeHTTP(rr, req)
    27. 

  27. 

  28. 	// check the notifier data from config by casting to a fake notifier object
    29. 

  29. 	fakeNotifier, ok := config.UserNotifier.(*apitest.FakeUserNotifier)
    30. 

  30. 

  31. 	if !ok {
    32. 

  32. 		t.Fatal("Could not cast user notifier to fake notifier")
    33. 

  33. 	}
    34. 

  34. 

  35. 	initiateOpts := fakeNotifier.GetSendEmailVerificationLastOpts()
    36. 

  36. 	assert.Equal(t, "mrp@porter.run", initiateOpts.Email)
    37. 

  37. 

  38. 	// parse the url and compare
    39. 

  39. 	parsedURL, err := url.Parse(initiateOpts.URL)
    40. 

  40. 	if err != nil {
    41. 

  41. 		t.Fatal(err)
    42. 

  42. 	}
    43. 

  43. 

  44. 	// read token from the DB
    45. 

  45. 	token, err := config.Repo.PWResetToken().ReadPWResetToken(1)
    46. 

  46. 	if err != nil {
    47. 

  47. 		t.Fatal(err)
    48. 

  48. 	}
    49. 

  49. 

  50. 	assert.Equal(t, "/api/email/verify/finalize", parsedURL.Path)
    51. 

  51. 	vals := parsedURL.Query()
    52. 

  52. 

  53. 	assert.True(t, bcrypt.CompareHashAndPassword([]byte(token.Token), []byte(vals["token"][0])) == nil)
    54. 

  54. 	assert.Equal(t, "1", vals["token_id"][0])
    55. 

  55. }
    56. 

  56. 

  57. func TestEmailVerifyFinalizeSuccessful(t *testing.T) {
    58. 

  58. 	config := apitest.LoadConfig(t)
    59. 

  59. 	authUser := apitest.CreateTestUser(t, config, false)
    60. 

  60. 

  61. 	// create a token in the DB to use for testing
    62. 

  62. 	pwReset, rawToken, err := user.CreatePWResetTokenForEmail(
    63. 

  63. 		config.Repo.PWResetToken(),
    64. 

  64. 		handlers.IgnoreAPIError,
    65. 

  65. 		nil,
    66. 

  66. 		nil,
    67. 

  67. 		&types.InitiateResetUserPasswordRequest{
    68. 

  68. 			Email: authUser.Email,
    69. 

  69. 		},
    70. 

  70. 	)
    71. 

  71. 	if err != nil {
    72. 

  72. 		t.Fatal(err)
    73. 

  73. 	}
    74. 

  74. 

  75. 	req, rr := apitest.GetRequestAndRecorder(
    76. 

  76. 		t,
    77. 

  77. 		string(types.HTTPVerbGet),
    78. 

  78. 		"/api/email/verify/finalize?"+url.Values{
    79. 

  79. 			"token_id": []string{fmt.Sprintf("%d", pwReset.ID)},
    80. 

  80. 			"token":    []string{rawToken},
    81. 

  81. 		}.Encode(),
    82. 

  82. 		nil,
    83. 

  83. 	)
    84. 

  84. 

  85. 	req = apitest.WithAuthenticatedUser(t, req, authUser)
    86. 

  86. 

  87. 	handler := user.NewVerifyEmailFinalizeHandler(
    88. 

  88. 		config,
    89. 

  89. 		shared.NewDefaultRequestDecoderValidator(config.Logger, config.Alerter),
    90. 

  90. 	)
    91. 

  91. 

  92. 	handler.ServeHTTP(rr, req)
    93. 

  93. 

  94. 	// read the user and check that their email has been verified
    95. 

  95. 	authUser, err = config.Repo.User().ReadUser(authUser.ID)
    96. 

  96. 

  97. 	assert.True(t, authUser.EmailVerified)
    98. 

  98. }
    99.