[github/Chocobozzz/PeerTube.git] / server / tests / api / users / users-verification.ts

/* tslint:disable:no-unused-expression */

import * as chai from 'chai'
import 'mocha'
import {
  cleanupTests,
  flushAndRunServer,
  getMyUserInformation,
  getUserInformation,
  login,
  registerUser,
  ServerInfo,
  updateCustomSubConfig,
  updateMyUser,
  userLogin,
  verifyEmail
} from '../../../../shared/extra-utils'
import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
import { User } from '../../../../shared/models/users'

const expect = chai.expect

describe('Test users account verification', function () {
  let server: ServerInfo
  let userId: number
  let userAccessToken: string
  let verificationString: string
  let expectedEmailsLength = 0
  const user1 = {
    username: 'user_1',
    password: 'super password'
  }
  const user2 = {
    username: 'user_2',
    password: 'super password'
  }
  const emails: object[] = []

  before(async function () {
    this.timeout(30000)

    const port = await MockSmtpServer.Instance.collectEmails(emails)

    const overrideConfig = {
      smtp: {
        hostname: 'localhost',
        port
      }
    }
    server = await flushAndRunServer(1, overrideConfig)

    await setAccessTokensToServers([ server ])
  })

  it('Should register user and send verification email if verification required', async function () {
    this.timeout(5000)
    await updateCustomSubConfig(server.url, server.accessToken, {
      signup: {
        enabled: true,
        requiresEmailVerification: true,
        limit: 10
      }
    })

    await registerUser(server.url, user1.username, user1.password)

    await waitJobs(server)
    expectedEmailsLength++
    expect(emails).to.have.lengthOf(expectedEmailsLength)

    const email = emails[expectedEmailsLength - 1]

    const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
    expect(verificationStringMatches).not.to.be.null

    verificationString = verificationStringMatches[1]
    expect(verificationString).to.have.length.above(2)

    const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
    expect(userIdMatches).not.to.be.null

    userId = parseInt(userIdMatches[1], 10)

    const resUserInfo = await getUserInformation(server.url, server.accessToken, userId)
    expect(resUserInfo.body.emailVerified).to.be.false
  })

  it('Should not allow login for user with unverified email', async function () {
    const resLogin = await login(server.url, server.client, user1, 400)
    expect(resLogin.body.error).to.contain('User email is not verified.')
  })

  it('Should verify the user via email and allow login', async function () {
    await verifyEmail(server.url, userId, verificationString)

    const res = await login(server.url, server.client, user1)
    userAccessToken = res.body.access_token

    const resUserVerified = await getUserInformation(server.url, server.accessToken, userId)
    expect(resUserVerified.body.emailVerified).to.be.true
  })

  it('Should be able to change the user email', async function () {
    let updateVerificationString: string

    {
      await updateMyUser({
        url: server.url,
        accessToken: userAccessToken,
        email: 'updated@example.com',
        currentPassword: user1.password
      })

      await waitJobs(server)
      expectedEmailsLength++
      expect(emails).to.have.lengthOf(expectedEmailsLength)

      const email = emails[expectedEmailsLength - 1]

      const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
      updateVerificationString = verificationStringMatches[1]
    }

    {
      const res = await getMyUserInformation(server.url, userAccessToken)
      const me: User = res.body

      expect(me.email).to.equal('user_1@example.com')
      expect(me.pendingEmail).to.equal('updated@example.com')
    }

    {
      await verifyEmail(server.url, userId, updateVerificationString, true)

      const res = await getMyUserInformation(server.url, userAccessToken)
      const me: User = res.body

      expect(me.email).to.equal('updated@example.com')
      expect(me.pendingEmail).to.be.null
    }
  })

  it('Should register user not requiring email verification if setting not enabled', async function () {
    this.timeout(5000)
    await updateCustomSubConfig(server.url, server.accessToken, {
      signup: {
        enabled: true,
        requiresEmailVerification: false,
        limit: 10
      }
    })

    await registerUser(server.url, user2.username, user2.password)

    await waitJobs(server)
    expect(emails).to.have.lengthOf(expectedEmailsLength)

    const accessToken = await userLogin(server, user2)

    const resMyUserInfo = await getMyUserInformation(server.url, accessToken)
    expect(resMyUserInfo.body.emailVerified).to.be.null
  })

  it('Should allow login for user with unverified email when setting later enabled', async function () {
    await updateCustomSubConfig(server.url, server.accessToken, {
      signup: {
        enabled: true,
        requiresEmailVerification: true,
        limit: 10
      }
    })

    await userLogin(server, user2)
  })

  after(async function () {
    MockSmtpServer.Instance.kill()

    await cleanupTests([ server ])
  })
})
Commit	Line	Data
d9eaee39 JM	1	/* tslint:disable:no-unused-expression */
	2
	3	import * as chai from 'chai'
	4	import 'mocha'
	5	import {
d1ab89de C	6	cleanupTests,
	7	flushAndRunServer,
	8	getMyUserInformation,
	9	getUserInformation,
	10	login,
	11	registerUser,
	12	ServerInfo,
	13	updateCustomSubConfig,
	14	updateMyUser,
	15	userLogin,
	16	verifyEmail
94565d52 C	17	} from '../../../../shared/extra-utils'
	18	import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
	19	import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
	20	import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
d1ab89de	21	import { User } from '../../../../shared/models/users'
d9eaee39 JM	22
	23	const expect = chai.expect
	24
	25	describe('Test users account verification', function () {
	26	let server: ServerInfo
	27	let userId: number
d1ab89de	28	let userAccessToken: string
d9eaee39 JM	29	let verificationString: string
	30	let expectedEmailsLength = 0
	31	const user1 = {
	32	username: 'user_1',
	33	password: 'super password'
	34	}
	35	const user2 = {
	36	username: 'user_2',
	37	password: 'super password'
	38	}
	39	const emails: object[] = []
	40
	41	before(async function () {
	42	this.timeout(30000)
	43
7243f84d	44	const port = await MockSmtpServer.Instance.collectEmails(emails)
d9eaee39	45
d9eaee39 JM	46	const overrideConfig = {
d9eaee39 JM	47	smtp: {
7243f84d C	48	hostname: 'localhost',
7243f84d C	49	port
d9eaee39 JM	50	}
d9eaee39 JM	51	}
210feb6c	52	server = await flushAndRunServer(1, overrideConfig)
d9eaee39 JM	53
	54	await setAccessTokensToServers([ server ])
	55	})
	56
	57	it('Should register user and send verification email if verification required', async function () {
	58	this.timeout(5000)
	59	await updateCustomSubConfig(server.url, server.accessToken, {
	60	signup: {
	61	enabled: true,
	62	requiresEmailVerification: true,
	63	limit: 10
	64	}
	65	})
	66
	67	await registerUser(server.url, user1.username, user1.password)
	68
	69	await waitJobs(server)
	70	expectedEmailsLength++
	71	expect(emails).to.have.lengthOf(expectedEmailsLength)
	72
	73	const email = emails[expectedEmailsLength - 1]
	74
	75	const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
	76	expect(verificationStringMatches).not.to.be.null
	77
	78	verificationString = verificationStringMatches[1]
	79	expect(verificationString).to.have.length.above(2)
	80
	81	const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
	82	expect(userIdMatches).not.to.be.null
	83
	84	userId = parseInt(userIdMatches[1], 10)
	85
	86	const resUserInfo = await getUserInformation(server.url, server.accessToken, userId)
	87	expect(resUserInfo.body.emailVerified).to.be.false
	88	})
	89
	90	it('Should not allow login for user with unverified email', async function () {
	91	const resLogin = await login(server.url, server.client, user1, 400)
	92	expect(resLogin.body.error).to.contain('User email is not verified.')
	93	})
	94
	95	it('Should verify the user via email and allow login', async function () {
	96	await verifyEmail(server.url, userId, verificationString)
d1ab89de C	97
	98	const res = await login(server.url, server.client, user1)
	99	userAccessToken = res.body.access_token
	100
d9eaee39 JM	101	const resUserVerified = await getUserInformation(server.url, server.accessToken, userId)
	102	expect(resUserVerified.body.emailVerified).to.be.true
	103	})
	104
d1ab89de C	105	it('Should be able to change the user email', async function () {
	106	let updateVerificationString: string
	107
	108	{
	109	await updateMyUser({
	110	url: server.url,
	111	accessToken: userAccessToken,
5efab546 C	112	email: 'updated@example.com',
5efab546 C	113	currentPassword: user1.password
d1ab89de C	114	})
	115
	116	await waitJobs(server)
	117	expectedEmailsLength++
	118	expect(emails).to.have.lengthOf(expectedEmailsLength)
	119
	120	const email = emails[expectedEmailsLength - 1]
	121
	122	const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
	123	updateVerificationString = verificationStringMatches[1]
	124	}
	125
	126	{
	127	const res = await getMyUserInformation(server.url, userAccessToken)
	128	const me: User = res.body
	129
	130	expect(me.email).to.equal('user_1@example.com')
	131	expect(me.pendingEmail).to.equal('updated@example.com')
	132	}
	133
	134	{
	135	await verifyEmail(server.url, userId, updateVerificationString, true)
	136
	137	const res = await getMyUserInformation(server.url, userAccessToken)
	138	const me: User = res.body
	139
	140	expect(me.email).to.equal('updated@example.com')
	141	expect(me.pendingEmail).to.be.null
	142	}
	143	})
	144
d9eaee39 JM	145	it('Should register user not requiring email verification if setting not enabled', async function () {
	146	this.timeout(5000)
	147	await updateCustomSubConfig(server.url, server.accessToken, {
	148	signup: {
	149	enabled: true,
	150	requiresEmailVerification: false,
	151	limit: 10
	152	}
	153	})
	154
	155	await registerUser(server.url, user2.username, user2.password)
	156
	157	await waitJobs(server)
	158	expect(emails).to.have.lengthOf(expectedEmailsLength)
	159
	160	const accessToken = await userLogin(server, user2)
	161
	162	const resMyUserInfo = await getMyUserInformation(server.url, accessToken)
	163	expect(resMyUserInfo.body.emailVerified).to.be.null
	164	})
	165
	166	it('Should allow login for user with unverified email when setting later enabled', async function () {
	167	await updateCustomSubConfig(server.url, server.accessToken, {
	168	signup: {
	169	enabled: true,
	170	requiresEmailVerification: true,
	171	limit: 10
	172	}
	173	})
	174
	175	await userLogin(server, user2)
	176	})
	177
7c3b7976	178	after(async function () {
89ada4e2	179	MockSmtpServer.Instance.kill()
7c3b7976 C	180
7c3b7976 C	181	await cleanupTests([ server ])
d9eaee39 JM	182	})
d9eaee39 JM	183	})