[github/Chocobozzz/PeerTube.git] / server / tests / api / users / users-verification.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import * as chai from 'chai'
import 'mocha'
import {
  cleanupTests,
  flushAndRunServer,
  getMyUserInformation,
  getUserInformation,
  login,
  registerUser,
  ServerInfo,
  updateCustomSubConfig,
  updateMyUser,
  userLogin,
  verifyEmail
} from '../../../../shared/extra-utils'
import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
import { User } from '../../../../shared/models/users'

const expect = chai.expect

describe('Test users account verification', function () {
  let server: ServerInfo
  let userId: number
  let userAccessToken: string
  let verificationString: string
  let expectedEmailsLength = 0
  const user1 = {
    username: 'user_1',
    password: 'super password'
  }
  const user2 = {
    username: 'user_2',
    password: 'super password'
  }
  const emails: object[] = []

  before(async function () {
    this.timeout(30000)

    const port = await MockSmtpServer.Instance.collectEmails(emails)

    const overrideConfig = {
      smtp: {
        hostname: 'localhost',
        port
      }
    }
    server = await flushAndRunServer(1, overrideConfig)

    await setAccessTokensToServers([ server ])
  })

  it('Should register user and send verification email if verification required', async function () {
    this.timeout(30000)

    await updateCustomSubConfig(server.url, server.accessToken, {
      signup: {
        enabled: true,
        requiresEmailVerification: true,
        limit: 10
      }
    })

    await registerUser(server.url, user1.username, user1.password)

    await waitJobs(server)
    expectedEmailsLength++
    expect(emails).to.have.lengthOf(expectedEmailsLength)

    const email = emails[expectedEmailsLength - 1]

    const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
    expect(verificationStringMatches).not.to.be.null

    verificationString = verificationStringMatches[1]
    expect(verificationString).to.have.length.above(2)

    const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
    expect(userIdMatches).not.to.be.null

    userId = parseInt(userIdMatches[1], 10)

    const resUserInfo = await getUserInformation(server.url, server.accessToken, userId)
    expect(resUserInfo.body.emailVerified).to.be.false
  })

  it('Should not allow login for user with unverified email', async function () {
    const resLogin = await login(server.url, server.client, user1, 400)
    expect(resLogin.body.error).to.contain('User email is not verified.')
  })

  it('Should verify the user via email and allow login', async function () {
    await verifyEmail(server.url, userId, verificationString)

    const res = await login(server.url, server.client, user1)
    userAccessToken = res.body.access_token

    const resUserVerified = await getUserInformation(server.url, server.accessToken, userId)
    expect(resUserVerified.body.emailVerified).to.be.true
  })

  it('Should be able to change the user email', async function () {
    let updateVerificationString: string

    {
      await updateMyUser({
        url: server.url,
        accessToken: userAccessToken,
        email: 'updated@example.com',
        currentPassword: user1.password
      })

      await waitJobs(server)
      expectedEmailsLength++
      expect(emails).to.have.lengthOf(expectedEmailsLength)

      const email = emails[expectedEmailsLength - 1]

      const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
      updateVerificationString = verificationStringMatches[1]
    }

    {
      const res = await getMyUserInformation(server.url, userAccessToken)
      const me: User = res.body

      expect(me.email).to.equal('user_1@example.com')
      expect(me.pendingEmail).to.equal('updated@example.com')
    }

    {
      await verifyEmail(server.url, userId, updateVerificationString, true)

      const res = await getMyUserInformation(server.url, userAccessToken)
      const me: User = res.body

      expect(me.email).to.equal('updated@example.com')
      expect(me.pendingEmail).to.be.null
    }
  })

  it('Should register user not requiring email verification if setting not enabled', async function () {
    this.timeout(5000)
    await updateCustomSubConfig(server.url, server.accessToken, {
      signup: {
        enabled: true,
        requiresEmailVerification: false,
        limit: 10
      }
    })

    await registerUser(server.url, user2.username, user2.password)

    await waitJobs(server)
    expect(emails).to.have.lengthOf(expectedEmailsLength)

    const accessToken = await userLogin(server, user2)

    const resMyUserInfo = await getMyUserInformation(server.url, accessToken)
    expect(resMyUserInfo.body.emailVerified).to.be.null
  })

  it('Should allow login for user with unverified email when setting later enabled', async function () {
    await updateCustomSubConfig(server.url, server.accessToken, {
      signup: {
        enabled: true,
        requiresEmailVerification: true,
        limit: 10
      }
    })

    await userLogin(server, user2)
  })

  after(async function () {
    MockSmtpServer.Instance.kill()

    await cleanupTests([ server ])
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
d9eaee39 JM	2
	3	import * as chai from 'chai'
	4	import 'mocha'
	5	import {
d1ab89de C	6	cleanupTests,
	7	flushAndRunServer,
	8	getMyUserInformation,
	9	getUserInformation,
	10	login,
	11	registerUser,
	12	ServerInfo,
	13	updateCustomSubConfig,
	14	updateMyUser,
	15	userLogin,
	16	verifyEmail
94565d52 C	17	} from '../../../../shared/extra-utils'
	18	import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
	19	import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
	20	import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
d1ab89de	21	import { User } from '../../../../shared/models/users'
d9eaee39 JM	22
	23	const expect = chai.expect
	24
	25	describe('Test users account verification', function () {
	26	let server: ServerInfo
	27	let userId: number
d1ab89de	28	let userAccessToken: string
d9eaee39 JM	29	let verificationString: string
	30	let expectedEmailsLength = 0
	31	const user1 = {
	32	username: 'user_1',
	33	password: 'super password'
	34	}
	35	const user2 = {
	36	username: 'user_2',
	37	password: 'super password'
	38	}
	39	const emails: object[] = []
	40
	41	before(async function () {
	42	this.timeout(30000)
	43
7243f84d	44	const port = await MockSmtpServer.Instance.collectEmails(emails)
d9eaee39	45
d9eaee39 JM	46	const overrideConfig = {
d9eaee39 JM	47	smtp: {
7243f84d C	48	hostname: 'localhost',
7243f84d C	49	port
d9eaee39 JM	50	}
d9eaee39 JM	51	}
210feb6c	52	server = await flushAndRunServer(1, overrideConfig)
d9eaee39 JM	53
	54	await setAccessTokensToServers([ server ])
	55	})
	56
	57	it('Should register user and send verification email if verification required', async function () {
59fd824c C	58	this.timeout(30000)
59fd824c C	59
d9eaee39 JM	60	await updateCustomSubConfig(server.url, server.accessToken, {
	61	signup: {
	62	enabled: true,
	63	requiresEmailVerification: true,
	64	limit: 10
	65	}
	66	})
	67
	68	await registerUser(server.url, user1.username, user1.password)
	69
	70	await waitJobs(server)
	71	expectedEmailsLength++
	72	expect(emails).to.have.lengthOf(expectedEmailsLength)
	73
	74	const email = emails[expectedEmailsLength - 1]
	75
	76	const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
	77	expect(verificationStringMatches).not.to.be.null
	78
	79	verificationString = verificationStringMatches[1]
	80	expect(verificationString).to.have.length.above(2)
	81
	82	const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
	83	expect(userIdMatches).not.to.be.null
	84
	85	userId = parseInt(userIdMatches[1], 10)
	86
	87	const resUserInfo = await getUserInformation(server.url, server.accessToken, userId)
	88	expect(resUserInfo.body.emailVerified).to.be.false
	89	})
	90
	91	it('Should not allow login for user with unverified email', async function () {
	92	const resLogin = await login(server.url, server.client, user1, 400)
	93	expect(resLogin.body.error).to.contain('User email is not verified.')
	94	})
	95
	96	it('Should verify the user via email and allow login', async function () {
	97	await verifyEmail(server.url, userId, verificationString)
d1ab89de C	98
	99	const res = await login(server.url, server.client, user1)
	100	userAccessToken = res.body.access_token
	101
d9eaee39 JM	102	const resUserVerified = await getUserInformation(server.url, server.accessToken, userId)
	103	expect(resUserVerified.body.emailVerified).to.be.true
	104	})
	105
d1ab89de C	106	it('Should be able to change the user email', async function () {
	107	let updateVerificationString: string
	108
	109	{
	110	await updateMyUser({
	111	url: server.url,
	112	accessToken: userAccessToken,
5efab546 C	113	email: 'updated@example.com',
5efab546 C	114	currentPassword: user1.password
d1ab89de C	115	})
	116
	117	await waitJobs(server)
	118	expectedEmailsLength++
	119	expect(emails).to.have.lengthOf(expectedEmailsLength)
	120
	121	const email = emails[expectedEmailsLength - 1]
	122
	123	const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
	124	updateVerificationString = verificationStringMatches[1]
	125	}
	126
	127	{
	128	const res = await getMyUserInformation(server.url, userAccessToken)
	129	const me: User = res.body
	130
	131	expect(me.email).to.equal('user_1@example.com')
	132	expect(me.pendingEmail).to.equal('updated@example.com')
	133	}
	134
	135	{
	136	await verifyEmail(server.url, userId, updateVerificationString, true)
	137
	138	const res = await getMyUserInformation(server.url, userAccessToken)
	139	const me: User = res.body
	140
	141	expect(me.email).to.equal('updated@example.com')
	142	expect(me.pendingEmail).to.be.null
	143	}
	144	})
	145
d9eaee39 JM	146	it('Should register user not requiring email verification if setting not enabled', async function () {
	147	this.timeout(5000)
	148	await updateCustomSubConfig(server.url, server.accessToken, {
	149	signup: {
	150	enabled: true,
	151	requiresEmailVerification: false,
	152	limit: 10
	153	}
	154	})
	155
	156	await registerUser(server.url, user2.username, user2.password)
	157
	158	await waitJobs(server)
	159	expect(emails).to.have.lengthOf(expectedEmailsLength)
	160
	161	const accessToken = await userLogin(server, user2)
	162
	163	const resMyUserInfo = await getMyUserInformation(server.url, accessToken)
	164	expect(resMyUserInfo.body.emailVerified).to.be.null
	165	})
	166
	167	it('Should allow login for user with unverified email when setting later enabled', async function () {
	168	await updateCustomSubConfig(server.url, server.accessToken, {
	169	signup: {
	170	enabled: true,
	171	requiresEmailVerification: true,
	172	limit: 10
	173	}
	174	})
	175
	176	await userLogin(server, user2)
	177	})
	178
7c3b7976	179	after(async function () {
89ada4e2	180	MockSmtpServer.Instance.kill()
7c3b7976 C	181
7c3b7976 C	182	await cleanupTests([ server ])
d9eaee39 JM	183	})
d9eaee39 JM	184	})