1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import * as chai from 'chai'
5 import { MockSmtpServer } from '@server/tests/shared'
6 import { HttpStatusCode } from '@shared/models'
7 import { cleanupTests, createSingleServer, PeerTubeServer, setAccessTokensToServers, waitJobs } from '@shared/server-commands'
9 const expect = chai.expect
11 describe('Test users account verification', function () {
12 let server: PeerTubeServer
14 let userAccessToken: string
15 let verificationString: string
16 let expectedEmailsLength = 0
19 password: 'super password'
23 password: 'super password'
25 const emails: object[] = []
27 before(async function () {
30 const port = await MockSmtpServer.Instance.collectEmails(emails)
32 const overrideConfig = {
34 hostname: 'localhost',
38 server = await createSingleServer(1, overrideConfig)
40 await setAccessTokensToServers([ server ])
43 it('Should register user and send verification email if verification required', async function () {
46 await server.config.updateCustomSubConfig({
50 requiresEmailVerification: true,
56 await server.users.register(user1)
58 await waitJobs(server)
59 expectedEmailsLength++
60 expect(emails).to.have.lengthOf(expectedEmailsLength)
62 const email = emails[expectedEmailsLength - 1]
64 const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
65 expect(verificationStringMatches).not.to.be.null
67 verificationString = verificationStringMatches[1]
68 expect(verificationString).to.have.length.above(2)
70 const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
71 expect(userIdMatches).not.to.be.null
73 userId = parseInt(userIdMatches[1], 10)
75 const body = await server.users.get({ userId })
76 expect(body.emailVerified).to.be.false
79 it('Should not allow login for user with unverified email', async function () {
80 const { detail } = await server.login.login({ user: user1, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
81 expect(detail).to.contain('User email is not verified.')
84 it('Should verify the user via email and allow login', async function () {
85 await server.users.verifyEmail({ userId, verificationString })
87 const body = await server.login.login({ user: user1 })
88 userAccessToken = body.access_token
90 const user = await server.users.get({ userId })
91 expect(user.emailVerified).to.be.true
94 it('Should be able to change the user email', async function () {
97 let updateVerificationString: string
100 await server.users.updateMe({
101 token: userAccessToken,
102 email: 'updated@example.com',
103 currentPassword: user1.password
106 await waitJobs(server)
107 expectedEmailsLength++
108 expect(emails).to.have.lengthOf(expectedEmailsLength)
110 const email = emails[expectedEmailsLength - 1]
112 const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
113 updateVerificationString = verificationStringMatches[1]
117 const me = await server.users.getMyInfo({ token: userAccessToken })
118 expect(me.email).to.equal('user_1@example.com')
119 expect(me.pendingEmail).to.equal('updated@example.com')
123 await server.users.verifyEmail({ userId, verificationString: updateVerificationString, isPendingEmail: true })
125 const me = await server.users.getMyInfo({ token: userAccessToken })
126 expect(me.email).to.equal('updated@example.com')
127 expect(me.pendingEmail).to.be.null
131 it('Should register user not requiring email verification if setting not enabled', async function () {
133 await server.config.updateCustomSubConfig({
137 requiresEmailVerification: false,
143 await server.users.register(user2)
145 await waitJobs(server)
146 expect(emails).to.have.lengthOf(expectedEmailsLength)
148 const accessToken = await server.login.getAccessToken(user2)
150 const user = await server.users.getMyInfo({ token: accessToken })
151 expect(user.emailVerified).to.be.null
154 it('Should allow login for user with unverified email when setting later enabled', async function () {
155 await server.config.updateCustomSubConfig({
159 requiresEmailVerification: true,
165 await server.login.getAccessToken(user2)
168 after(async function () {
169 MockSmtpServer.Instance.kill()
171 await cleanupTests([ server ])