1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
3 import * as chai from 'chai'
13 updateCustomSubConfig,
17 } from '../../../../shared/extra-utils'
18 import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
19 import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
20 import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
21 import { User } from '../../../../shared/models/users'
22 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
24 const expect = chai.expect
26 describe('Test users account verification', function () {
27 let server: ServerInfo
29 let userAccessToken: string
30 let verificationString: string
31 let expectedEmailsLength = 0
34 password: 'super password'
38 password: 'super password'
40 const emails: object[] = []
42 before(async function () {
45 const port = await MockSmtpServer.Instance.collectEmails(emails)
47 const overrideConfig = {
49 hostname: 'localhost',
53 server = await flushAndRunServer(1, overrideConfig)
55 await setAccessTokensToServers([ server ])
58 it('Should register user and send verification email if verification required', async function () {
61 await updateCustomSubConfig(server.url, server.accessToken, {
64 requiresEmailVerification: true,
69 await registerUser(server.url, user1.username, user1.password)
71 await waitJobs(server)
72 expectedEmailsLength++
73 expect(emails).to.have.lengthOf(expectedEmailsLength)
75 const email = emails[expectedEmailsLength - 1]
77 const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
78 expect(verificationStringMatches).not.to.be.null
80 verificationString = verificationStringMatches[1]
81 expect(verificationString).to.have.length.above(2)
83 const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
84 expect(userIdMatches).not.to.be.null
86 userId = parseInt(userIdMatches[1], 10)
88 const resUserInfo = await getUserInformation(server.url, server.accessToken, userId)
89 expect(resUserInfo.body.emailVerified).to.be.false
92 it('Should not allow login for user with unverified email', async function () {
93 const resLogin = await login(server.url, server.client, user1, HttpStatusCode.BAD_REQUEST_400)
94 expect(resLogin.body.detail).to.contain('User email is not verified.')
97 it('Should verify the user via email and allow login', async function () {
98 await verifyEmail(server.url, userId, verificationString)
100 const res = await login(server.url, server.client, user1)
101 userAccessToken = res.body.access_token
103 const resUserVerified = await getUserInformation(server.url, server.accessToken, userId)
104 expect(resUserVerified.body.emailVerified).to.be.true
107 it('Should be able to change the user email', async function () {
110 let updateVerificationString: string
115 accessToken: userAccessToken,
116 email: 'updated@example.com',
117 currentPassword: user1.password
120 await waitJobs(server)
121 expectedEmailsLength++
122 expect(emails).to.have.lengthOf(expectedEmailsLength)
124 const email = emails[expectedEmailsLength - 1]
126 const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
127 updateVerificationString = verificationStringMatches[1]
131 const res = await getMyUserInformation(server.url, userAccessToken)
132 const me: User = res.body
134 expect(me.email).to.equal('user_1@example.com')
135 expect(me.pendingEmail).to.equal('updated@example.com')
139 await verifyEmail(server.url, userId, updateVerificationString, true)
141 const res = await getMyUserInformation(server.url, userAccessToken)
142 const me: User = res.body
144 expect(me.email).to.equal('updated@example.com')
145 expect(me.pendingEmail).to.be.null
149 it('Should register user not requiring email verification if setting not enabled', async function () {
151 await updateCustomSubConfig(server.url, server.accessToken, {
154 requiresEmailVerification: false,
159 await registerUser(server.url, user2.username, user2.password)
161 await waitJobs(server)
162 expect(emails).to.have.lengthOf(expectedEmailsLength)
164 const accessToken = await userLogin(server, user2)
166 const resMyUserInfo = await getMyUserInformation(server.url, accessToken)
167 expect(resMyUserInfo.body.emailVerified).to.be.null
170 it('Should allow login for user with unverified email when setting later enabled', async function () {
171 await updateCustomSubConfig(server.url, server.accessToken, {
174 requiresEmailVerification: true,
179 await userLogin(server, user2)
182 after(async function () {
183 MockSmtpServer.Instance.kill()
185 await cleanupTests([ server ])