server/tests/api/users/users-verification.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import { expect } from 'chai'
   4 import { MockSmtpServer } from '@server/tests/shared'
   5 import { HttpStatusCode } from '@shared/models'
   6 import { cleanupTests, createSingleServer, PeerTubeServer, setAccessTokensToServers, waitJobs } from '@shared/server-commands'
   7
   8 describe('Test users account verification', function () {
   9   let server: PeerTubeServer
  10   let userId: number
  11   let userAccessToken: string
  12   let verificationString: string
  13   let expectedEmailsLength = 0
  14   const user1 = {
  15     username: 'user_1',
  16     password: 'super password'
  17   }
  18   const user2 = {
  19     username: 'user_2',
  20     password: 'super password'
  21   }
  22   const emails: object[] = []
  23
  24   before(async function () {
  25     this.timeout(30000)
  26
  27     const port = await MockSmtpServer.Instance.collectEmails(emails)
  28
  29     const overrideConfig = {
  30       smtp: {
  31         hostname: 'localhost',
  32         port
  33       }
  34     }
  35     server = await createSingleServer(1, overrideConfig)
  36
  37     await setAccessTokensToServers([ server ])
  38   })
  39
  40   it('Should register user and send verification email if verification required', async function () {
  41     this.timeout(30000)
  42
  43     await server.config.updateCustomSubConfig({
  44       newConfig: {
  45         signup: {
  46           enabled: true,
  47           requiresEmailVerification: true,
  48           limit: 10
  49         }
  50       }
  51     })
  52
  53     await server.users.register(user1)
  54
  55     await waitJobs(server)
  56     expectedEmailsLength++
  57     expect(emails).to.have.lengthOf(expectedEmailsLength)
  58
  59     const email = emails[expectedEmailsLength - 1]
  60
  61     const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
  62     expect(verificationStringMatches).not.to.be.null
  63
  64     verificationString = verificationStringMatches[1]
  65     expect(verificationString).to.have.length.above(2)
  66
  67     const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
  68     expect(userIdMatches).not.to.be.null
  69
  70     userId = parseInt(userIdMatches[1], 10)
  71
  72     const body = await server.users.get({ userId })
  73     expect(body.emailVerified).to.be.false
  74   })
  75
  76   it('Should not allow login for user with unverified email', async function () {
  77     const { detail } = await server.login.login({ user: user1, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  78     expect(detail).to.contain('User email is not verified.')
  79   })
  80
  81   it('Should verify the user via email and allow login', async function () {
  82     await server.users.verifyEmail({ userId, verificationString })
  83
  84     const body = await server.login.login({ user: user1 })
  85     userAccessToken = body.access_token
  86
  87     const user = await server.users.get({ userId })
  88     expect(user.emailVerified).to.be.true
  89   })
  90
  91   it('Should be able to change the user email', async function () {
  92     this.timeout(10000)
  93
  94     let updateVerificationString: string
  95
  96     {
  97       await server.users.updateMe({
  98         token: userAccessToken,
  99         email: 'updated@example.com',
 100         currentPassword: user1.password
 101       })
 102
 103       await waitJobs(server)
 104       expectedEmailsLength++
 105       expect(emails).to.have.lengthOf(expectedEmailsLength)
 106
 107       const email = emails[expectedEmailsLength - 1]
 108
 109       const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
 110       updateVerificationString = verificationStringMatches[1]
 111     }
 112
 113     {
 114       const me = await server.users.getMyInfo({ token: userAccessToken })
 115       expect(me.email).to.equal('user_1@example.com')
 116       expect(me.pendingEmail).to.equal('updated@example.com')
 117     }
 118
 119     {
 120       await server.users.verifyEmail({ userId, verificationString: updateVerificationString, isPendingEmail: true })
 121
 122       const me = await server.users.getMyInfo({ token: userAccessToken })
 123       expect(me.email).to.equal('updated@example.com')
 124       expect(me.pendingEmail).to.be.null
 125     }
 126   })
 127
 128   it('Should register user not requiring email verification if setting not enabled', async function () {
 129     this.timeout(5000)
 130     await server.config.updateCustomSubConfig({
 131       newConfig: {
 132         signup: {
 133           enabled: true,
 134           requiresEmailVerification: false,
 135           limit: 10
 136         }
 137       }
 138     })
 139
 140     await server.users.register(user2)
 141
 142     await waitJobs(server)
 143     expect(emails).to.have.lengthOf(expectedEmailsLength)
 144
 145     const accessToken = await server.login.getAccessToken(user2)
 146
 147     const user = await server.users.getMyInfo({ token: accessToken })
 148     expect(user.emailVerified).to.be.null
 149   })
 150
 151   it('Should allow login for user with unverified email when setting later enabled', async function () {
 152     await server.config.updateCustomSubConfig({
 153       newConfig: {
 154         signup: {
 155           enabled: true,
 156           requiresEmailVerification: true,
 157           limit: 10
 158         }
 159       }
 160     })
 161
 162     await server.login.getAccessToken(user2)
 163   })
 164
 165   after(async function () {
 166     MockSmtpServer.Instance.kill()
 167
 168     await cleanupTests([ server ])
 169   })
 170 })