async function login (options: {
server: PeerTubeServer
- password?: string
+ username: string
+ password: string
otpToken?: string
expectedStatus?: HttpStatusCode
}) {
- const { server, password = server.store.user.password, otpToken, expectedStatus } = options
+ const { server, username, password, otpToken, expectedStatus } = options
- const user = { username: server.store.user.username, password }
+ const user = { username, password }
const { res, body: { access_token: token } } = await server.login.loginAndGetResponse({ user, otpToken, expectedStatus })
return { res, token }
describe('Test users', function () {
let server: PeerTubeServer
- let rootId: number
let otpSecret: string
let requestToken: string
+ const userUsername = 'user1'
+ let userId: number
+ let userPassword: string
+ let userToken: string
+
before(async function () {
this.timeout(30000)
server = await createSingleServer(1)
await setAccessTokensToServers([ server ])
-
- const { id } = await server.users.getMyInfo()
- rootId = id
+ const res = await server.users.generate(userUsername)
+ userId = res.userId
+ userPassword = res.password
+ userToken = res.token
})
it('Should not add the header on login if two factor is not enabled', async function () {
- const { res, token } = await login({ server })
+ const { res, token } = await login({ server, username: userUsername, password: userPassword })
expect(res.header['x-peertube-otp']).to.not.exist
})
it('Should request two factor and get the secret and uri', async function () {
- const { otpRequest } = await server.twoFactor.request({
- userId: rootId,
- currentPassword: server.store.user.password
- })
+ const { otpRequest } = await server.twoFactor.request({ userId, token: userToken, currentPassword: userPassword })
expect(otpRequest.requestToken).to.exist
})
it('Should not have two factor confirmed yet', async function () {
- const { twoFactorEnabled } = await server.users.getMyInfo()
+ const { twoFactorEnabled } = await server.users.getMyInfo({ token: userToken })
expect(twoFactorEnabled).to.be.false
})
it('Should confirm two factor', async function () {
await server.twoFactor.confirmRequest({
- userId: rootId,
+ userId,
+ token: userToken,
otpToken: TwoFactorCommand.buildOTP({ secret: otpSecret }).generate(),
requestToken
})
})
it('Should not add the header on login if two factor is enabled and password is incorrect', async function () {
- const { res, token } = await login({ server, password: 'fake', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+ const { res, token } = await login({ server, username: userUsername, password: 'fake', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
expect(res.header['x-peertube-otp']).to.not.exist
expect(token).to.not.exist
})
it('Should add the header on login if two factor is enabled and password is correct', async function () {
- const { res, token } = await login({ server, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
+ const { res, token } = await login({
+ server,
+ username: userUsername,
+ password: userPassword,
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+ })
expect(res.header['x-peertube-otp']).to.exist
expect(token).to.not.exist
it('Should not login with correct password and incorrect otp secret', async function () {
const otp = TwoFactorCommand.buildOTP({ secret: 'a'.repeat(32) })
- const { res, token } = await login({ server, otpToken: otp.generate(), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+ const { res, token } = await login({
+ server,
+ username: userUsername,
+ password: userPassword,
+ otpToken: otp.generate(),
+ expectedStatus: HttpStatusCode.BAD_REQUEST_400
+ })
expect(res.header['x-peertube-otp']).to.not.exist
expect(token).to.not.exist
})
it('Should not login with correct password and incorrect otp code', async function () {
- const { res, token } = await login({ server, otpToken: '123456', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+ const { res, token } = await login({
+ server,
+ username: userUsername,
+ password: userPassword,
+ otpToken: '123456',
+ expectedStatus: HttpStatusCode.BAD_REQUEST_400
+ })
expect(res.header['x-peertube-otp']).to.not.exist
expect(token).to.not.exist
it('Should not login with incorrect password and correct otp code', async function () {
const otpToken = TwoFactorCommand.buildOTP({ secret: otpSecret }).generate()
- const { res, token } = await login({ server, password: 'fake', otpToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+ const { res, token } = await login({
+ server,
+ username: userUsername,
+ password: 'fake',
+ otpToken,
+ expectedStatus: HttpStatusCode.BAD_REQUEST_400
+ })
expect(res.header['x-peertube-otp']).to.not.exist
expect(token).to.not.exist
it('Should correctly login with correct password and otp code', async function () {
const otpToken = TwoFactorCommand.buildOTP({ secret: otpSecret }).generate()
- const { res, token } = await login({ server, otpToken })
+ const { res, token } = await login({ server, username: userUsername, password: userPassword, otpToken })
expect(res.header['x-peertube-otp']).to.not.exist
expect(token).to.exist
})
it('Should have two factor enabled when getting my info', async function () {
- const { twoFactorEnabled } = await server.users.getMyInfo()
+ const { twoFactorEnabled } = await server.users.getMyInfo({ token: userToken })
expect(twoFactorEnabled).to.be.true
})
it('Should disable two factor and be able to login without otp token', async function () {
- await server.twoFactor.disable({ userId: rootId, currentPassword: server.store.user.password })
+ await server.twoFactor.disable({ userId, token: userToken, currentPassword: userPassword })
- const { res, token } = await login({ server })
+ const { res, token } = await login({ server, username: userUsername, password: userPassword })
expect(res.header['x-peertube-otp']).to.not.exist
await server.users.getMyInfo({ token })
})
it('Should have two factor disabled when getting my info', async function () {
- const { twoFactorEnabled } = await server.users.getMyInfo()
+ const { twoFactorEnabled } = await server.users.getMyInfo({ token: userToken })
+ expect(twoFactorEnabled).to.be.false
+ })
+
+ it('Should enable two factor auth without password from an admin', async function () {
+ const { otpRequest } = await server.twoFactor.request({ userId })
+
+ await server.twoFactor.confirmRequest({
+ userId,
+ otpToken: TwoFactorCommand.buildOTP({ secret: otpRequest.secret }).generate(),
+ requestToken: otpRequest.requestToken
+ })
+
+ const { twoFactorEnabled } = await server.users.getMyInfo({ token: userToken })
+ expect(twoFactorEnabled).to.be.true
+ })
+
+ it('Should disable two factor auth without password from an admin', async function () {
+ await server.twoFactor.disable({ userId })
+
+ const { twoFactorEnabled } = await server.users.getMyInfo({ token: userToken })
expect(twoFactorEnabled).to.be.false
})