diff options
author | Josh Morel <morel.josh@hotmail.com> | 2018-08-31 03:18:19 -0400 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-08-31 09:18:19 +0200 |
commit | d9eaee3939bf2e93e5d775d32bce77842201faba (patch) | |
tree | c115acb3611986b98f51b3addf29ebe66f63ee7f /server/tests/api/users | |
parent | 04291e1ba44032165388758e993d385a10c1c5a1 (diff) | |
download | PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.tar.gz PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.tar.zst PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.zip |
add user account email verificiation (#977)
* add user account email verificiation
includes server and client code to:
* enable verificationRequired via custom config
* send verification email with registration
* ask for verification email
* verify via email
* prevent login if not verified and required
* conditional client links to ask for new verification email
* allow login for verified=null
these are users created when verification not required
should still be able to login when verification is enabled
* refactor email verifcation pr
* change naming from verified to emailVerified
* change naming from askVerifyEmail to askSendVerifyEmail
* undo unrelated automatic prettier formatting on api/config
* use redirectService for home
* remove redundant success notification on email verified
* revert test.yaml smpt host
Diffstat (limited to 'server/tests/api/users')
-rw-r--r-- | server/tests/api/users/index.ts | 1 | ||||
-rw-r--r-- | server/tests/api/users/users-verification.ts | 133 | ||||
-rw-r--r-- | server/tests/api/users/users.ts | 2 |
3 files changed, 135 insertions, 1 deletions
diff --git a/server/tests/api/users/index.ts b/server/tests/api/users/index.ts index 4ce87fb91..21d75da3e 100644 --- a/server/tests/api/users/index.ts +++ b/server/tests/api/users/index.ts | |||
@@ -1,3 +1,4 @@ | |||
1 | import './user-subscriptions' | 1 | import './user-subscriptions' |
2 | import './users' | 2 | import './users' |
3 | import './users-verification' | ||
3 | import './users-multiple-servers' | 4 | import './users-multiple-servers' |
diff --git a/server/tests/api/users/users-verification.ts b/server/tests/api/users/users-verification.ts new file mode 100644 index 000000000..fa5f5e371 --- /dev/null +++ b/server/tests/api/users/users-verification.ts | |||
@@ -0,0 +1,133 @@ | |||
1 | /* tslint:disable:no-unused-expression */ | ||
2 | |||
3 | import * as chai from 'chai' | ||
4 | import 'mocha' | ||
5 | import { | ||
6 | registerUser, flushTests, getUserInformation, getMyUserInformation, killallServers, | ||
7 | userLogin, login, runServer, ServerInfo, verifyEmail, updateCustomSubConfig | ||
8 | } from '../../utils' | ||
9 | import { setAccessTokensToServers } from '../../utils/users/login' | ||
10 | import { mockSmtpServer } from '../../utils/miscs/email' | ||
11 | import { waitJobs } from '../../utils/server/jobs' | ||
12 | |||
13 | const expect = chai.expect | ||
14 | |||
15 | describe('Test users account verification', function () { | ||
16 | let server: ServerInfo | ||
17 | let userId: number | ||
18 | let verificationString: string | ||
19 | let expectedEmailsLength = 0 | ||
20 | const user1 = { | ||
21 | username: 'user_1', | ||
22 | password: 'super password' | ||
23 | } | ||
24 | const user2 = { | ||
25 | username: 'user_2', | ||
26 | password: 'super password' | ||
27 | } | ||
28 | const emails: object[] = [] | ||
29 | |||
30 | before(async function () { | ||
31 | this.timeout(30000) | ||
32 | |||
33 | await mockSmtpServer(emails) | ||
34 | |||
35 | await flushTests() | ||
36 | |||
37 | const overrideConfig = { | ||
38 | smtp: { | ||
39 | hostname: 'localhost' | ||
40 | } | ||
41 | } | ||
42 | server = await runServer(1, overrideConfig) | ||
43 | |||
44 | await setAccessTokensToServers([ server ]) | ||
45 | }) | ||
46 | |||
47 | it('Should register user and send verification email if verification required', async function () { | ||
48 | this.timeout(5000) | ||
49 | await updateCustomSubConfig(server.url, server.accessToken, { | ||
50 | signup: { | ||
51 | enabled: true, | ||
52 | requiresEmailVerification: true, | ||
53 | limit: 10 | ||
54 | } | ||
55 | }) | ||
56 | |||
57 | await registerUser(server.url, user1.username, user1.password) | ||
58 | |||
59 | await waitJobs(server) | ||
60 | expectedEmailsLength++ | ||
61 | expect(emails).to.have.lengthOf(expectedEmailsLength) | ||
62 | |||
63 | const email = emails[expectedEmailsLength - 1] | ||
64 | |||
65 | const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text']) | ||
66 | expect(verificationStringMatches).not.to.be.null | ||
67 | |||
68 | verificationString = verificationStringMatches[1] | ||
69 | expect(verificationString).to.have.length.above(2) | ||
70 | |||
71 | const userIdMatches = /userId=([0-9]+)/.exec(email['text']) | ||
72 | expect(userIdMatches).not.to.be.null | ||
73 | |||
74 | userId = parseInt(userIdMatches[1], 10) | ||
75 | |||
76 | const resUserInfo = await getUserInformation(server.url, server.accessToken, userId) | ||
77 | expect(resUserInfo.body.emailVerified).to.be.false | ||
78 | }) | ||
79 | |||
80 | it('Should not allow login for user with unverified email', async function () { | ||
81 | const resLogin = await login(server.url, server.client, user1, 400) | ||
82 | expect(resLogin.body.error).to.contain('User email is not verified.') | ||
83 | }) | ||
84 | |||
85 | it('Should verify the user via email and allow login', async function () { | ||
86 | await verifyEmail(server.url, userId, verificationString) | ||
87 | await login(server.url, server.client, user1) | ||
88 | const resUserVerified = await getUserInformation(server.url, server.accessToken, userId) | ||
89 | expect(resUserVerified.body.emailVerified).to.be.true | ||
90 | }) | ||
91 | |||
92 | it('Should register user not requiring email verification if setting not enabled', async function () { | ||
93 | this.timeout(5000) | ||
94 | await updateCustomSubConfig(server.url, server.accessToken, { | ||
95 | signup: { | ||
96 | enabled: true, | ||
97 | requiresEmailVerification: false, | ||
98 | limit: 10 | ||
99 | } | ||
100 | }) | ||
101 | |||
102 | await registerUser(server.url, user2.username, user2.password) | ||
103 | |||
104 | await waitJobs(server) | ||
105 | expect(emails).to.have.lengthOf(expectedEmailsLength) | ||
106 | |||
107 | const accessToken = await userLogin(server, user2) | ||
108 | |||
109 | const resMyUserInfo = await getMyUserInformation(server.url, accessToken) | ||
110 | expect(resMyUserInfo.body.emailVerified).to.be.null | ||
111 | }) | ||
112 | |||
113 | it('Should allow login for user with unverified email when setting later enabled', async function () { | ||
114 | await updateCustomSubConfig(server.url, server.accessToken, { | ||
115 | signup: { | ||
116 | enabled: true, | ||
117 | requiresEmailVerification: true, | ||
118 | limit: 10 | ||
119 | } | ||
120 | }) | ||
121 | |||
122 | await userLogin(server, user2) | ||
123 | }) | ||
124 | |||
125 | after(async function () { | ||
126 | killallServers([ server ]) | ||
127 | |||
128 | // Keep the logs if the test failed | ||
129 | if (this[ 'ok' ]) { | ||
130 | await flushTests() | ||
131 | } | ||
132 | }) | ||
133 | }) | ||
diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts index 04dcc8fd1..c0dd587ee 100644 --- a/server/tests/api/users/users.ts +++ b/server/tests/api/users/users.ts | |||
@@ -7,7 +7,7 @@ import { | |||
7 | createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating, | 7 | createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating, |
8 | getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo, | 8 | getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo, |
9 | registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin, | 9 | registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin, |
10 | deleteMe, blockUser, unblockUser | 10 | deleteMe, blockUser, unblockUser, updateCustomSubConfig |
11 | } from '../../utils/index' | 11 | } from '../../utils/index' |
12 | import { follow } from '../../utils/server/follows' | 12 | import { follow } from '../../utils/server/follows' |
13 | import { setAccessTokensToServers } from '../../utils/users/login' | 13 | import { setAccessTokensToServers } from '../../utils/users/login' |