add user account email verificiation (#977)

* add user account email verificiation includes server and client code to: * enable verificationRequired via custom config * send verification email with registration * ask for verification email * verify via email * prevent login if not verified and required * conditional client links to ask for new verification email * allow login for verified=null these are users created when verification not required should still be able to login when verification is enabled * refactor email verifcation pr * change naming from verified to emailVerified * change naming from askVerifyEmail to askSendVerifyEmail * undo unrelated automatic prettier formatting on api/config * use redirectService for home * remove redundant success notification on email verified * revert test.yaml smpt host
author: Josh Morel <morel.josh@hotmail.com> 2018-08-31 03:18:19 -0400
committer: Chocobozzz <me@florianbigard.com> 2018-08-31 09:18:19 +0200
commit: d9eaee3939bf2e93e5d775d32bce77842201faba (patch)
tree: c115acb3611986b98f51b3addf29ebe66f63ee7f /server/tests/api/users
parent: 04291e1ba44032165388758e993d385a10c1c5a1 (diff)
download: PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.tar.gz
PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.tar.zst
PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.zip
3 files changed, 135 insertions, 1 deletions
diff --git a/server/tests/api/users/index.ts b/server/tests/api/users/index.ts
index 4ce87fb91..21d75da3e 100644
--- a/server/tests/api/users/index.ts
+++ b/server/tests/api/users/index.ts
@@ -1,3 +1,4 @@
 import './user-subscriptions'
 import './users'
+import './users-verification'
 import './users-multiple-servers'
diff --git a/server/tests/api/users/users-verification.ts b/server/tests/api/users/users-verification.ts
new file mode 100644
index 000000000..fa5f5e371
--- /dev/null
+++ b/server/tests/api/users/users-verification.ts
@@ -0,0 +1,133 @@
+/* tslint:disable:no-unused-expression */
+import * as chai from 'chai'
+import 'mocha'
+import {
+  registerUser, flushTests, getUserInformation, getMyUserInformation, killallServers,
+  userLogin, login, runServer, ServerInfo, verifyEmail, updateCustomSubConfig
+} from '../../utils'
+import { setAccessTokensToServers } from '../../utils/users/login'
+import { mockSmtpServer } from '../../utils/miscs/email'
+import { waitJobs } from '../../utils/server/jobs'
+const expect = chai.expect
+describe('Test users account verification', function () {
+  let server: ServerInfo
+  let userId: number
+  let verificationString: string
+  let expectedEmailsLength = 0
+  const user1 = {
+    username: 'user_1',
+    password: 'super password'
+  }
+  const user2 = {
+    username: 'user_2',
+    password: 'super password'
+  }
+  const emails: object[] = []
+  before(async function () {
+    this.timeout(30000)
+    await mockSmtpServer(emails)
+    await flushTests()
+    const overrideConfig = {
+      smtp: {
+        hostname: 'localhost'
+      }
+    }
+    server = await runServer(1, overrideConfig)
+    await setAccessTokensToServers([ server ])
+  })
+  it('Should register user and send verification email if verification required', async function () {
+    this.timeout(5000)
+    await updateCustomSubConfig(server.url, server.accessToken, {
+      signup: {
+        enabled: true,
+        requiresEmailVerification: true,
+        limit: 10
+      }
+    })
+    await registerUser(server.url, user1.username, user1.password)
+    await waitJobs(server)
+    expectedEmailsLength++
+    expect(emails).to.have.lengthOf(expectedEmailsLength)
+    const email = emails[expectedEmailsLength - 1]
+    const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
+    expect(verificationStringMatches).not.to.be.null
+    verificationString = verificationStringMatches[1]
+    expect(verificationString).to.have.length.above(2)
+    const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
+    expect(userIdMatches).not.to.be.null
+    userId = parseInt(userIdMatches[1], 10)
+    const resUserInfo = await getUserInformation(server.url, server.accessToken, userId)
+    expect(resUserInfo.body.emailVerified).to.be.false
+  })
+  it('Should not allow login for user with unverified email', async function () {
+    const resLogin = await login(server.url, server.client, user1, 400)
+    expect(resLogin.body.error).to.contain('User email is not verified.')
+  })
+  it('Should verify the user via email and allow login', async function () {
+    await verifyEmail(server.url, userId, verificationString)
+    await login(server.url, server.client, user1)
+    const resUserVerified = await getUserInformation(server.url, server.accessToken, userId)
+    expect(resUserVerified.body.emailVerified).to.be.true
+  })
+  it('Should register user not requiring email verification if setting not enabled', async function () {
+    this.timeout(5000)
+    await updateCustomSubConfig(server.url, server.accessToken, {
+      signup: {
+        enabled: true,
+        requiresEmailVerification: false,
+        limit: 10
+      }
+    })
+    await registerUser(server.url, user2.username, user2.password)
+    await waitJobs(server)
+    expect(emails).to.have.lengthOf(expectedEmailsLength)
+    const accessToken = await userLogin(server, user2)
+    const resMyUserInfo = await getMyUserInformation(server.url, accessToken)
+    expect(resMyUserInfo.body.emailVerified).to.be.null
+  })
+  it('Should allow login for user with unverified email when setting later enabled', async function () {
+    await updateCustomSubConfig(server.url, server.accessToken, {
+      signup: {
+        enabled: true,
+        requiresEmailVerification: true,
+        limit: 10
+      }
+    })
+    await userLogin(server, user2)
+  })
+  after(async function () {
+    killallServers([ server ])
+    // Keep the logs if the test failed
+    if (this[ 'ok' ]) {
+      await flushTests()
+    }
+  })
+})
diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts
index 04dcc8fd1..c0dd587ee 100644
--- a/server/tests/api/users/users.ts
+++ b/server/tests/api/users/users.ts
@@ -7,7 +7,7 @@ import {
  createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating,
  getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo,
  registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin,
-  deleteMe, blockUser, unblockUser
+  deleteMe, blockUser, unblockUser, updateCustomSubConfig
 } from '../../utils/index'
 import { follow } from '../../utils/server/follows'
 import { setAccessTokensToServers } from '../../utils/users/login'
author	Josh Morel <morel.josh@hotmail.com>	2018-08-31 03:18:19 -0400
committer	Chocobozzz <me@florianbigard.com>	2018-08-31 09:18:19 +0200
commit	d9eaee3939bf2e93e5d775d32bce77842201faba (patch)
tree	c115acb3611986b98f51b3addf29ebe66f63ee7f /server/tests/api/users
parent	04291e1ba44032165388758e993d385a10c1c5a1 (diff)
download	PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.tar.gz PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.tar.zst PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.zip

diff --git a/server/tests/api/users/index.ts b/server/tests/api/users/index.ts index 4ce87fb91..21d75da3e 100644 --- a/server/tests/api/users/index.ts +++ b/server/tests/api/users/index.ts
@@ -1,3 +1,4 @@
1	import './user-subscriptions'	1	import './user-subscriptions'
2	import './users'	2	import './users'
		3	import './users-verification'
3	import './users-multiple-servers'	4	import './users-multiple-servers'


diff --git a/server/tests/api/users/users-verification.ts b/server/tests/api/users/users-verification.ts new file mode 100644 index 000000000..fa5f5e371 --- /dev/null +++ b/server/tests/api/users/users-verification.ts
@@ -0,0 +1,133 @@
		1	/* tslint:disable:no-unused-expression */
		2
		3	import * as chai from 'chai'
		4	import 'mocha'
		5	import {
		6	registerUser, flushTests, getUserInformation, getMyUserInformation, killallServers,
		7	userLogin, login, runServer, ServerInfo, verifyEmail, updateCustomSubConfig
		8	} from '../../utils'
		9	import { setAccessTokensToServers } from '../../utils/users/login'
		10	import { mockSmtpServer } from '../../utils/miscs/email'
		11	import { waitJobs } from '../../utils/server/jobs'
		12
		13	const expect = chai.expect
		14
		15	describe('Test users account verification', function () {
		16	let server: ServerInfo
		17	let userId: number
		18	let verificationString: string
		19	let expectedEmailsLength = 0
		20	const user1 = {
		21	username: 'user_1',
		22	password: 'super password'
		23	}
		24	const user2 = {
		25	username: 'user_2',
		26	password: 'super password'
		27	}
		28	const emails: object[] = []
		29
		30	before(async function () {
		31	this.timeout(30000)
		32
		33	await mockSmtpServer(emails)
		34
		35	await flushTests()
		36
		37	const overrideConfig = {
		38	smtp: {
		39	hostname: 'localhost'
		40	}
		41	}
		42	server = await runServer(1, overrideConfig)
		43
		44	await setAccessTokensToServers([ server ])
		45	})
		46
		47	it('Should register user and send verification email if verification required', async function () {
		48	this.timeout(5000)
		49	await updateCustomSubConfig(server.url, server.accessToken, {
		50	signup: {
		51	enabled: true,
		52	requiresEmailVerification: true,
		53	limit: 10
		54	}
		55	})
		56
		57	await registerUser(server.url, user1.username, user1.password)
		58
		59	await waitJobs(server)
		60	expectedEmailsLength++
		61	expect(emails).to.have.lengthOf(expectedEmailsLength)
		62
		63	const email = emails[expectedEmailsLength - 1]
		64
		65	const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
		66	expect(verificationStringMatches).not.to.be.null
		67
		68	verificationString = verificationStringMatches[1]
		69	expect(verificationString).to.have.length.above(2)
		70
		71	const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
		72	expect(userIdMatches).not.to.be.null
		73
		74	userId = parseInt(userIdMatches[1], 10)
		75
		76	const resUserInfo = await getUserInformation(server.url, server.accessToken, userId)
		77	expect(resUserInfo.body.emailVerified).to.be.false
		78	})
		79
		80	it('Should not allow login for user with unverified email', async function () {
		81	const resLogin = await login(server.url, server.client, user1, 400)
		82	expect(resLogin.body.error).to.contain('User email is not verified.')
		83	})
		84
		85	it('Should verify the user via email and allow login', async function () {
		86	await verifyEmail(server.url, userId, verificationString)
		87	await login(server.url, server.client, user1)
		88	const resUserVerified = await getUserInformation(server.url, server.accessToken, userId)
		89	expect(resUserVerified.body.emailVerified).to.be.true
		90	})
		91
		92	it('Should register user not requiring email verification if setting not enabled', async function () {
		93	this.timeout(5000)
		94	await updateCustomSubConfig(server.url, server.accessToken, {
		95	signup: {
		96	enabled: true,
		97	requiresEmailVerification: false,
		98	limit: 10
		99	}
		100	})
		101
		102	await registerUser(server.url, user2.username, user2.password)
		103
		104	await waitJobs(server)
		105	expect(emails).to.have.lengthOf(expectedEmailsLength)
		106
		107	const accessToken = await userLogin(server, user2)
		108
		109	const resMyUserInfo = await getMyUserInformation(server.url, accessToken)
		110	expect(resMyUserInfo.body.emailVerified).to.be.null
		111	})
		112
		113	it('Should allow login for user with unverified email when setting later enabled', async function () {
		114	await updateCustomSubConfig(server.url, server.accessToken, {
		115	signup: {
		116	enabled: true,
		117	requiresEmailVerification: true,
		118	limit: 10
		119	}
		120	})
		121
		122	await userLogin(server, user2)
		123	})
		124
		125	after(async function () {
		126	killallServers([ server ])
		127
		128	// Keep the logs if the test failed
		129	if (this[ 'ok' ]) {
		130	await flushTests()
		131	}
		132	})
		133	})


diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts index 04dcc8fd1..c0dd587ee 100644 --- a/server/tests/api/users/users.ts +++ b/server/tests/api/users/users.ts
@@ -7,7 +7,7 @@ import {
7	createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating,	7	createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating,
8	getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo,	8	getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo,
9	registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin,	9	registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin,
10	deleteMe, blockUser, unblockUser	10	deleteMe, blockUser, unblockUser, updateCustomSubConfig
11	} from '../../utils/index'	11	} from '../../utils/index'
12	import { follow } from '../../utils/server/follows'	12	import { follow } from '../../utils/server/follows'
13	import { setAccessTokensToServers } from '../../utils/users/login'	13	import { setAccessTokensToServers } from '../../utils/users/login'