aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/controllers/api/users.ts26
-rw-r--r--server/lib/emailer.ts14
-rw-r--r--server/middlewares/validators/users.ts2
-rw-r--r--server/tests/api/check-params/users.ts22
-rw-r--r--server/tests/api/index-fast.ts1
-rw-r--r--server/tests/api/server/email.ts94
-rw-r--r--server/tests/utils/miscs/email.ts25
-rw-r--r--server/tests/utils/users/users.ts26
8 files changed, 198 insertions, 12 deletions
diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts
index 05639fbec..6e5d09695 100644
--- a/server/controllers/api/users.ts
+++ b/server/controllers/api/users.ts
@@ -6,21 +6,35 @@ import { UserCreate, UserRight, UserRole, UserUpdate, UserUpdateMe, UserVideoRat
6import { unlinkPromise } from '../../helpers/core-utils' 6import { unlinkPromise } from '../../helpers/core-utils'
7import { retryTransactionWrapper } from '../../helpers/database-utils' 7import { retryTransactionWrapper } from '../../helpers/database-utils'
8import { logger } from '../../helpers/logger' 8import { logger } from '../../helpers/logger'
9import { createReqFiles, generateRandomString, getFormattedObjects } from '../../helpers/utils' 9import { createReqFiles, getFormattedObjects } from '../../helpers/utils'
10import { AVATAR_MIMETYPE_EXT, AVATARS_SIZE, CONFIG, sequelizeTypescript } from '../../initializers' 10import { AVATAR_MIMETYPE_EXT, AVATARS_SIZE, CONFIG, sequelizeTypescript } from '../../initializers'
11import { updateActorAvatarInstance } from '../../lib/activitypub' 11import { updateActorAvatarInstance } from '../../lib/activitypub'
12import { sendUpdateUser } from '../../lib/activitypub/send' 12import { sendUpdateUser } from '../../lib/activitypub/send'
13import { Emailer } from '../../lib/emailer' 13import { Emailer } from '../../lib/emailer'
14import { EmailPayload } from '../../lib/job-queue/handlers/email'
15import { Redis } from '../../lib/redis' 14import { Redis } from '../../lib/redis'
16import { createUserAccountAndChannel } from '../../lib/user' 15import { createUserAccountAndChannel } from '../../lib/user'
17import { 16import {
18 asyncMiddleware, authenticate, ensureUserHasRight, ensureUserRegistrationAllowed, paginationValidator, setDefaultSort, 17 asyncMiddleware,
19 setDefaultPagination, token, usersAddValidator, usersGetValidator, usersRegisterValidator, usersRemoveValidator, usersSortValidator, 18 authenticate,
20 usersUpdateMeValidator, usersUpdateValidator, usersVideoRatingValidator 19 ensureUserHasRight,
20 ensureUserRegistrationAllowed,
21 paginationValidator,
22 setDefaultPagination,
23 setDefaultSort,
24 token,
25 usersAddValidator,
26 usersGetValidator,
27 usersRegisterValidator,
28 usersRemoveValidator,
29 usersSortValidator,
30 usersUpdateMeValidator,
31 usersUpdateValidator,
32 usersVideoRatingValidator
21} from '../../middlewares' 33} from '../../middlewares'
22import { 34import {
23 usersAskResetPasswordValidator, usersResetPasswordValidator, usersUpdateMyAvatarValidator, 35 usersAskResetPasswordValidator,
36 usersResetPasswordValidator,
37 usersUpdateMyAvatarValidator,
24 videosSortValidator 38 videosSortValidator
25} from '../../middlewares/validators' 39} from '../../middlewares/validators'
26import { AccountVideoRateModel } from '../../models/account/account-video-rate' 40import { AccountVideoRateModel } from '../../models/account/account-video-rate'
diff --git a/server/lib/emailer.ts b/server/lib/emailer.ts
index f5b68640e..317cec706 100644
--- a/server/lib/emailer.ts
+++ b/server/lib/emailer.ts
@@ -29,15 +29,21 @@ class Emailer {
29 } 29 }
30 } 30 }
31 31
32 let auth
33 if (CONFIG.SMTP.USERNAME && CONFIG.SMTP.PASSWORD) {
34 auth = {
35 user: CONFIG.SMTP.USERNAME,
36 pass: CONFIG.SMTP.PASSWORD
37 }
38 }
39
32 this.transporter = createTransport({ 40 this.transporter = createTransport({
33 host: CONFIG.SMTP.HOSTNAME, 41 host: CONFIG.SMTP.HOSTNAME,
34 port: CONFIG.SMTP.PORT, 42 port: CONFIG.SMTP.PORT,
35 secure: CONFIG.SMTP.TLS, 43 secure: CONFIG.SMTP.TLS,
44 ignoreTLS: isTestInstance(),
36 tls, 45 tls,
37 auth: { 46 auth
38 user: CONFIG.SMTP.USERNAME,
39 pass: CONFIG.SMTP.PASSWORD
40 }
41 }) 47 })
42 } else { 48 } else {
43 if (!isTestInstance()) { 49 if (!isTestInstance()) {
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 5f44c3b99..cba15c8d3 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -210,7 +210,7 @@ const usersResetPasswordValidator = [
210 return res 210 return res
211 .status(403) 211 .status(403)
212 .send({ error: 'Invalid verification string.' }) 212 .send({ error: 'Invalid verification string.' })
213 .end 213 .end()
214 } 214 }
215 215
216 return next() 216 return next()
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 28fefe79f..0fbc414c9 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -541,6 +541,28 @@ describe('Test users API validators', function () {
541 }) 541 })
542 }) 542 })
543 543
544 describe('When asking a password reset', function () {
545 const path = '/api/v1/users/ask-reset-password'
546
547 it('Should fail with a missing email', async function () {
548 const fields = {}
549
550 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
551 })
552
553 it('Should fail with an invalid email', async function () {
554 const fields = { email: 'hello' }
555
556 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
557 })
558
559 it('Should success with the correct params', async function () {
560 const fields = { email: 'admin@example.com' }
561
562 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
563 })
564 })
565
544 after(async function () { 566 after(async function () {
545 killallServers([ server, serverWithRegistrationDisabled ]) 567 killallServers([ server, serverWithRegistrationDisabled ])
546 568
diff --git a/server/tests/api/index-fast.ts b/server/tests/api/index-fast.ts
index e591d0fd2..9f52310dd 100644
--- a/server/tests/api/index-fast.ts
+++ b/server/tests/api/index-fast.ts
@@ -9,3 +9,4 @@ import './videos/video-blacklist-management'
9import './videos/video-description' 9import './videos/video-description'
10import './videos/video-privacy' 10import './videos/video-privacy'
11import './videos/services' 11import './videos/services'
12import './server/email'
diff --git a/server/tests/api/server/email.ts b/server/tests/api/server/email.ts
new file mode 100644
index 000000000..8eb9c0fa4
--- /dev/null
+++ b/server/tests/api/server/email.ts
@@ -0,0 +1,94 @@
1/* tslint:disable:no-unused-expression */
2
3import * as chai from 'chai'
4import 'mocha'
5import { askResetPassword, createUser, resetPassword, runServer, userLogin, wait } from '../../utils'
6import { flushTests, killallServers, ServerInfo, setAccessTokensToServers } from '../../utils/index'
7import { mockSmtpServer } from '../../utils/miscs/email'
8
9const expect = chai.expect
10
11describe('Test emails', function () {
12 let server: ServerInfo
13 let userId: number
14 let verificationString: string
15 const emails: object[] = []
16 const user = {
17 username: 'user_1',
18 password: 'super_password'
19 }
20
21 before(async function () {
22 this.timeout(30000)
23
24 await mockSmtpServer(emails)
25
26 await flushTests()
27
28 const overrideConfig = {
29 smtp: {
30 hostname: 'localhost'
31 }
32 }
33 server = await runServer(1, overrideConfig)
34
35 await wait(5000)
36 await setAccessTokensToServers([ server ])
37
38 const res = await createUser(server.url, server.accessToken, user.username, user.password)
39 userId = res.body.user.id
40 })
41
42 describe('When resetting user password', function () {
43
44 it('Should ask to reset the password', async function () {
45 this.timeout(10000)
46
47 await askResetPassword(server.url, 'user_1@example.com')
48
49 await wait(3000)
50 expect(emails).to.have.lengthOf(1)
51
52 const email = emails[0]
53
54 expect(email['from'][0]['address']).equal('test-admin@localhost')
55 expect(email['to'][0]['address']).equal('user_1@example.com')
56 expect(email['subject']).contains('password')
57
58 const verificationStringMatches = /verificationString=([a-z0-9]+)/.exec(email['text'])
59 expect(verificationStringMatches).not.to.be.null
60
61 verificationString = verificationStringMatches[1]
62 expect(verificationString).to.have.length.above(2)
63
64 const userIdMatches = /userId=([0-9]+)/.exec(email['text'])
65 expect(userIdMatches).not.to.be.null
66
67 userId = parseInt(userIdMatches[1], 10)
68 expect(verificationString).to.not.be.undefined
69 })
70
71 it('Should not reset the password with an invalid verification string', async function () {
72 await resetPassword(server.url, userId, verificationString + 'b', 'super_password2', 403)
73 })
74
75 it('Should reset the password', async function () {
76 await resetPassword(server.url, userId, verificationString, 'super_password2')
77 })
78
79 it('Should login with this new password', async function () {
80 user.password = 'super_password2'
81
82 await userLogin(server, user)
83 })
84 })
85
86 after(async function () {
87 killallServers([ server ])
88
89 // Keep the logs if the test failed
90 if (this['ok']) {
91 await flushTests()
92 }
93 })
94})
diff --git a/server/tests/utils/miscs/email.ts b/server/tests/utils/miscs/email.ts
new file mode 100644
index 000000000..21accd09d
--- /dev/null
+++ b/server/tests/utils/miscs/email.ts
@@ -0,0 +1,25 @@
1import * as MailDev from 'maildev'
2
3function mockSmtpServer (emailsCollection: object[]) {
4 const maildev = new MailDev({
5 ip: '127.0.0.1',
6 smtp: 1025,
7 disableWeb: true,
8 silent: true
9 })
10 maildev.on('new', email => emailsCollection.push(email))
11
12 return new Promise((res, rej) => {
13 maildev.listen(err => {
14 if (err) return rej(err)
15
16 return res()
17 })
18 })
19}
20
21// ---------------------------------------------------------------------------
22
23export {
24 mockSmtpServer
25}
diff --git a/server/tests/utils/users/users.ts b/server/tests/utils/users/users.ts
index 25351e2c7..9e33e6796 100644
--- a/server/tests/utils/users/users.ts
+++ b/server/tests/utils/users/users.ts
@@ -1,6 +1,6 @@
1import { isAbsolute, join } from 'path' 1import { isAbsolute, join } from 'path'
2import * as request from 'supertest' 2import * as request from 'supertest'
3import { makePostUploadRequest, makePutBodyRequest } from '../' 3import { makePostBodyRequest, makePostUploadRequest, makePutBodyRequest } from '../'
4 4
5import { UserRole } from '../../../../shared/index' 5import { UserRole } from '../../../../shared/index'
6 6
@@ -196,6 +196,28 @@ function updateUser (options: {
196 }) 196 })
197} 197}
198 198
199function askResetPassword (url: string, email: string) {
200 const path = '/api/v1/users/ask-reset-password'
201
202 return makePostBodyRequest({
203 url,
204 path,
205 fields: { email },
206 statusCodeExpected: 204
207 })
208}
209
210function resetPassword (url: string, userId: number, verificationString: string, password: string, statusCodeExpected = 204) {
211 const path = '/api/v1/users/' + userId + '/reset-password'
212
213 return makePostBodyRequest({
214 url,
215 path,
216 fields: { password, verificationString },
217 statusCodeExpected
218 })
219}
220
199// --------------------------------------------------------------------------- 221// ---------------------------------------------------------------------------
200 222
201export { 223export {
@@ -210,5 +232,7 @@ export {
210 updateUser, 232 updateUser,
211 updateMyUser, 233 updateMyUser,
212 getUserInformation, 234 getUserInformation,
235 askResetPassword,
236 resetPassword,
213 updateMyAvatar 237 updateMyAvatar
214} 238}