From e9c5f123383e461a890c95368dce6f79d3b84660 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Wed, 12 Aug 2020 09:15:31 +0200 Subject: Do not reuse reset password links --- server/tests/api/server/email.ts | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'server/tests') diff --git a/server/tests/api/server/email.ts b/server/tests/api/server/email.ts index b01a91d48..05c89d2a3 100644 --- a/server/tests/api/server/email.ts +++ b/server/tests/api/server/email.ts @@ -123,6 +123,10 @@ describe('Test emails', function () { await resetPassword(server.url, userId, verificationString, 'super_password2') }) + it('Should not reset the password with the same verification string', async function () { + await resetPassword(server.url, userId, verificationString, 'super_password3', 403) + }) + it('Should login with this new password', async function () { user.password = 'super_password2' -- cgit v1.2.3