tested password reset, and fixed bugs

the-real-i9 · Feb 26, 2025 · e9cbfd5 · e9cbfd5
1 parent 9739c12
commit e9cbfd5
Show file tree

Hide file tree

Showing 5 changed files with 98 additions and 51 deletions.
diff --git a/src/controllers/auth/passwordReset.controllers.js b/src/controllers/auth/passwordReset.controllers.js
@@ -28,7 +28,7 @@ export const confirmEmail = async (req, res) => {
   const { token: inputToken } = req.body
 
   try {
-    if (req.session?.passwordReset) return res.status(401)
+    if (!req.session?.passwordReset) return res.sendStatus(401)
 
     const passwordResetSessionData = req.session.passwordReset
 
@@ -56,7 +56,7 @@ export const confirmEmail = async (req, res) => {
 
 export const resetPassword = async (req, res) => {
   try {
-    if (req.session?.passwordReset) return res.status(401)
+    if (!req.session?.passwordReset) return res.sendStatus(401)
 
     const { email } = req.session.passwordReset
 

diff --git a/src/controllers/auth/signup.controllers.js b/src/controllers/auth/signup.controllers.js
@@ -29,10 +29,6 @@ export const requestNewAccount = async (req, res) => {
   }
 }
 
-/**
- * @param {import("express").Request} req
- * @param {import("express").Response} res
- */
 export const verifyEmail = async (req, res) => {
   const { code: inputCode } = req.body
 
@@ -60,10 +56,6 @@ export const verifyEmail = async (req, res) => {
   }
 }
 
-/**
- * @param {import("express").Request} req
- * @param {import("express").Response} res
- */
 export const registerUser = async (req, res) => {
   try {
     if (!req.session?.signup) return res.sendStatus(401)

diff --git a/src/controllers/user.controllers.js b/src/controllers/user.controllers.js
@@ -13,15 +13,8 @@ export const getSessionUser = async (req, res) => {
   }
 }
 
-/**
- * 
- * @param {import("express").Request} req 
- * @param {} res 
- * @returns 
- */
 export const signout = async (req, res) => {
   try {
-
     req.session.destroy()
 
     return res.status(200).send("You've signed out!")
@@ -37,7 +30,10 @@ export const followUser = async (req, res) => {
 
     const { client_username } = req.auth
 
-    const resp = await userService.followUser(client_username, to_follow_username)
+    const resp = await userService.followUser(
+      client_username,
+      to_follow_username
+    )
 
     res.status(200).send(resp.data)
   } catch (error) {
@@ -67,8 +63,6 @@ export const editProfile = async (req, res) => {
 
     const { client_username } = req.auth
 
-
-
     const resp = await userService.editProfile(client_username, updateKVs)
 
     res.status(200).send(resp.data)

diff --git a/src/tests/auth.routes.test.js b/src/tests/auth.routes.test.js
@@ -1,5 +1,5 @@
 import request from "superwstest"
-import { afterAll, beforeAll, describe, expect, it } from "@jest/globals"
+import { afterAll, beforeAll, describe, expect, test } from "@jest/globals"
 
 import server from ".."
 import { neo4jDriver } from "../configs/db.js"
@@ -16,50 +16,51 @@ afterAll((done) => {
 
 const signupPath = "/api/auth/signup"
 const signinPath = "/api/auth/signin"
+const forgotPasswordPath = "/api/auth/forgot_password"
 const signoutPath = "/api/app/private/signout"
 
 describe("test user authentication", () => {
-  let sessionCookie = ""
+  let sessionCookie = []
 
-  it("User1 requests a new account", async () => {
+  test("User1 requests a new account", async () => {
     const res = await request(server)
       .post(`${signupPath}/request_new_account`)
       .send({ email: "suberu@gmail.com" })
 
     expect(res.status).toBe(200)
 
-    sessionCookie = res.headers["set-cookie"][0]
+    sessionCookie = res.headers["set-cookie"]
   })
 
-  it("User1 sends an incorrect email verf code", async () => {
-    const verfCode = Number(process.env.DUMMY_VERF_TOKEN)+1
+  test("User1 sends an incorrect email verf code", async () => {
+    const verfCode = Number(process.env.DUMMY_VERF_TOKEN) + 1
 
     const res = await request(server)
       .post(`${signupPath}/verify_email`)
-      .set("Cookie", [sessionCookie])
+      .set("Cookie", sessionCookie)
       .send({ code: verfCode })
 
     expect(res.status).toBe(400)
     expect(res.body).toHaveProperty("msg")
   })
 
-  it("User1 sends the correct email verf code", async () => {
+  test("User1 sends the correct email verf code", async () => {
     const verfCode = Number(process.env.DUMMY_VERF_TOKEN)
 
     const res = await request(server)
       .post(`${signupPath}/verify_email`)
-      .set("Cookie", [sessionCookie])
+      .set("Cookie", sessionCookie)
       .send({ code: verfCode })
 
     expect(res.status).toBe(200)
 
-    sessionCookie = res.headers["set-cookie"][0]
+    sessionCookie = res.headers["set-cookie"]
   })
 
-  it("User1 submits her credentials", async () => {
+  test("User1 submits her credentials", async () => {
     const res = await request(server)
       .post(`${signupPath}/register_user`)
-      .set("Cookie", [sessionCookie])
+      .set("Cookie", sessionCookie)
       .send({
         username: "suberu",
         name: "Suberu Garuda",
@@ -70,45 +71,105 @@ describe("test user authentication", () => {
 
     expect(res.status).toBe(201)
 
-    sessionCookie = res.headers["set-cookie"][0]
+    sessionCookie = res.headers["set-cookie"]
   })
 
-  it("User1 signs out", async () => {
+  test("User1 signs out", async () => {
     const res = await request(server)
-    .get(signoutPath)
-    .set("Cookie", [sessionCookie])
+      .get(signoutPath)
+      .set("Cookie", sessionCookie)
 
     expect(res.status).toBe(200)
   })
 
-  it("User1 signs in with incorrect credentials", async () => {
-    const res = await request(server)
-    .post(signinPath)
-    .send({
+  test("User1 signs in with incorrect credentials", async () => {
+    const res = await request(server).post(signinPath).send({
       email_or_username: "suberu@gmail.com",
       password: "millini",
     })
 
     expect(res.status).toBe(404)
   })
 
-  it("User1 signs in with correct credentials", async () => {
-    const res = await request(server)
-    .post(signinPath)
-    .send({
+  test("User1 signs in with correct credentials", async () => {
+    const res = await request(server).post(signinPath).send({
       email_or_username: "suberu@gmail.com",
       password: "sketeppy",
     })
 
     expect(res.status).toBe(200)
+
+    sessionCookie = res.headers["set-cookie"]
+  })
+
+  test("User1 signs out again", async () => {
+    const res = await request(server)
+      .get(signoutPath)
+      .set("Cookie", sessionCookie)
+
+    expect(res.status).toBe(200)
+  })
+
+  test("User1 requests password reset", async () => {
+    const res = await request(server)
+      .post(`${forgotPasswordPath}/request_password_reset`)
+      .send({ email: "suberu@gmail.com" })
+
+    expect(res.status).toBe(200)
+
+    sessionCookie = res.headers["set-cookie"]
+  })
+
+  test("User1 sends an incorrect email confirmation token", async () => {
+    const token = Number(process.env.DUMMY_VERF_TOKEN) + 1
+
+    const res = await request(server)
+      .post(`${forgotPasswordPath}/confirm_email`)
+      .set("Cookie", sessionCookie)
+      .send({ token })
+
+    expect(res.status).toBe(400)
+    expect(res.body).toHaveProperty("msg")
+  })
+
+  test("User1 sends the correct email confirmation token", async () => {
+    const token = Number(process.env.DUMMY_VERF_TOKEN)
+
+    const res = await request(server)
+      .post(`${forgotPasswordPath}/confirm_email`)
+      .set("Cookie", sessionCookie)
+      .send({ token })
+
+    expect(res.status).toBe(200)
+
+    sessionCookie = res.headers["set-cookie"]
+  })
+
+  test("User1 changes her password", async () => {
+    const res = await request(server)
+      .post(`${forgotPasswordPath}/reset_password`)
+      .set("Cookie", sessionCookie)
+      .send({ newPassword: "millinie", confirmNewPassword: "millinie" })
+
+
+
+    expect(res.status).toBe(200)
+  })
+
+  test("User1 signs in with new password", async () => {
+    const res = await request(server).post(signinPath).send({
+      email_or_username: "suberu",
+      password: "millinie",
+    })
+
+    expect(res.status).toBe(200)
   })
 
-  it("User2 requests a new account with already existing email", async () => {
+  test("User2 requests a new account with already existing email", async () => {
     const res = await request(server)
       .post(`${signupPath}/request_new_account`)
       .send({ email: "suberu@gmail.com" })
 
     expect(res.status).toBe(400)
   })
 })
-
diff --git a/src/validators/auth/passwordReset.validators.js b/src/validators/auth/passwordReset.validators.js
@@ -18,14 +18,14 @@ export const confirmEmail = [
   checkExact(
     checkSchema(
       {
-        code: {
+        token: {
           isNumeric: {
             options: { no_symbols: true },
             errorMessage: "invalid non-numeric code value",
           },
           isLength: {
             options: { min: 6, max: 6 },
-            errorMessage: "code must be 6 digits",
+            errorMessage: "token must be 6 digits",
           },
         },
       },
@@ -40,15 +40,15 @@ export const resetPassword = [
   checkExact(
     checkSchema(
       {
-        new_password: {
+        newPassword: {
           isLength: {
             options: { min: 8 },
             errorMessage: "password too short",
           },
         },
-        confirm_new_password: {
+        confirmNewPassword: {
           custom: {
-            options: (value, { req }) => value === req.body.new_password,
+            options: (value, { req }) => value === req.body.newPassword,
             errorMessage: "password mismatch",
           },
         },