git.squeep.com Git - akkoma/blob - test/pleroma/web/twitter_api/password_controller_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.TwitterAPI.PasswordControllerTest do
   6   use Pleroma.Web.ConnCase
   7
   8   alias Pleroma.PasswordResetToken
   9   alias Pleroma.User
  10   alias Pleroma.Web.OAuth.Token
  11   import Pleroma.Factory
  12
  13   describe "GET /api/pleroma/password_reset/token" do
  14     test "it returns error when token invalid", %{conn: conn} do
  15       response =
  16         conn
  17         |> get("/api/pleroma/password_reset/token")
  18         |> html_response(:ok)
  19
  20       assert response =~ "<h2>Invalid Token</h2>"
  21     end
  22
  23     test "it shows password reset form", %{conn: conn} do
  24       user = insert(:user)
  25       {:ok, token} = PasswordResetToken.create_token(user)
  26
  27       response =
  28         conn
  29         |> get("/api/pleroma/password_reset/#{token.token}")
  30         |> html_response(:ok)
  31
  32       assert response =~ "<h2>Password Reset for #{user.nickname}</h2>"
  33     end
  34
  35     test "it returns an error when the token has expired", %{conn: conn} do
  36       clear_config([:instance, :password_reset_token_validity], 0)
  37
  38       user = insert(:user)
  39       {:ok, token} = PasswordResetToken.create_token(user)
  40
  41       :timer.sleep(2000)
  42
  43       response =
  44         conn
  45         |> get("/api/pleroma/password_reset/#{token.token}")
  46         |> html_response(:ok)
  47
  48       assert response =~ "<h2>Invalid Token</h2>"
  49     end
  50   end
  51
  52   describe "POST /api/pleroma/password_reset" do
  53     test "it fails for an expired token", %{conn: conn} do
  54       clear_config([:instance, :password_reset_token_validity], 0)
  55
  56       user = insert(:user)
  57       {:ok, token} = PasswordResetToken.create_token(user)
  58       :timer.sleep(2000)
  59       {:ok, _access_token} = Token.create(insert(:oauth_app), user, %{})
  60
  61       params = %{
  62         "password" => "test",
  63         password_confirmation: "test",
  64         token: token.token
  65       }
  66
  67       response =
  68         conn
  69         |> assign(:user, user)
  70         |> post("/api/pleroma/password_reset", %{data: params})
  71         |> html_response(:ok)
  72
  73       refute response =~ "<h2>Password changed!</h2>"
  74     end
  75
  76     test "it returns HTTP 200", %{conn: conn} do
  77       user = insert(:user)
  78       {:ok, token} = PasswordResetToken.create_token(user)
  79       {:ok, _access_token} = Token.create(insert(:oauth_app), user, %{})
  80
  81       params = %{
  82         "password" => "test",
  83         password_confirmation: "test",
  84         token: token.token
  85       }
  86
  87       response =
  88         conn
  89         |> assign(:user, user)
  90         |> post("/api/pleroma/password_reset", %{data: params})
  91         |> html_response(:ok)
  92
  93       assert response =~ "<h2>Password changed!</h2>"
  94
  95       user = refresh_record(user)
  96       assert Pbkdf2.verify_pass("test", user.password_hash)
  97       assert Enum.empty?(Token.get_user_tokens(user))
  98     end
  99
 100     test "it sets password_reset_pending to false", %{conn: conn} do
 101       user = insert(:user, password_reset_pending: true)
 102
 103       {:ok, token} = PasswordResetToken.create_token(user)
 104       {:ok, _access_token} = Token.create(insert(:oauth_app), user, %{})
 105
 106       params = %{
 107         "password" => "test",
 108         password_confirmation: "test",
 109         token: token.token
 110       }
 111
 112       conn
 113       |> assign(:user, user)
 114       |> post("/api/pleroma/password_reset", %{data: params})
 115       |> html_response(:ok)
 116
 117       assert User.get_by_id(user.id).password_reset_pending == false
 118     end
 119   end
 120 end