mirror of
https://github.com/dnote/dnote
synced 2026-03-14 22:45:50 +01:00
Test password update
This commit is contained in:
Sung Won Cho
parent
529e8e7dea
commit
f265e2a1fe
1 changed files with 132 additions and 1 deletions
|
|
@ -139,7 +139,7 @@ func TestJoin(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestJoniError(t *testing.T) {
|
||||
func TestJoinError(t *testing.T) {
|
||||
t.Run("missing email", func(t *testing.T) {
|
||||
defer testutils.ClearData(testutils.DB)
|
||||
|
||||
|
|
@ -935,3 +935,134 @@ func TestCreateResetToken(t *testing.T) {
|
|||
assert.Equal(t, tokenCount, 0, "reset_token count mismatch")
|
||||
})
|
||||
}
|
||||
|
||||
func TestUpdatePassword(t *testing.T) {
|
||||
t.Run("success", func(t *testing.T) {
|
||||
defer testutils.ClearData(testutils.DB)
|
||||
|
||||
// Setup
|
||||
server := MustNewServer(t, &app.App{
|
||||
Clock: clock.NewMock(),
|
||||
Config: config.Config{
|
||||
PageTemplateDir: "../views",
|
||||
},
|
||||
})
|
||||
defer server.Close()
|
||||
|
||||
user := testutils.SetupUserData()
|
||||
testutils.SetupAccountData(user, "alice@example.com", "oldpassword")
|
||||
|
||||
// Execute
|
||||
dat := url.Values{}
|
||||
dat.Set("old_password", "oldpassword")
|
||||
dat.Set("new_password", "newpassword")
|
||||
dat.Set("new_password_confirmation", "newpassword")
|
||||
req := testutils.MakeFormReq(server.URL, "PATCH", "/account/password", dat)
|
||||
|
||||
res := testutils.HTTPAuthDo(t, req, user)
|
||||
|
||||
// Test
|
||||
assert.StatusCodeEquals(t, res, http.StatusFound, "Status code mismsatch")
|
||||
|
||||
var account database.Account
|
||||
testutils.MustExec(t, testutils.DB.Where("user_id = ?", user.ID).First(&account), "finding account")
|
||||
|
||||
passwordErr := bcrypt.CompareHashAndPassword([]byte(account.Password.String), []byte("newpassword"))
|
||||
assert.Equal(t, passwordErr, nil, "Password mismatch")
|
||||
})
|
||||
|
||||
t.Run("old password mismatch", func(t *testing.T) {
|
||||
defer testutils.ClearData(testutils.DB)
|
||||
// Setup
|
||||
server := MustNewServer(t, &app.App{
|
||||
Clock: clock.NewMock(),
|
||||
Config: config.Config{
|
||||
PageTemplateDir: "../views",
|
||||
},
|
||||
})
|
||||
defer server.Close()
|
||||
|
||||
u := testutils.SetupUserData()
|
||||
a := testutils.SetupAccountData(u, "alice@example.com", "oldpassword")
|
||||
|
||||
// Execute
|
||||
dat := url.Values{}
|
||||
dat.Set("old_password", "randompassword")
|
||||
dat.Set("new_password", "newpassword")
|
||||
dat.Set("new_password_confirmation", "newpassword")
|
||||
req := testutils.MakeFormReq(server.URL, "PATCH", "/account/password", dat)
|
||||
|
||||
res := testutils.HTTPAuthDo(t, req, u)
|
||||
|
||||
// Test
|
||||
assert.StatusCodeEquals(t, res, http.StatusUnauthorized, "Status code mismsatch")
|
||||
|
||||
var account database.Account
|
||||
testutils.MustExec(t, testutils.DB.Where("user_id = ?", u.ID).First(&account), "finding account")
|
||||
assert.Equal(t, a.Password.String, account.Password.String, "password should not have been updated")
|
||||
})
|
||||
|
||||
t.Run("password too short", func(t *testing.T) {
|
||||
defer testutils.ClearData(testutils.DB)
|
||||
|
||||
// Setup
|
||||
server := MustNewServer(t, &app.App{
|
||||
Clock: clock.NewMock(),
|
||||
Config: config.Config{
|
||||
PageTemplateDir: "../views",
|
||||
},
|
||||
})
|
||||
defer server.Close()
|
||||
|
||||
u := testutils.SetupUserData()
|
||||
a := testutils.SetupAccountData(u, "alice@example.com", "oldpassword")
|
||||
|
||||
// Execute
|
||||
dat := url.Values{}
|
||||
dat.Set("old_password", "oldpassword")
|
||||
dat.Set("new_password", "a")
|
||||
dat.Set("new_password_confirmation", "a")
|
||||
req := testutils.MakeFormReq(server.URL, "PATCH", "/account/password", dat)
|
||||
|
||||
res := testutils.HTTPAuthDo(t, req, u)
|
||||
|
||||
// Test
|
||||
assert.StatusCodeEquals(t, res, http.StatusBadRequest, "Status code mismsatch")
|
||||
|
||||
var account database.Account
|
||||
testutils.MustExec(t, testutils.DB.Where("user_id = ?", u.ID).First(&account), "finding account")
|
||||
assert.Equal(t, a.Password.String, account.Password.String, "password should not have been updated")
|
||||
})
|
||||
|
||||
t.Run("password confirmation mismatch", func(t *testing.T) {
|
||||
defer testutils.ClearData(testutils.DB)
|
||||
|
||||
// Setup
|
||||
server := MustNewServer(t, &app.App{
|
||||
Clock: clock.NewMock(),
|
||||
Config: config.Config{
|
||||
PageTemplateDir: "../views",
|
||||
},
|
||||
})
|
||||
defer server.Close()
|
||||
|
||||
u := testutils.SetupUserData()
|
||||
a := testutils.SetupAccountData(u, "alice@example.com", "oldpassword")
|
||||
|
||||
// Execute
|
||||
dat := url.Values{}
|
||||
dat.Set("old_password", "oldpassword")
|
||||
dat.Set("new_password", "newpassword1")
|
||||
dat.Set("new_password_confirmation", "newpassword2")
|
||||
req := testutils.MakeFormReq(server.URL, "PATCH", "/account/password", dat)
|
||||
|
||||
res := testutils.HTTPAuthDo(t, req, u)
|
||||
|
||||
// Test
|
||||
assert.StatusCodeEquals(t, res, http.StatusBadRequest, "Status code mismsatch")
|
||||
|
||||
var account database.Account
|
||||
testutils.MustExec(t, testutils.DB.Where("user_id = ?", u.ID).First(&account), "finding account")
|
||||
assert.Equal(t, a.Password.String, account.Password.String, "password should not have been updated")
|
||||
})
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue