logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git

auth_controller_test.exs (4762B)

    

  1. # Pleroma: A lightweight social networking server

  2. # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>

  3. # SPDX-License-Identifier: AGPL-3.0-only

  4. 

  5. defmodule Pleroma.Web.MastodonAPI.AuthControllerTest do

  6.   use Pleroma.Web.ConnCase, async: true

  7. 

  8.   alias Pleroma.Config

  9.   alias Pleroma.Repo

  10.   alias Pleroma.Tests.ObanHelpers

  11. 

  12.   import Pleroma.Factory

  13.   import Swoosh.TestAssertions

  14. 

  15.   describe "GET /web/login" do

  16.     setup %{conn: conn} do

  17.       session_opts = [

  18.         store: :cookie,

  19.         key: "_test",

  20.         signing_salt: "cooldude"

  21.       ]

  22. 

  23.       conn =

  24.         conn

  25.         |> Plug.Session.call(Plug.Session.init(session_opts))

  26.         |> fetch_session()

  27. 

  28.       test_path = "/web/statuses/test"

  29.       %{conn: conn, path: test_path}

  30.     end

  31. 

  32.     test "redirects to the saved path after log in", %{conn: conn, path: path} do

  33.       app = insert(:oauth_app, client_name: "Mastodon-Local", redirect_uris: ".")

  34.       auth = insert(:oauth_authorization, app: app)

  35. 

  36.       conn =

  37.         conn

  38.         |> put_session(:return_to, path)

  39.         |> get("/web/login", %{code: auth.token})

  40. 

  41.       assert conn.status == 302

  42.       assert redirected_to(conn) =~ path

  43.     end

  44. 

  45.     test "redirects to the getting-started page when referer is not present", %{conn: conn} do

  46.       app = insert(:oauth_app, client_name: "Mastodon-Local", redirect_uris: ".")

  47.       auth = insert(:oauth_authorization, app: app)

  48. 

  49.       conn = get(conn, "/web/login", %{code: auth.token})

  50. 

  51.       assert conn.status == 302

  52.       assert redirected_to(conn) =~ "/web/getting-started"

  53.     end

  54.   end

  55. 

  56.   describe "POST /auth/password, with valid parameters" do

  57.     setup %{conn: conn} do

  58.       user = insert(:user)

  59.       conn = post(conn, "/auth/password?email=#{user.email}")

  60.       %{conn: conn, user: user}

  61.     end

  62. 

  63.     test "it returns 204", %{conn: conn} do

  64.       assert empty_json_response(conn)

  65.     end

  66. 

  67.     test "it creates a PasswordResetToken record for user", %{user: user} do

  68.       token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)

  69.       assert token_record

  70.     end

  71. 

  72.     test "it sends an email to user", %{user: user} do

  73.       ObanHelpers.perform_all()

  74.       token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)

  75. 

  76.       email = Pleroma.Emails.UserEmail.password_reset_email(user, token_record.token)

  77.       notify_email = Config.get([:instance, :notify_email])

  78.       instance_name = Config.get([:instance, :name])

  79. 

  80.       assert_email_sent(

  81.         from: {instance_name, notify_email},

  82.         to: {user.name, user.email},

  83.         html_body: email.html_body

  84.       )

  85.     end

  86.   end

  87. 

  88.   describe "POST /auth/password, with nickname" do

  89.     test "it returns 204", %{conn: conn} do

  90.       user = insert(:user)

  91. 

  92.       assert conn

  93.              |> post("/auth/password?nickname=#{user.nickname}")

  94.              |> empty_json_response()

  95. 

  96.       ObanHelpers.perform_all()

  97.       token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)

  98. 

  99.       email = Pleroma.Emails.UserEmail.password_reset_email(user, token_record.token)

  100.       notify_email = Config.get([:instance, :notify_email])

  101.       instance_name = Config.get([:instance, :name])

  102. 

  103.       assert_email_sent(

  104.         from: {instance_name, notify_email},

  105.         to: {user.name, user.email},

  106.         html_body: email.html_body

  107.       )

  108.     end

  109. 

  110.     test "it doesn't fail when a user has no email", %{conn: conn} do

  111.       user = insert(:user, %{email: nil})

  112. 

  113.       assert conn

  114.              |> post("/auth/password?nickname=#{user.nickname}")

  115.              |> empty_json_response()

  116.     end

  117.   end

  118. 

  119.   describe "POST /auth/password, with invalid parameters" do

  120.     setup do

  121.       user = insert(:user)

  122.       {:ok, user: user}

  123.     end

  124. 

  125.     test "it returns 204 when user is not found", %{conn: conn, user: user} do

  126.       conn = post(conn, "/auth/password?email=nonexisting_#{user.email}")

  127. 

  128.       assert empty_json_response(conn)

  129.     end

  130. 

  131.     test "it returns 204 when user is not local", %{conn: conn, user: user} do

  132.       {:ok, user} = Repo.update(Ecto.Changeset.change(user, local: false))

  133.       conn = post(conn, "/auth/password?email=#{user.email}")

  134. 

  135.       assert empty_json_response(conn)

  136.     end

  137. 

  138.     test "it returns 204 when user is deactivated", %{conn: conn, user: user} do

  139.       {:ok, user} = Repo.update(Ecto.Changeset.change(user, is_active: false, local: true))

  140.       conn = post(conn, "/auth/password?email=#{user.email}")

  141. 

  142.       assert empty_json_response(conn)

  143.     end

  144.   end

  145. 

  146.   describe "DELETE /auth/sign_out" do

  147.     test "redirect to root page", %{conn: conn} do

  148.       user = insert(:user)

  149. 

  150.       conn =

  151.         conn

  152.         |> assign(:user, user)

  153.         |> delete("/auth/sign_out")

  154. 

  155.       assert conn.status == 302

  156.       assert redirected_to(conn) == "/"

  157.     end

  158.   end

  159. end