logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma

auth_controller_test.exs (4750B)


  1. # Pleroma: A lightweight social networking server
  2. # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
  3. # SPDX-License-Identifier: AGPL-3.0-only
  4. defmodule Pleroma.Web.MastodonAPI.AuthControllerTest do
  5. use Pleroma.Web.ConnCase
  6. alias Pleroma.Config
  7. alias Pleroma.Repo
  8. alias Pleroma.Tests.ObanHelpers
  9. import Pleroma.Factory
  10. import Swoosh.TestAssertions
  11. describe "GET /web/login" do
  12. setup %{conn: conn} do
  13. session_opts = [
  14. store: :cookie,
  15. key: "_test",
  16. signing_salt: "cooldude"
  17. ]
  18. conn =
  19. conn
  20. |> Plug.Session.call(Plug.Session.init(session_opts))
  21. |> fetch_session()
  22. test_path = "/web/statuses/test"
  23. %{conn: conn, path: test_path}
  24. end
  25. test "redirects to the saved path after log in", %{conn: conn, path: path} do
  26. app = insert(:oauth_app, client_name: "Mastodon-Local", redirect_uris: ".")
  27. auth = insert(:oauth_authorization, app: app)
  28. conn =
  29. conn
  30. |> put_session(:return_to, path)
  31. |> get("/web/login", %{code: auth.token})
  32. assert conn.status == 302
  33. assert redirected_to(conn) == path
  34. end
  35. test "redirects to the getting-started page when referer is not present", %{conn: conn} do
  36. app = insert(:oauth_app, client_name: "Mastodon-Local", redirect_uris: ".")
  37. auth = insert(:oauth_authorization, app: app)
  38. conn = get(conn, "/web/login", %{code: auth.token})
  39. assert conn.status == 302
  40. assert redirected_to(conn) == "/web/getting-started"
  41. end
  42. end
  43. describe "POST /auth/password, with valid parameters" do
  44. setup %{conn: conn} do
  45. user = insert(:user)
  46. conn = post(conn, "/auth/password?email=#{user.email}")
  47. %{conn: conn, user: user}
  48. end
  49. test "it returns 204", %{conn: conn} do
  50. assert empty_json_response(conn)
  51. end
  52. test "it creates a PasswordResetToken record for user", %{user: user} do
  53. token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)
  54. assert token_record
  55. end
  56. test "it sends an email to user", %{user: user} do
  57. ObanHelpers.perform_all()
  58. token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)
  59. email = Pleroma.Emails.UserEmail.password_reset_email(user, token_record.token)
  60. notify_email = Config.get([:instance, :notify_email])
  61. instance_name = Config.get([:instance, :name])
  62. assert_email_sent(
  63. from: {instance_name, notify_email},
  64. to: {user.name, user.email},
  65. html_body: email.html_body
  66. )
  67. end
  68. end
  69. describe "POST /auth/password, with nickname" do
  70. test "it returns 204", %{conn: conn} do
  71. user = insert(:user)
  72. assert conn
  73. |> post("/auth/password?nickname=#{user.nickname}")
  74. |> empty_json_response()
  75. ObanHelpers.perform_all()
  76. token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)
  77. email = Pleroma.Emails.UserEmail.password_reset_email(user, token_record.token)
  78. notify_email = Config.get([:instance, :notify_email])
  79. instance_name = Config.get([:instance, :name])
  80. assert_email_sent(
  81. from: {instance_name, notify_email},
  82. to: {user.name, user.email},
  83. html_body: email.html_body
  84. )
  85. end
  86. test "it doesn't fail when a user has no email", %{conn: conn} do
  87. user = insert(:user, %{email: nil})
  88. assert conn
  89. |> post("/auth/password?nickname=#{user.nickname}")
  90. |> empty_json_response()
  91. end
  92. end
  93. describe "POST /auth/password, with invalid parameters" do
  94. setup do
  95. user = insert(:user)
  96. {:ok, user: user}
  97. end
  98. test "it returns 204 when user is not found", %{conn: conn, user: user} do
  99. conn = post(conn, "/auth/password?email=nonexisting_#{user.email}")
  100. assert empty_json_response(conn)
  101. end
  102. test "it returns 204 when user is not local", %{conn: conn, user: user} do
  103. {:ok, user} = Repo.update(Ecto.Changeset.change(user, local: false))
  104. conn = post(conn, "/auth/password?email=#{user.email}")
  105. assert empty_json_response(conn)
  106. end
  107. test "it returns 204 when user is deactivated", %{conn: conn, user: user} do
  108. {:ok, user} = Repo.update(Ecto.Changeset.change(user, deactivated: true, local: true))
  109. conn = post(conn, "/auth/password?email=#{user.email}")
  110. assert empty_json_response(conn)
  111. end
  112. end
  113. describe "DELETE /auth/sign_out" do
  114. test "redirect to root page", %{conn: conn} do
  115. user = insert(:user)
  116. conn =
  117. conn
  118. |> assign(:user, user)
  119. |> delete("/auth/sign_out")
  120. assert conn.status == 302
  121. assert redirected_to(conn) == "/"
  122. end
  123. end
  124. end