budibase/packages/core/test/authApi.changePassword.spec.js

import {
  setupApphierarchy,
  validUser,
  basicAppHierarchyCreator_WithFields,
} from "./specHelpers"
import {
  parseTemporaryCode,
  userAuthFile,
  USERS_LIST_FILE,
  getUserByName,
} from "../src/authApi/authCommon"

describe("authApi > changeMyPassword", () => {
  it("should be able to authenticate after a change", async () => {
    const { authApi, app } = await setupApphierarchy(
      basicAppHierarchyCreator_WithFields
    )
    const u = await validUser(app, authApi, "firstpassword")
    const firstPasswordCheck = await authApi.authenticate(
      u.name,
      "firstpassword"
    )
    expect(firstPasswordCheck).not.toBeNull()
    const changeResult = await authApi.changeMyPassword(
      "firstpassword",
      "secondpassword"
    )
    expect(changeResult).toBe(true)
    const firstPasswordReCheck = await authApi.authenticate(
      u.name,
      "firstpassword"
    )
    expect(firstPasswordReCheck).toBeNull()
    const secondPasswordCheck = await authApi.authenticate(
      u.name,
      "secondpassword"
    )
    expect(secondPasswordCheck).not.toBeNull()
  })

  it("should not change password if current password is incorrect", async () => {
    const { authApi, app } = await setupApphierarchy(
      basicAppHierarchyCreator_WithFields
    )
    const u = await validUser(app, authApi, "firstpassword")
    const changeResult = await authApi.changeMyPassword(
      "not-firstpassword",
      "secondpassword"
    )
    expect(changeResult).toBe(false)
    const secondPasswordCheck = await authApi.authenticate(
      u.name,
      "secondpassword"
    )
    expect(secondPasswordCheck).toBeNull()
  })

  it("should be allowed with no permissions", async () => {
    const { authApi, app } = await setupApphierarchy(
      basicAppHierarchyCreator_WithFields
    )
    const u = await validUser(app, authApi, "firstpassword")
    app.withNoPermissions()
    await authApi.changeMyPassword("firstpassword", "secondpassword")
  })
})

describe("authApi > resetPasswordFlow", () => {
  it("should successfully set password from temporary access", async () => {
    const { authApi, app } = await setupApphierarchy(
      basicAppHierarchyCreator_WithFields
    )
    const u = await validUser(app, authApi, "firstpassword")

    const tempCode = await authApi.createTemporaryAccess(u.name)

    const result = await authApi.setPasswordFromTemporaryCode(
      tempCode,
      "secondpassword"
    )
    expect(result).toBe(true)
    const secondPasswordCheck = await authApi.authenticate(
      u.name,
      "secondpassword"
    )
    expect(secondPasswordCheck).not.toBeNull()
  })

  it("should not set password when temporary access expired", async () => {
    const { authApi, app } = await setupApphierarchy(
      basicAppHierarchyCreator_WithFields
    )
    const u = await validUser(app, authApi, "firstpassword")

    const tempCode = await authApi.createTemporaryAccess(u.name)

    const userAuth = await app.datastore.loadJson(userAuthFile(u.name))
    userAuth.temporaryAccessExpiryEpoch = 0
    await app.datastore.updateJson(userAuthFile(u.name), userAuth)
    const result = await authApi.setPasswordFromTemporaryCode(
      tempCode,
      "secondpassword"
    )
    expect(result).toBe(false)
    const secondPasswordCheck = await authApi.authenticate(
      u.name,
      "secondpassword"
    )
    expect(secondPasswordCheck).toBeNull()
  })

  it("should still be able to authenticate with password when temp access is set", async () => {
    const { authApi, app } = await setupApphierarchy(
      basicAppHierarchyCreator_WithFields
    )
    const u = await validUser(app, authApi, "firstpassword")

    await authApi.createTemporaryAccess(u.name)

    const secondPasswordCheck = await authApi.authenticate(
      u.name,
      "firstpassword"
    )
    expect(secondPasswordCheck).not.toBeNull()
  })
})

describe("authApi > createTemporaryAccess", () => {
  it("should set users accessId annd userAuth hash and expiry", async () => {
    const { authApi, app } = await setupApphierarchy(
      basicAppHierarchyCreator_WithFields
    )
    const u = await validUser(app, authApi, "firstpassword")

    const tempCode = await authApi.createTemporaryAccess(u.name)
    const tempInfo = parseTemporaryCode(tempCode)

    const userAuth = await app.datastore.loadJson(userAuthFile(u.name))

    const currentTime = await app.getEpochTime()
    expect(
      app.crypto.verify(userAuth.temporaryAccessHash, tempInfo.code)
    ).toBeTruthy()
    expect(userAuth.temporaryAccessExpiryEpoch).toBeGreaterThan(currentTime)

    const users = await app.datastore.loadJson(USERS_LIST_FILE)
    const user = getUserByName(users, u.name)

    expect(user.temporaryAccessId).toBe(tempInfo.id)
  })

  it("should be allowed with no permissions", async () => {
    const { authApi, app } = await setupApphierarchy(
      basicAppHierarchyCreator_WithFields
    )
    const u = await validUser(app, authApi, "firstpassword")
    app.withNoPermissions()
    await authApi.createTemporaryAccess(u.name)
  })
})
running prettier over codebase, removing merge files 2020-02-03 10:24:25 +01:00			`import {`
			`setupApphierarchy,`
			`validUser,`
			`basicAppHierarchyCreator_WithFields,`
			`} from "./specHelpers"`
			`import {`
			`parseTemporaryCode,`
			`userAuthFile,`
			`USERS_LIST_FILE,`
			`getUserByName,`
			`} from "../src/authApi/authCommon"`
added core into mono repo 2019-07-15 08:12:52 +02:00
			`describe("authApi > changeMyPassword", () => {`
running prettier over codebase, removing merge files 2020-02-03 10:24:25 +01:00			`it("should be able to authenticate after a change", async () => {`
			`const { authApi, app } = await setupApphierarchy(`
			`basicAppHierarchyCreator_WithFields`
			`)`
			`const u = await validUser(app, authApi, "firstpassword")`
			`const firstPasswordCheck = await authApi.authenticate(`
			`u.name,`
			`"firstpassword"`
			`)`
			`expect(firstPasswordCheck).not.toBeNull()`
			`const changeResult = await authApi.changeMyPassword(`
			`"firstpassword",`
			`"secondpassword"`
			`)`
			`expect(changeResult).toBe(true)`
			`const firstPasswordReCheck = await authApi.authenticate(`
			`u.name,`
			`"firstpassword"`
			`)`
			`expect(firstPasswordReCheck).toBeNull()`
			`const secondPasswordCheck = await authApi.authenticate(`
			`u.name,`
			`"secondpassword"`
			`)`
			`expect(secondPasswordCheck).not.toBeNull()`
			`})`

			`it("should not change password if current password is incorrect", async () => {`
			`const { authApi, app } = await setupApphierarchy(`
			`basicAppHierarchyCreator_WithFields`
			`)`
			`const u = await validUser(app, authApi, "firstpassword")`
			`const changeResult = await authApi.changeMyPassword(`
			`"not-firstpassword",`
			`"secondpassword"`
			`)`
			`expect(changeResult).toBe(false)`
			`const secondPasswordCheck = await authApi.authenticate(`
			`u.name,`
			`"secondpassword"`
			`)`
			`expect(secondPasswordCheck).toBeNull()`
			`})`

			`it("should be allowed with no permissions", async () => {`
			`const { authApi, app } = await setupApphierarchy(`
			`basicAppHierarchyCreator_WithFields`
			`)`
			`const u = await validUser(app, authApi, "firstpassword")`
			`app.withNoPermissions()`
			`await authApi.changeMyPassword("firstpassword", "secondpassword")`
			`})`
			`})`
added core into mono repo 2019-07-15 08:12:52 +02:00
			`describe("authApi > resetPasswordFlow", () => {`
running prettier over codebase, removing merge files 2020-02-03 10:24:25 +01:00			`it("should successfully set password from temporary access", async () => {`
			`const { authApi, app } = await setupApphierarchy(`
			`basicAppHierarchyCreator_WithFields`
			`)`
			`const u = await validUser(app, authApi, "firstpassword")`

			`const tempCode = await authApi.createTemporaryAccess(u.name)`

			`const result = await authApi.setPasswordFromTemporaryCode(`
			`tempCode,`
			`"secondpassword"`
			`)`
			`expect(result).toBe(true)`
			`const secondPasswordCheck = await authApi.authenticate(`
			`u.name,`
			`"secondpassword"`
			`)`
			`expect(secondPasswordCheck).not.toBeNull()`
			`})`

			`it("should not set password when temporary access expired", async () => {`
			`const { authApi, app } = await setupApphierarchy(`
			`basicAppHierarchyCreator_WithFields`
			`)`
			`const u = await validUser(app, authApi, "firstpassword")`

			`const tempCode = await authApi.createTemporaryAccess(u.name)`

			`const userAuth = await app.datastore.loadJson(userAuthFile(u.name))`
			`userAuth.temporaryAccessExpiryEpoch = 0`
			`await app.datastore.updateJson(userAuthFile(u.name), userAuth)`
			`const result = await authApi.setPasswordFromTemporaryCode(`
			`tempCode,`
			`"secondpassword"`
			`)`
			`expect(result).toBe(false)`
			`const secondPasswordCheck = await authApi.authenticate(`
			`u.name,`
			`"secondpassword"`
			`)`
			`expect(secondPasswordCheck).toBeNull()`
			`})`

			`it("should still be able to authenticate with password when temp access is set", async () => {`
			`const { authApi, app } = await setupApphierarchy(`
			`basicAppHierarchyCreator_WithFields`
			`)`
			`const u = await validUser(app, authApi, "firstpassword")`

			`await authApi.createTemporaryAccess(u.name)`

			`const secondPasswordCheck = await authApi.authenticate(`
			`u.name,`
			`"firstpassword"`
			`)`
			`expect(secondPasswordCheck).not.toBeNull()`
			`})`
			`})`
added core into mono repo 2019-07-15 08:12:52 +02:00
			`describe("authApi > createTemporaryAccess", () => {`
running prettier over codebase, removing merge files 2020-02-03 10:24:25 +01:00			`it("should set users accessId annd userAuth hash and expiry", async () => {`
			`const { authApi, app } = await setupApphierarchy(`
			`basicAppHierarchyCreator_WithFields`
			`)`
			`const u = await validUser(app, authApi, "firstpassword")`

			`const tempCode = await authApi.createTemporaryAccess(u.name)`
			`const tempInfo = parseTemporaryCode(tempCode)`

			`const userAuth = await app.datastore.loadJson(userAuthFile(u.name))`

			`const currentTime = await app.getEpochTime()`
			`expect(`
			`app.crypto.verify(userAuth.temporaryAccessHash, tempInfo.code)`
			`).toBeTruthy()`
			`expect(userAuth.temporaryAccessExpiryEpoch).toBeGreaterThan(currentTime)`

			`const users = await app.datastore.loadJson(USERS_LIST_FILE)`
			`const user = getUserByName(users, u.name)`

			`expect(user.temporaryAccessId).toBe(tempInfo.id)`
			`})`

			`it("should be allowed with no permissions", async () => {`
			`const { authApi, app } = await setupApphierarchy(`
			`basicAppHierarchyCreator_WithFields`
			`)`
			`const u = await validUser(app, authApi, "firstpassword")`
			`app.withNoPermissions()`
			`await authApi.createTemporaryAccess(u.name)`
			`})`
			`})`