NodeBB/test/authentication.js

'use strict';


var	assert = require('assert');
var nconf = require('nconf');
var request = require('request');

var db = require('./mocks/databasemock');
var user = require('../src/user');

describe('authentication', function () {
	var jar = request.jar();
	var regularUid;
	before(function (done) {
		user.create({ username: 'regular', password: 'regularpwd', email: 'regular@nodebb.org' }, function (err, uid) {
			assert.ifError(err);
			regularUid = uid;
			done();
		});
	});

	it('should register and login a user', function (done) {
		request({
			url: nconf.get('url') + '/api/config',
			json: true,
			jar: jar,
		}, function (err, response, body) {
			assert.ifError(err);

			request.post(nconf.get('url') + '/register', {
				form: {
					email: 'admin@nodebb.org',
					username: 'admin',
					password: 'adminpwd',
				},
				json: true,
				jar: jar,
				headers: {
					'x-csrf-token': body.csrf_token,
				},
			}, function (err, response, body) {
				assert.ifError(err);
				assert(body);

				request({
					url: nconf.get('url') + '/api/me',
					json: true,
					jar: jar,
				}, function (err, response, body) {
					assert.ifError(err);
					assert(body);
					assert.equal(body.username, 'admin');
					assert.equal(body.email, 'admin@nodebb.org');
					done();
				});
			});
		});
	});

	it('should logout a user', function (done) {
		request({
			url: nconf.get('url') + '/api/config',
			json: true,
			jar: jar,
		}, function (err, response, body) {
			assert.ifError(err);

			request.post(nconf.get('url') + '/logout', {
				form: {},
				json: true,
				jar: jar,
				headers: {
					'x-csrf-token': body.csrf_token,
				},
			}, function (err) {
				assert.ifError(err);

				request({
					url: nconf.get('url') + '/api/me',
					json: true,
					jar: jar,
				}, function (err, response, body) {
					assert.ifError(err);
					assert.equal(body, 'not-authorized');
					done();
				});
			});
		});
	});

	it('should login a user', function (done) {
		var jar = request.jar();
		request({
			url: nconf.get('url') + '/api/config',
			json: true,
			jar: jar,
		}, function (err, response, body) {
			assert.ifError(err);

			request.post(nconf.get('url') + '/login', {
				form: {
					username: 'regular',
					password: 'regularpwd',
				},
				json: true,
				jar: jar,
				headers: {
					'x-csrf-token': body.csrf_token,
				},
			}, function (err, response, body) {
				assert.ifError(err);
				assert(body);

				request({
					url: nconf.get('url') + '/api/me',
					json: true,
					jar: jar,
				}, function (err, response, body) {
					assert.ifError(err);
					assert(body);
					assert.equal(body.username, 'regular');
					assert.equal(body.email, 'regular@nodebb.org');
					db.getObject('uid:' + regularUid + ':sessionUUID:sessionId', function (err, sessions) {
						assert.ifError(err);
						assert(sessions);
						assert(Object.keys(sessions).length > 0);
						done();
					});
				});
			});
		});
	});

	it('should revoke all sessions', function (done) {
		var socketAdmin = require('../src/socket.io/admin');
		db.sortedSetCard('uid:' + regularUid + ':sessions', function (err, count) {
			assert.ifError(err);
			assert(count);
			socketAdmin.deleteAllSessions({ uid: 1 }, {}, function (err) {
				assert.ifError(err);
				db.sortedSetCard('uid:' + regularUid + ':sessions', function (err, count) {
					assert.ifError(err);
					assert(!count);
					done();
				});
			});
		});
	});


	after(function (done) {
		db.emptydb(done);
	});
});
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`'use strict';`
ESlint no-undef, remove global comments 2017-02-17 21:55:19 -07:00
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00
			`var assert = require('assert');`
			`var nconf = require('nconf');`
			`var request = require('request');`

			`var db = require('./mocks/databasemock');`
more test fixes 2016-10-16 21:51:42 +03:00			`var user = require('../src/user');`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00
			`describe('authentication', function () {`
			`var jar = request.jar();`
closes #4544 2016-12-15 14:47:42 +03:00			`var regularUid;`
fix eslint errors 2016-10-16 17:42:14 +03:00			`before(function (done) {`
ESlint object-curly-spacing 2017-02-18 12:30:49 -07:00			`user.create({ username: 'regular', password: 'regularpwd', email: 'regular@nodebb.org' }, function (err, uid) {`
fix eslint errors 2016-10-16 17:42:14 +03:00			`assert.ifError(err);`
closes #4544 2016-12-15 14:47:42 +03:00			`regularUid = uid;`
try require from root 2016-10-16 17:36:24 +03:00			`done();`
			`});`
			`});`

more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`it('should register and login a user', function (done) {`
			`request({`
			`url: nconf.get('url') + '/api/config',`
			`json: true,`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`jar: jar,`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`}, function (err, response, body) {`
			`assert.ifError(err);`

			`request.post(nconf.get('url') + '/register', {`
			`form: {`
			`email: 'admin@nodebb.org',`
			`username: 'admin',`
			`password: 'adminpwd',`
			`},`
			`json: true,`
			`jar: jar,`
			`headers: {`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`'x-csrf-token': body.csrf_token,`
			`},`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`}, function (err, response, body) {`
			`assert.ifError(err);`
			`assert(body);`

			`request({`
			`url: nconf.get('url') + '/api/me',`
			`json: true,`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`jar: jar,`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`}, function (err, response, body) {`
			`assert.ifError(err);`
			`assert(body);`
			`assert.equal(body.username, 'admin');`
			`assert.equal(body.email, 'admin@nodebb.org');`
more test fixes 2016-10-16 21:51:42 +03:00			`done();`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`});`
			`});`
			`});`
			`});`

			`it('should logout a user', function (done) {`
			`request({`
			`url: nconf.get('url') + '/api/config',`
			`json: true,`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`jar: jar,`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`}, function (err, response, body) {`
			`assert.ifError(err);`

			`request.post(nconf.get('url') + '/logout', {`
			`form: {},`
			`json: true,`
			`jar: jar,`
			`headers: {`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`'x-csrf-token': body.csrf_token,`
			`},`
closes #4544 2016-12-15 14:47:42 +03:00			`}, function (err) {`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`assert.ifError(err);`

			`request({`
			`url: nconf.get('url') + '/api/me',`
			`json: true,`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`jar: jar,`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`}, function (err, response, body) {`
			`assert.ifError(err);`
			`assert.equal(body, 'not-authorized');`
Fix eslint rules (#5117) * Fix semi linter rule * Fix semi-spacing linter rule * Fix no-undef-init linter rule * Fix space-before-blocks linter rule 2016-10-25 21:34:47 +02:00			`done();`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`});`
			`});`
			`});`
			`});`

			`it('should login a user', function (done) {`
			`var jar = request.jar();`
			`request({`
			`url: nconf.get('url') + '/api/config',`
			`json: true,`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`jar: jar,`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`}, function (err, response, body) {`
			`assert.ifError(err);`

			`request.post(nconf.get('url') + '/login', {`
			`form: {`
more test fixes 2016-10-16 21:51:42 +03:00			`username: 'regular',`
			`password: 'regularpwd',`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`},`
			`json: true,`
			`jar: jar,`
			`headers: {`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`'x-csrf-token': body.csrf_token,`
			`},`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`}, function (err, response, body) {`
			`assert.ifError(err);`
			`assert(body);`

			`request({`
			`url: nconf.get('url') + '/api/me',`
			`json: true,`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`jar: jar,`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`}, function (err, response, body) {`
			`assert.ifError(err);`
			`assert(body);`
more test fixes 2016-10-16 21:51:42 +03:00			`assert.equal(body.username, 'regular');`
			`assert.equal(body.email, 'regular@nodebb.org');`
closes #5333 2017-01-03 15:08:16 +03:00			`db.getObject('uid:' + regularUid + ':sessionUUID:sessionId', function (err, sessions) {`
			`assert.ifError(err);`
			`assert(sessions);`
			`assert(Object.keys(sessions).length > 0);`
			`done();`
			`});`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`});`
			`});`
			`});`
			`});`

closes #4544 2016-12-15 14:47:42 +03:00			`it('should revoke all sessions', function (done) {`
			`var socketAdmin = require('../src/socket.io/admin');`
			`db.sortedSetCard('uid:' + regularUid + ':sessions', function (err, count) {`
			`assert.ifError(err);`
			`assert(count);`
ESlint object-curly-spacing 2017-02-18 12:30:49 -07:00			`socketAdmin.deleteAllSessions({ uid: 1 }, {}, function (err) {`
closes #4544 2016-12-15 14:47:42 +03:00			`assert.ifError(err);`
			`db.sortedSetCard('uid:' + regularUid + ':sessions', function (err, count) {`
			`assert.ifError(err);`
			`assert(!count);`
			`done();`
			`});`
			`});`
			`});`
			`});`

more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00
			`after(function (done) {`
search tests new method emptydb use emptydb instead of flushdb, flushdb removes indices for mongo which breaks search tests initialize meta.config properly in tests enable nodebb-plugin-dbsearch for tests 2016-10-17 23:34:09 +03:00			`db.emptydb(done);`
more tests register/login/logout tests ability to test socket.io emits for logged in users 2016-10-16 16:43:38 +03:00			`});`
			`});`