more auth tests

2025-11-03 12:36:02 +01:00 · 2017-05-23 17:37:16 -04:00
parent 9625f89665
commit e4714a0c58
2 changed files with 91 additions and 14 deletions
--- a/src/controllers/authentication.js
+++ b/src/controllers/authentication.js
@@ -97,11 +97,9 @@ function registerAndLoginUser(req, res, userData, callback) {
 			plugins.fireHook('filter:register.interstitial', {
 				userData: userData,
 				interstitials: [],
-			}, function (err, data) {
-				if (err) {
-					return next(err);
-				}
-
+			}, next);
+		},
+		function (data, next) {
 			// If interstitials are found, save registration attempt into session and abort
 			var deferRegistration = data.interstitials.length;

@@ -111,7 +109,6 @@ function registerAndLoginUser(req, res, userData, callback) {
 			userData.register = true;
 			req.session.registration = userData;
 			return res.json({ referrer: nconf.get('relative_path') + '/register/complete' });
-			});
 		},
 		function (next) {
 			user.create(userData, next);
--- a/test/authentication.js
+++ b/test/authentication.js
@@ -37,6 +37,33 @@ describe('authentication', function () {
 		});
 	}

+	function registerUser(email, username, password, callback) {
+		var jar = request.jar();
+		request({
+			url: nconf.get('url') + '/api/config',
+			json: true,
+			jar: jar,
+		}, function (err, response, body) {
+			if (err) {
+				return callback(err);
+			}
+
+			request.post(nconf.get('url') + '/register', {
+				form: {
+					email: email,
+					username: username,
+					password: password,
+				},
+				json: true,
+				jar: jar,
+				headers: {
+					'x-csrf-token': body.csrf_token,
+				},
+			}, function (err, response, body) {
+				callback(err, response, body, jar);
+			});
+		});
+	}

 	var jar = request.jar();
 	var regularUid;
@@ -218,6 +245,59 @@ describe('authentication', function () {
 		});
 	});

+	it('should fail to register if registraton is disabled', function (done) {
+		meta.config.registrationType = 'disabled';
+		registerUser('some@user.com', 'someuser', 'somepassword', function (err, response, body) {
+			assert.ifError(err);
+			assert.equal(response.statusCode, 403);
+			assert.equal(body, 'Forbidden');
+			done();
+		});
+	});
+
+	it('should return error if invitation is not valid', function (done) {
+		meta.config.registrationType = 'invite-only';
+		registerUser('some@user.com', 'someuser', 'somepassword', function (err, response, body) {
+			meta.config.registrationType = 'normal';
+			assert.ifError(err);
+			assert.equal(response.statusCode, 400);
+			assert.equal(body, '[[error:invalid-data]]');
+			done();
+		});
+	});
+
+	it('should fail to register if email is falsy', function (done) {
+		registerUser('', 'someuser', 'somepassword', function (err, response, body) {
+			assert.ifError(err);
+			assert.equal(response.statusCode, 400);
+			assert.equal(body, '[[error:invalid-email]]');
+			done();
+		});
+	});
+
+	it('should fail to register if username is falsy or too short', function (done) {
+		registerUser('some@user.com', '', 'somepassword', function (err, response, body) {
+			assert.ifError(err);
+			assert.equal(response.statusCode, 400);
+			assert.equal(body, '[[error:username-too-short]]');
+			registerUser('some@user.com', 'a', 'somepassword', function (err, response, body) {
+				assert.ifError(err);
+				assert.equal(response.statusCode, 400);
+				assert.equal(body, '[[error:username-too-short]]');
+				done();
+			});
+		});
+	});
+
+	it('should fail to register if username is too long', function (done) {
+		registerUser('some@user.com', 'thisisareallylongusername', '123456', function (err, response, body) {
+			assert.ifError(err);
+			assert.equal(response.statusCode, 400);
+			assert.equal(body, '[[error:username-too-long]]');
+			done();
+		});
+	});
+
 	after(function (done) {
 		db.emptydb(done);
 	});