1 | var t = require('../test-lib/test.js');
|
2 | var assert = require('assert');
|
3 | var request = require('request');
|
4 |
|
5 | var apos, apos2;
|
6 |
|
7 | describe('Login', function() {
|
8 |
|
9 | this.timeout(20000);
|
10 |
|
11 | after(function(done) {
|
12 | return t.destroy(apos, function() {
|
13 | return t.destroy(apos2, done);
|
14 | });
|
15 | });
|
16 |
|
17 |
|
18 |
|
19 | it('should initialize', function(done) {
|
20 | apos = require('../index.js')({
|
21 | root: module,
|
22 | shortName: 'test',
|
23 | modules: {
|
24 | 'apostrophe-express': {
|
25 | secret: 'xxx',
|
26 | port: 7901,
|
27 | csrf: false
|
28 | },
|
29 | 'apostrophe-users': {
|
30 | groups: [
|
31 | {
|
32 | title: 'guest',
|
33 | permissions: ['guest']
|
34 | },
|
35 | {
|
36 | title: 'admin',
|
37 | permissions: ['admin']
|
38 | }
|
39 | ],
|
40 | disableInactiveAccounts: {
|
41 | inactivityDuration: 0
|
42 | }
|
43 | }
|
44 | },
|
45 | afterInit: function(callback) {
|
46 | assert(apos.modules['apostrophe-login']);
|
47 | apos.argv._ = [];
|
48 | assert(apos.users.safe.remove);
|
49 | return apos.users.safe.remove({}, callback);
|
50 |
|
51 | },
|
52 | afterListen: function(err) {
|
53 | if (err) {
|
54 | console.error('* * * caught error ', err);
|
55 | }
|
56 | assert(!err);
|
57 | done();
|
58 | }
|
59 | });
|
60 | });
|
61 |
|
62 | it('should be able to insert test user', function(done) {
|
63 | assert(apos.users.newInstance);
|
64 | var user = apos.users.newInstance();
|
65 | assert(user);
|
66 |
|
67 | user.firstName = 'Lilith';
|
68 | user.lastName = 'Iyapo';
|
69 | user.title = 'Lilith Iyapo';
|
70 | user.username = 'LilithIyapo';
|
71 | user.password = 'nikanj';
|
72 | user.email = 'liyapo@example.com';
|
73 | user.groupIds = [ apos.users.options.groups[1]._id ];
|
74 |
|
75 | assert(user.type === 'apostrophe-user');
|
76 | assert(apos.users.insert);
|
77 | apos.users.insert(apos.tasks.getReq(), user, function(err) {
|
78 | assert(!err);
|
79 | done();
|
80 | });
|
81 | });
|
82 |
|
83 | it('should not see logout link yet', function(done) {
|
84 |
|
85 | request.jar();
|
86 | return request('http://localhost:7901/', function(err, response, body) {
|
87 | assert(!err);
|
88 |
|
89 | assert.equal(response.statusCode, 200);
|
90 |
|
91 | assert(body.match(/login/));
|
92 | assert(!body.match(/logout/));
|
93 | return done();
|
94 | });
|
95 |
|
96 | });
|
97 |
|
98 | var loginLogoutJar = request.jar();
|
99 | var loginEmailLogoutJar = request.jar();
|
100 |
|
101 | it('should be able to login a user', function(done) {
|
102 |
|
103 | return request.post('http://localhost:7901/login', {
|
104 | form: { username: 'LilithIyapo', password: 'nikanj' },
|
105 | followAllRedirects: true,
|
106 | jar: loginLogoutJar
|
107 | }, function(err, response, body) {
|
108 | assert(!err);
|
109 |
|
110 | assert.equal(response.statusCode, 200);
|
111 |
|
112 | assert(body.match(/logout/));
|
113 | return done();
|
114 | });
|
115 | });
|
116 |
|
117 | it('should be able to login a user with their email', function(done) {
|
118 |
|
119 | return request.post('http://localhost:7901/login', {
|
120 | form: { username: 'liyapo@example.com', password: 'nikanj' },
|
121 | followAllRedirects: true,
|
122 | jar: loginEmailLogoutJar
|
123 | }, function(err, response, body) {
|
124 | assert(!err);
|
125 |
|
126 | assert.equal(response.statusCode, 200);
|
127 |
|
128 | assert(body.match(/logout/));
|
129 | return done();
|
130 | });
|
131 | });
|
132 |
|
133 | it('should be able to log out', function(done) {
|
134 |
|
135 | return request('http://localhost:7901/logout', {
|
136 | followAllRedirects: true,
|
137 | jar: loginLogoutJar
|
138 | }, function(err, response, body) {
|
139 | assert(!err);
|
140 |
|
141 | assert.equal(response.statusCode, 200);
|
142 |
|
143 | assert(body.match(/login/));
|
144 | return done();
|
145 | });
|
146 | });
|
147 |
|
148 | it('should be able to log out after having logged in with email', function(done) {
|
149 |
|
150 | return request('http://localhost:7901/logout', {
|
151 | followAllRedirects: true,
|
152 | jar: loginEmailLogoutJar
|
153 | }, function(err, response, body) {
|
154 | assert(!err);
|
155 |
|
156 | assert.equal(response.statusCode, 200);
|
157 |
|
158 | assert(body.match(/login/));
|
159 | return done();
|
160 | });
|
161 | });
|
162 |
|
163 | it('should disable an inactive user', function(done) {
|
164 | var user = apos.users.newInstance();
|
165 |
|
166 | user.firstName = 'Random';
|
167 | user.lastName = 'Test';
|
168 | user.title = 'Random Test';
|
169 | user.username = 'random-test';
|
170 | user.password = 'nikanj';
|
171 | user.email = 'randomtest@aol.com';
|
172 | user.lastLogin = new Date();
|
173 | user.groupIds = [ apos.users.options.groups[0]._id ];
|
174 |
|
175 | apos.users.insert(apos.tasks.getReq(), user, function(err) {
|
176 | assert(!err);
|
177 | return request.post('http://localhost:7901/login', {
|
178 | form: { username: 'random-test', password: 'nikanj' },
|
179 | followAllRedirects: true,
|
180 | jar: loginLogoutJar
|
181 | }, function(err, response, body) {
|
182 | assert(!err);
|
183 | assert.equal(response.statusCode, 200);
|
184 | assert(body.match(/Account disabled due to inactivity. Please, refer to the administrator of the site for assistance./));
|
185 | return done();
|
186 | });
|
187 | });
|
188 | });
|
189 |
|
190 | it('should log a whitelisted user', function(done) {
|
191 | var user = apos.users.newInstance();
|
192 |
|
193 | user.firstName = 'Admin';
|
194 | user.lastName = 'Test';
|
195 | user.title = 'Admin Test';
|
196 | user.username = 'admin-test';
|
197 | user.password = 'nikanj';
|
198 | user.email = 'admintest@aol.com';
|
199 | user.lastLogin = new Date();
|
200 | user.groupIds = [ apos.users.options.groups[1]._id ];
|
201 |
|
202 | apos.users.insert(apos.tasks.getReq(), user, function(err) {
|
203 | assert(!err);
|
204 | return request.post('http://localhost:7901/login', {
|
205 | form: { username: 'admin-test', password: 'nikanj' },
|
206 | followAllRedirects: true,
|
207 | jar: loginLogoutJar
|
208 | }, function(err, response, body) {
|
209 | assert(!err);
|
210 | assert.equal(response.statusCode, 200);
|
211 | assert(body.match(/logout/));
|
212 | return done();
|
213 | });
|
214 | });
|
215 | });
|
216 |
|
217 | it('should log a non-timed out user', function(done) {
|
218 | apos2 = require('../index.js')({
|
219 | root: module,
|
220 | shortName: 'test2',
|
221 | modules: {
|
222 | 'apostrophe-express': {
|
223 | secret: 'xxx',
|
224 | port: 7902,
|
225 | csrf: false
|
226 | },
|
227 | 'apostrophe-users': {
|
228 | groups: [
|
229 | {
|
230 | title: 'guest',
|
231 | permissions: ['guest']
|
232 | },
|
233 | {
|
234 | title: 'admin',
|
235 | permissions: ['admin']
|
236 | }
|
237 | ],
|
238 | disableInactiveAccounts: {
|
239 | inactivityDuration: 90
|
240 | }
|
241 | }
|
242 | },
|
243 | afterInit: function(callback) {
|
244 | apos2.argv._ = [];
|
245 | return apos2.users.safe.remove({}, callback);
|
246 | },
|
247 | afterListen: function(err) {
|
248 | if (err) {
|
249 | console.error('* * * caught error ', err);
|
250 | }
|
251 | assert(!err);
|
252 |
|
253 | var user = apos2.users.newInstance();
|
254 | var lastLogin = new Date();
|
255 |
|
256 | user.firstName = 'Random';
|
257 | user.lastName = 'Test';
|
258 | user.title = 'Random Test';
|
259 | user.username = 'random-test';
|
260 | user.password = 'nikanj';
|
261 | user.email = 'randomtest@aol.com';
|
262 | user.lastLogin = lastLogin.setDate(lastLogin.getDate() - 3);
|
263 | user.groupIds = [ apos2.users.options.groups[0]._id ];
|
264 |
|
265 | apos2.users.insert(apos2.tasks.getReq(), user, function(err) {
|
266 | assert(!err);
|
267 | return request.post('http://localhost:7902/login', {
|
268 | form: { username: 'random-test', password: 'nikanj' },
|
269 | followAllRedirects: true,
|
270 | jar: loginLogoutJar
|
271 | }, function(err, response, body) {
|
272 | assert(!err);
|
273 | assert.equal(response.statusCode, 200);
|
274 | assert(body.match(/logout/));
|
275 | return done();
|
276 | });
|
277 | });
|
278 | }
|
279 | });
|
280 | });
|
281 |
|
282 | });
|