@ackplus/nest-auth 0.1.51 → 1.1.0

package/test/auth.service.spec.ts

@@ -0,0 +1,541 @@
+
+import { EMAIL_AUTH_PROVIDER, PHONE_AUTH_PROVIDER } from '../src/lib/auth.constants';
+import { NestAuthUser } from '../src/lib/user/entities/user.entity';
+import { NestAuthOTP } from '../src/lib/auth/entities/otp.entity';
+import { getRepositoryToken } from '@nestjs/typeorm';
+import { DataSource, Repository } from 'typeorm';
+import { createTestApp } from './test.setup';
+import { BaseSessionService } from '../src/lib/session/services/base-session.service';
+import { UnauthorizedException } from '@nestjs/common';
+import { RequestContext } from '../src/lib/request-context/request-context';
+import { v4 as uuidv4 } from 'uuid';
+import { AuthService } from '../src/lib/auth/services/auth.service';
+import { OTPTypeEnum } from '../src/lib/core/interfaces/otp.interface';
+import { JwtService, NestAuthIdentity } from '../src/lib/core';
+
+
+jest.mock('../src/lib/request-context/request-context', () => ({
+    RequestContext: {
+        currentRequest: jest.fn(),
+        currentUser: jest.fn(),
+        currentSession: jest.fn(),
+        getDeviceInfo: () => ({
+            ipAddress: '127.0.0.1',
+            userAgent: 'Test Browser',
+            deviceName: 'Test Device',
+        }),
+    },
+}));
+
+describe('AuthService', () => {
+    let service: AuthService;
+    let jwtService: JwtService;
+    let userRepository: Repository<NestAuthUser>;
+    let otpRepository: Repository<NestAuthOTP>;
+    let dataSource: DataSource;
+    let authIdentityRepository: Repository<NestAuthIdentity>;
+    let sessionService: BaseSessionService;
+
+    beforeAll(async () => {
+        const app = await createTestApp();
+
+        service = app.get<AuthService>(AuthService);
+        jwtService = app.get<JwtService>(JwtService);
+
+        sessionService = app.get<BaseSessionService>(BaseSessionService);
+
+        dataSource = app.get<DataSource>(DataSource);
+        userRepository = dataSource.getRepository(NestAuthUser);
+        otpRepository = dataSource.getRepository(NestAuthOTP);
+        authIdentityRepository = dataSource.getRepository(NestAuthIdentity);
+    });
+
+    afterEach(async () => {
+        await dataSource.synchronize(true);
+    });
+
+    afterAll(async () => {
+        await dataSource.destroy();
+    });
+
+    describe('signup', () => {
+        it('should successfully signup with email and create session', async () => {
+            const signupDto = {
+                email: 'test@example.com',
+                password: 'password123',
+                providerName: EMAIL_AUTH_PROVIDER,
+            };
+
+            const result = await service.signup(signupDto);
+
+            expect(result).toHaveProperty('accessToken');
+            expect(result).toHaveProperty('refreshToken');
+
+            const payload = await jwtService.verifyToken(result.accessToken);
+            expect(payload.sessionId).toBeDefined();
+
+            // Verify session was created
+            const sessions = await sessionService.getSession(payload.sessionId);
+            expect(sessions).toBeDefined();
+        });
+
+        it('should successfully signup with phone', async () => {
+            const signupDto = {
+                phone: '+1234567890',
+                password: 'password123',
+                providerName: PHONE_AUTH_PROVIDER,
+            };
+
+            const result = await service.signup(signupDto);
+
+            expect(result).toHaveProperty('accessToken');
+            expect(result).toHaveProperty('refreshToken');
+
+            const payload = await jwtService.verifyToken(result.accessToken);
+            expect(payload.sessionId).toBeDefined();
+
+            // Verify session was created
+            const sessions = await sessionService.getSession(payload.sessionId);
+            expect(sessions).toBeDefined();
+        });
+
+        it('should throw BadRequestException if email already exists', async () => {
+            // First create a user with the email
+            const user = new NestAuthUser();
+            user.email = 'test@example.com';
+            await user.setPassword('password123');
+            await userRepository.save(user);
+
+            const authIdentity = new NestAuthIdentity();
+            authIdentity.provider = EMAIL_AUTH_PROVIDER;
+            authIdentity.providerId = user.email;
+            authIdentity.user = user;
+            await authIdentityRepository.save(authIdentity);
+
+            const signupDto = {
+                email: 'test@example.com',
+                password: 'password123',
+                providerName: EMAIL_AUTH_PROVIDER,
+            };
+
+            await expect(service.signup(signupDto)).rejects.toThrow('Email already exists');
+        });
+
+        it('should throw BadRequestException if phone already exists', async () => {
+            // First create a user with the phone
+            const user = new NestAuthUser();
+            user.phone = '+1234567890';
+            await user.setPassword('password123');
+            await userRepository.save(user);
+
+            const authIdentity = new NestAuthIdentity();
+            authIdentity.provider = PHONE_AUTH_PROVIDER;
+            authIdentity.providerId = user.phone;
+            authIdentity.user = user;
+            await authIdentityRepository.save(authIdentity);
+
+            const signupDto = {
+                phone: '+1234567890',
+                password: 'password123',
+                providerName: PHONE_AUTH_PROVIDER,
+            };
+
+            await expect(service.signup(signupDto)).rejects.toThrow('Phone number already exists in this tenant');
+        });
+    });
+
+    describe('login', () => {
+        it('should successfully login and create new session', async () => {
+            // Create test user
+            const user = new NestAuthUser();
+            user.email = 'test@example.com';
+            user.isVerified = true;
+            await user.setPassword('password123');
+            await userRepository.save(user);
+
+            // Create auth identity with password hash
+            const authIdentity = new NestAuthIdentity();
+            authIdentity.provider = EMAIL_AUTH_PROVIDER;
+            authIdentity.providerId = user.email;
+            authIdentity.user = user;
+            await authIdentityRepository.save(authIdentity);
+
+            const loginDto = {
+                credentials: {
+                    email: 'test@example.com',
+                    password: 'password123',
+                },
+                providerName: EMAIL_AUTH_PROVIDER,
+            };
+
+            const result = await service.login(loginDto);
+
+            expect(result).toHaveProperty('accessToken');
+            expect(result).toHaveProperty('refreshToken');
+
+            const payload = await jwtService.verifyToken(result.accessToken);
+            expect(payload.sessionId).toBeDefined();
+
+            // Verify session was created
+            const sessions = await sessionService.getSession(payload.sessionId);
+            expect(sessions).toBeDefined();
+        });
+
+        it('should successfully login with phone', async () => {
+            // First create a user
+            const user = new NestAuthUser();
+            user.phone = '+1234567890';
+            user.isVerified = true;
+            await user.setPassword('password123');
+            await userRepository.save(user);
+
+            // Create auth identity with password hash
+            const authIdentity = new NestAuthIdentity();
+            authIdentity.provider = PHONE_AUTH_PROVIDER;
+            authIdentity.providerId = user.phone;
+            authIdentity.user = user;
+            await authIdentityRepository.save(authIdentity);
+
+            const loginDto = {
+                credentials: {
+                    phone: '+1234567890',
+                    password: 'password123',
+                },
+                providerName: PHONE_AUTH_PROVIDER,
+            };
+
+            const result = await service.login(loginDto);
+
+            expect(result).toHaveProperty('accessToken');
+            expect(result).toHaveProperty('refreshToken');
+
+            const payload = await jwtService.verifyToken(result.accessToken);
+            expect(payload.sessionId).toBeDefined();
+
+            // Verify session was created
+            const sessions = await sessionService.getSession(payload.sessionId);
+            expect(sessions).toBeDefined();
+        });
+
+        it('should throw BadRequestException if email is not found', async () => {
+            const loginDto = {
+                credentials: {
+                    email: 'test@example.com',
+                    password: 'password123',
+                },
+                providerName: EMAIL_AUTH_PROVIDER,
+            };
+
+            await expect(service.login(loginDto)).rejects.toThrow('Invalid credentials');
+        });
+
+        it('should throw BadRequestException if phone is not found', async () => {
+            const loginDto = {
+                credentials: {
+                    phone: '+1234567890',
+                    password: 'password123',
+                },
+                providerName: PHONE_AUTH_PROVIDER,
+            };
+
+            await expect(service.login(loginDto)).rejects.toThrow('Invalid credentials');
+        });
+
+        it('should throw BadRequestException if password is incorrect', async () => {
+            // First create a user
+            const user = new NestAuthUser();
+            user.email = 'test@example.com';
+            user.isVerified = true;
+            await user.setPassword('password123');
+            await userRepository.save(user);
+
+            // Create auth identity
+            const authIdentity = new NestAuthIdentity();
+            authIdentity.provider = EMAIL_AUTH_PROVIDER;
+            authIdentity.providerId = user.email;
+            authIdentity.user = user;
+            await authIdentityRepository.save(authIdentity);
+
+            const loginDto = {
+                credentials: {
+                    email: 'test@example.com',
+                    password: 'wrongpassword',
+                },
+                providerName: EMAIL_AUTH_PROVIDER,
+            };
+
+            await expect(service.login(loginDto)).rejects.toThrow('Invalid credentials');
+        });
+    });
+
+    describe('forgotPassword', () => {
+        it('should create OTP for email password reset', async () => {
+            // First create a user
+            const user = new NestAuthUser();
+            user.email = 'test@example.com';
+            user.isVerified = true;
+            await user.setPassword('password123');
+            await userRepository.save(user);
+
+            // Create auth identity
+            const authIdentity = new NestAuthIdentity();
+            authIdentity.provider = EMAIL_AUTH_PROVIDER;
+            authIdentity.providerId = user.email;
+            authIdentity.user = user;
+            await authIdentityRepository.save(authIdentity);
+
+            const forgotPasswordDto = {
+                email: 'test@example.com',
+            };
+
+            const result = await service.forgotPassword(forgotPasswordDto);
+
+            expect(result).toBe(true);
+
+            // Verify OTP was created
+            const otp = await otpRepository.findOne({ where: { user: { id: user.id } } });
+            expect(otp).toBeDefined();
+            expect(otp.type).toBe(OTPTypeEnum.PASSWORD_RESET);
+        });
+
+        it('should create OTP for phone password reset', async () => {
+            // First create a user
+            const user = new NestAuthUser();
+            user.phone = '+1234567890';
+            user.isVerified = true;
+            await user.setPassword('password123');
+            await userRepository.save(user);
+
+            // Create auth identity
+            const authIdentity = new NestAuthIdentity();
+            authIdentity.provider = PHONE_AUTH_PROVIDER;
+            authIdentity.providerId = user.phone;
+            authIdentity.user = user;
+            await authIdentityRepository.save(authIdentity);
+
+            const forgotPasswordDto = {
+                phone: '+1234567890',
+            };
+
+            const result = await service.forgotPassword(forgotPasswordDto);
+
+            expect(result).toBe(true);
+
+            // Verify OTP was created
+            const otp = await otpRepository.findOne({ where: { userId: user.id } });
+            expect(otp).toBeDefined();
+            expect(otp.type).toBe(OTPTypeEnum.PASSWORD_RESET);
+        });
+    });
+
+    describe('resetPassword', () => {
+        it('should successfully reset password with valid email OTP', async () => {
+            // Create a test user
+            const user = new NestAuthUser();
+            user.email = 'test@example.com';
+            user.isVerified = true;
+            await user.setPassword('oldpassword');
+            await userRepository.save(user);
+
+            // Create OTP
+            const otp = new NestAuthOTP();
+            otp.user = user;
+            otp.code = '123456';
+            otp.type = OTPTypeEnum.PASSWORD_RESET;
+            otp.expiresAt = new Date(Date.now() + 3600000);
+            await otpRepository.save(otp);
+
+            const resetPasswordDto = {
+                email: user.email,
+                otp: otp.code,
+                newPassword: 'newpassword123',
+            };
+
+            const result = await service.resetPassword(resetPasswordDto);
+
+            expect(result).toBe(true);
+
+            // Verify password was changed
+            const updatedUser = await userRepository.findOne({ where: { id: user.id } });
+            expect(await updatedUser.validatePassword('newpassword123')).toBe(true);
+        });
+
+        it('should successfully reset password with valid phone OTP', async () => {
+            // Create a test user
+            const user = new NestAuthUser();
+            user.phone = '+1234567890';
+            user.isVerified = true;
+            await user.setPassword('oldpassword');
+            await userRepository.save(user);
+
+            // Create OTP
+            const otp = new NestAuthOTP();
+            otp.user = user;
+            otp.code = '123456';
+            otp.type = OTPTypeEnum.PASSWORD_RESET;
+            otp.expiresAt = new Date(Date.now() + 3600000);
+            await otpRepository.save(otp);
+
+            const resetPasswordDto = {
+                phone: user.phone,
+                otp: otp.code,
+                newPassword: 'newpassword123',
+            };
+
+            const result = await service.resetPassword(resetPasswordDto);
+
+            expect(result).toBe(true);
+
+            // Verify password was changed
+            const updatedUser = await userRepository.findOne({ where: { id: user.id } });
+            expect(await updatedUser.validatePassword('newpassword123')).toBe(true);
+        });
+
+        it('should throw BadRequestException for invalid email OTP', async () => {
+            // Create a test user
+            const user = new NestAuthUser();
+            user.email = 'test@example.com';
+            user.isVerified = true;
+            await user.setPassword('oldpassword');
+            await userRepository.save(user);
+
+            const resetPasswordDto = {
+                email: user.email,
+                otp: 'invalid',
+                newPassword: 'newpassword123',
+            };
+
+            await expect(service.resetPassword(resetPasswordDto)).rejects.toThrow('Invalid or expired OTP');
+        });
+
+        it('should throw BadRequestException for invalid phone OTP', async () => {
+            // Create a test user
+            const user = new NestAuthUser();
+            user.phone = '+1234567890';
+            user.isVerified = true;
+            await user.setPassword('oldpassword');
+            await userRepository.save(user);
+
+            const resetPasswordDto = {
+                phone: user.phone,
+                otp: 'invalid',
+                newPassword: 'newpassword123',
+            };
+
+            await expect(service.resetPassword(resetPasswordDto)).rejects.toThrow('Invalid or expired OTP');
+        });
+    });
+
+    describe('refreshToken', () => {
+        it('should generate new tokens and delete old session', async () => {
+            // Create test user
+            const user = new NestAuthUser();
+            user.email = 'test@example.com';
+            user.isVerified = true;
+            user.isMfaEnabled = true;
+            await user.setPassword('password123');
+            await userRepository.save(user);
+
+            const oldSession = await sessionService.createSessionFromUser(user);
+
+            const tokenPayload = {
+                sub: user.id,
+                exp: Math.floor(Date.now() / 1000) + 3600,
+                iat: Math.floor(Date.now() / 1000),
+                email: user.email,
+                phone: user.phone,
+                isVerified: user.isVerified,
+                isMfaEnabled: user.isMfaEnabled,
+                sessionId: oldSession.id,
+            };
+            const refreshToken = await jwtService.generateRefreshToken(tokenPayload);
+
+            const result = await service.refreshToken(refreshToken);
+
+            expect(result).toHaveProperty('accessToken');
+            expect(result).toHaveProperty('refreshToken');
+
+            // Verify old session was deleted
+            const deletedSession = await sessionService.getSession(oldSession.id);
+            expect(deletedSession).toBeNull();
+
+            // Verify new session was created
+            const payload = await jwtService.verifyToken(result.accessToken);
+            expect(payload.sessionId).toBeDefined();
+            const sessions = await sessionService.getSession(payload.sessionId);
+            expect(sessions).toBeDefined();
+        });
+
+        it('should throw UnauthorizedException for non-existent session', async () => {
+            // Create test user
+            const user = new NestAuthUser();
+            user.email = 'test@example.com';
+            await userRepository.save(user);
+
+            const nonExistentSessionId = uuidv4();
+            // Mock JWT verification
+            jest.spyOn(jwtService, 'verifyToken').mockResolvedValue({
+                sub: user.id,
+                sessionId: nonExistentSessionId,
+            });
+
+            await expect(service.refreshToken('invalid-token'))
+                .rejects
+                .toThrow(UnauthorizedException);
+        });
+    });
+
+    describe('logout', () => {
+        it('should delete session', async () => {
+            // Create test user
+            const user = new NestAuthUser();
+            user.email = 'test@example.com';
+            user.isVerified = true;
+            await user.setPassword('password123');
+            await userRepository.save(user);
+
+            // Create session
+            const session = await sessionService.createSessionFromUser(user);
+
+            // Mock RequestContext
+            (RequestContext.currentSession as jest.Mock).mockReturnValue(session);
+
+            const result = await service.logout();
+            expect(result).toBe(true);
+
+            // Verify session was deleted
+            const deletedSession = await sessionService.getSession(session.id);
+            expect(deletedSession).toBeNull();
+
+        });
+
+        it('should not throw error if session not found', async () => {
+            const result = await service.logout();
+            expect(result).toBe(true);
+        });
+    });
+
+    describe('logoutAll', () => {
+        it('should delete all user sessions', async () => {
+            // Create test user
+            const user = new NestAuthUser();
+            user.email = 'test@example.com';
+            user.isVerified = true;
+            await user.setPassword('password123');
+            await userRepository.save(user);
+
+            // Create multiple sessions
+            const sessions = [];
+            for (let i = 0; i < 3; i++) {
+                const session = await sessionService.createSessionFromUser(user);
+                sessions.push(session);
+            }
+
+            await service.logoutAll(user.id);
+
+            // Verify all sessions were deleted
+            const remainingSessions = await sessionService.getUserSessions(user.id);
+            expect(remainingSessions).toHaveLength(0);
+        });
+    });
+});