npm - @ackplus/nest-auth - Versions diffs - 1.1.0 → 1.1.2 - Mend

@ackplus/nest-auth 1.1.0 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (645) hide show

package/test/auth.service.spec.ts DELETED Viewed

@@ -1,541 +0,0 @@
-import { EMAIL_AUTH_PROVIDER, PHONE_AUTH_PROVIDER } from '../src/lib/auth.constants';
-import { NestAuthUser } from '../src/lib/user/entities/user.entity';
-import { NestAuthOTP } from '../src/lib/auth/entities/otp.entity';
-import { getRepositoryToken } from '@nestjs/typeorm';
-import { DataSource, Repository } from 'typeorm';
-import { createTestApp } from './test.setup';
-import { BaseSessionService } from '../src/lib/session/services/base-session.service';
-import { UnauthorizedException } from '@nestjs/common';
-import { RequestContext } from '../src/lib/request-context/request-context';
-import { v4 as uuidv4 } from 'uuid';
-import { AuthService } from '../src/lib/auth/services/auth.service';
-import { OTPTypeEnum } from '../src/lib/core/interfaces/otp.interface';
-import { JwtService, NestAuthIdentity } from '../src/lib/core';
-jest.mock('../src/lib/request-context/request-context', () => ({
-    RequestContext: {
-        currentRequest: jest.fn(),
-        currentUser: jest.fn(),
-        currentSession: jest.fn(),
-        getDeviceInfo: () => ({
-            ipAddress: '127.0.0.1',
-            userAgent: 'Test Browser',
-            deviceName: 'Test Device',
-        }),
-    },
-}));
-describe('AuthService', () => {
-    let service: AuthService;
-    let jwtService: JwtService;
-    let userRepository: Repository<NestAuthUser>;
-    let otpRepository: Repository<NestAuthOTP>;
-    let dataSource: DataSource;
-    let authIdentityRepository: Repository<NestAuthIdentity>;
-    let sessionService: BaseSessionService;
-    beforeAll(async () => {
-        const app = await createTestApp();
-        service = app.get<AuthService>(AuthService);
-        jwtService = app.get<JwtService>(JwtService);
-        sessionService = app.get<BaseSessionService>(BaseSessionService);
-        dataSource = app.get<DataSource>(DataSource);
-        userRepository = dataSource.getRepository(NestAuthUser);
-        otpRepository = dataSource.getRepository(NestAuthOTP);
-        authIdentityRepository = dataSource.getRepository(NestAuthIdentity);
-    });
-    afterEach(async () => {
-        await dataSource.synchronize(true);
-    });
-    afterAll(async () => {
-        await dataSource.destroy();
-    });
-    describe('signup', () => {
-        it('should successfully signup with email and create session', async () => {
-            const signupDto = {
-                email: 'test@example.com',
-                password: 'password123',
-                providerName: EMAIL_AUTH_PROVIDER,
-            };
-            const result = await service.signup(signupDto);
-            expect(result).toHaveProperty('accessToken');
-            expect(result).toHaveProperty('refreshToken');
-            const payload = await jwtService.verifyToken(result.accessToken);
-            expect(payload.sessionId).toBeDefined();
-            // Verify session was created
-            const sessions = await sessionService.getSession(payload.sessionId);
-            expect(sessions).toBeDefined();
-        });
-        it('should successfully signup with phone', async () => {
-            const signupDto = {
-                phone: '+1234567890',
-                password: 'password123',
-                providerName: PHONE_AUTH_PROVIDER,
-            };
-            const result = await service.signup(signupDto);
-            expect(result).toHaveProperty('accessToken');
-            expect(result).toHaveProperty('refreshToken');
-            const payload = await jwtService.verifyToken(result.accessToken);
-            expect(payload.sessionId).toBeDefined();
-            // Verify session was created
-            const sessions = await sessionService.getSession(payload.sessionId);
-            expect(sessions).toBeDefined();
-        });
-        it('should throw BadRequestException if email already exists', async () => {
-            // First create a user with the email
-            const user = new NestAuthUser();
-            user.email = 'test@example.com';
-            await user.setPassword('password123');
-            await userRepository.save(user);
-            const authIdentity = new NestAuthIdentity();
-            authIdentity.provider = EMAIL_AUTH_PROVIDER;
-            authIdentity.providerId = user.email;
-            authIdentity.user = user;
-            await authIdentityRepository.save(authIdentity);
-            const signupDto = {
-                email: 'test@example.com',
-                password: 'password123',
-                providerName: EMAIL_AUTH_PROVIDER,
-            };
-            await expect(service.signup(signupDto)).rejects.toThrow('Email already exists');
-        });
-        it('should throw BadRequestException if phone already exists', async () => {
-            // First create a user with the phone
-            const user = new NestAuthUser();
-            user.phone = '+1234567890';
-            await user.setPassword('password123');
-            await userRepository.save(user);
-            const authIdentity = new NestAuthIdentity();
-            authIdentity.provider = PHONE_AUTH_PROVIDER;
-            authIdentity.providerId = user.phone;
-            authIdentity.user = user;
-            await authIdentityRepository.save(authIdentity);
-            const signupDto = {
-                phone: '+1234567890',
-                password: 'password123',
-                providerName: PHONE_AUTH_PROVIDER,
-            };
-            await expect(service.signup(signupDto)).rejects.toThrow('Phone number already exists in this tenant');
-        });
-    });
-    describe('login', () => {
-        it('should successfully login and create new session', async () => {
-            // Create test user
-            const user = new NestAuthUser();
-            user.email = 'test@example.com';
-            user.isVerified = true;
-            await user.setPassword('password123');
-            await userRepository.save(user);
-            // Create auth identity with password hash
-            const authIdentity = new NestAuthIdentity();
-            authIdentity.provider = EMAIL_AUTH_PROVIDER;
-            authIdentity.providerId = user.email;
-            authIdentity.user = user;
-            await authIdentityRepository.save(authIdentity);
-            const loginDto = {
-                credentials: {
-                    email: 'test@example.com',
-                    password: 'password123',
-                },
-                providerName: EMAIL_AUTH_PROVIDER,
-            };
-            const result = await service.login(loginDto);
-            expect(result).toHaveProperty('accessToken');
-            expect(result).toHaveProperty('refreshToken');
-            const payload = await jwtService.verifyToken(result.accessToken);
-            expect(payload.sessionId).toBeDefined();
-            // Verify session was created
-            const sessions = await sessionService.getSession(payload.sessionId);
-            expect(sessions).toBeDefined();
-        });
-        it('should successfully login with phone', async () => {
-            // First create a user
-            const user = new NestAuthUser();
-            user.phone = '+1234567890';
-            user.isVerified = true;
-            await user.setPassword('password123');
-            await userRepository.save(user);
-            // Create auth identity with password hash
-            const authIdentity = new NestAuthIdentity();
-            authIdentity.provider = PHONE_AUTH_PROVIDER;
-            authIdentity.providerId = user.phone;
-            authIdentity.user = user;
-            await authIdentityRepository.save(authIdentity);
-            const loginDto = {
-                credentials: {
-                    phone: '+1234567890',
-                    password: 'password123',
-                },
-                providerName: PHONE_AUTH_PROVIDER,
-            };
-            const result = await service.login(loginDto);
-            expect(result).toHaveProperty('accessToken');
-            expect(result).toHaveProperty('refreshToken');
-            const payload = await jwtService.verifyToken(result.accessToken);
-            expect(payload.sessionId).toBeDefined();
-            // Verify session was created
-            const sessions = await sessionService.getSession(payload.sessionId);
-            expect(sessions).toBeDefined();
-        });
-        it('should throw BadRequestException if email is not found', async () => {
-            const loginDto = {
-                credentials: {
-                    email: 'test@example.com',
-                    password: 'password123',
-                },
-                providerName: EMAIL_AUTH_PROVIDER,
-            };
-            await expect(service.login(loginDto)).rejects.toThrow('Invalid credentials');
-        });
-        it('should throw BadRequestException if phone is not found', async () => {
-            const loginDto = {
-                credentials: {
-                    phone: '+1234567890',
-                    password: 'password123',
-                },
-                providerName: PHONE_AUTH_PROVIDER,
-            };
-            await expect(service.login(loginDto)).rejects.toThrow('Invalid credentials');
-        });
-        it('should throw BadRequestException if password is incorrect', async () => {
-            // First create a user
-            const user = new NestAuthUser();
-            user.email = 'test@example.com';
-            user.isVerified = true;
-            await user.setPassword('password123');
-            await userRepository.save(user);
-            // Create auth identity
-            const authIdentity = new NestAuthIdentity();
-            authIdentity.provider = EMAIL_AUTH_PROVIDER;
-            authIdentity.providerId = user.email;
-            authIdentity.user = user;
-            await authIdentityRepository.save(authIdentity);
-            const loginDto = {
-                credentials: {
-                    email: 'test@example.com',
-                    password: 'wrongpassword',
-                },
-                providerName: EMAIL_AUTH_PROVIDER,
-            };
-            await expect(service.login(loginDto)).rejects.toThrow('Invalid credentials');
-        });
-    });
-    describe('forgotPassword', () => {
-        it('should create OTP for email password reset', async () => {
-            // First create a user
-            const user = new NestAuthUser();
-            user.email = 'test@example.com';
-            user.isVerified = true;
-            await user.setPassword('password123');
-            await userRepository.save(user);
-            // Create auth identity
-            const authIdentity = new NestAuthIdentity();
-            authIdentity.provider = EMAIL_AUTH_PROVIDER;
-            authIdentity.providerId = user.email;
-            authIdentity.user = user;
-            await authIdentityRepository.save(authIdentity);
-            const forgotPasswordDto = {
-                email: 'test@example.com',
-            };
-            const result = await service.forgotPassword(forgotPasswordDto);
-            expect(result).toBe(true);
-            // Verify OTP was created
-            const otp = await otpRepository.findOne({ where: { user: { id: user.id } } });
-            expect(otp).toBeDefined();
-            expect(otp.type).toBe(OTPTypeEnum.PASSWORD_RESET);
-        });
-        it('should create OTP for phone password reset', async () => {
-            // First create a user
-            const user = new NestAuthUser();
-            user.phone = '+1234567890';
-            user.isVerified = true;
-            await user.setPassword('password123');
-            await userRepository.save(user);
-            // Create auth identity
-            const authIdentity = new NestAuthIdentity();
-            authIdentity.provider = PHONE_AUTH_PROVIDER;
-            authIdentity.providerId = user.phone;
-            authIdentity.user = user;
-            await authIdentityRepository.save(authIdentity);
-            const forgotPasswordDto = {
-                phone: '+1234567890',
-            };
-            const result = await service.forgotPassword(forgotPasswordDto);
-            expect(result).toBe(true);
-            // Verify OTP was created
-            const otp = await otpRepository.findOne({ where: { userId: user.id } });
-            expect(otp).toBeDefined();
-            expect(otp.type).toBe(OTPTypeEnum.PASSWORD_RESET);
-        });
-    });
-    describe('resetPassword', () => {
-        it('should successfully reset password with valid email OTP', async () => {
-            // Create a test user
-            const user = new NestAuthUser();
-            user.email = 'test@example.com';
-            user.isVerified = true;
-            await user.setPassword('oldpassword');
-            await userRepository.save(user);
-            // Create OTP
-            const otp = new NestAuthOTP();
-            otp.user = user;
-            otp.code = '123456';
-            otp.type = OTPTypeEnum.PASSWORD_RESET;
-            otp.expiresAt = new Date(Date.now() + 3600000);
-            await otpRepository.save(otp);
-            const resetPasswordDto = {
-                email: user.email,
-                otp: otp.code,
-                newPassword: 'newpassword123',
-            };
-            const result = await service.resetPassword(resetPasswordDto);
-            expect(result).toBe(true);
-            // Verify password was changed
-            const updatedUser = await userRepository.findOne({ where: { id: user.id } });
-            expect(await updatedUser.validatePassword('newpassword123')).toBe(true);
-        });
-        it('should successfully reset password with valid phone OTP', async () => {
-            // Create a test user
-            const user = new NestAuthUser();
-            user.phone = '+1234567890';
-            user.isVerified = true;
-            await user.setPassword('oldpassword');
-            await userRepository.save(user);
-            // Create OTP
-            const otp = new NestAuthOTP();
-            otp.user = user;
-            otp.code = '123456';
-            otp.type = OTPTypeEnum.PASSWORD_RESET;
-            otp.expiresAt = new Date(Date.now() + 3600000);
-            await otpRepository.save(otp);
-            const resetPasswordDto = {
-                phone: user.phone,
-                otp: otp.code,
-                newPassword: 'newpassword123',
-            };
-            const result = await service.resetPassword(resetPasswordDto);
-            expect(result).toBe(true);
-            // Verify password was changed
-            const updatedUser = await userRepository.findOne({ where: { id: user.id } });
-            expect(await updatedUser.validatePassword('newpassword123')).toBe(true);
-        });
-        it('should throw BadRequestException for invalid email OTP', async () => {
-            // Create a test user
-            const user = new NestAuthUser();
-            user.email = 'test@example.com';
-            user.isVerified = true;
-            await user.setPassword('oldpassword');
-            await userRepository.save(user);
-            const resetPasswordDto = {
-                email: user.email,
-                otp: 'invalid',
-                newPassword: 'newpassword123',
-            };
-            await expect(service.resetPassword(resetPasswordDto)).rejects.toThrow('Invalid or expired OTP');
-        });
-        it('should throw BadRequestException for invalid phone OTP', async () => {
-            // Create a test user
-            const user = new NestAuthUser();
-            user.phone = '+1234567890';
-            user.isVerified = true;
-            await user.setPassword('oldpassword');
-            await userRepository.save(user);
-            const resetPasswordDto = {
-                phone: user.phone,
-                otp: 'invalid',
-                newPassword: 'newpassword123',
-            };
-            await expect(service.resetPassword(resetPasswordDto)).rejects.toThrow('Invalid or expired OTP');
-        });
-    });
-    describe('refreshToken', () => {
-        it('should generate new tokens and delete old session', async () => {
-            // Create test user
-            const user = new NestAuthUser();
-            user.email = 'test@example.com';
-            user.isVerified = true;
-            user.isMfaEnabled = true;
-            await user.setPassword('password123');
-            await userRepository.save(user);
-            const oldSession = await sessionService.createSessionFromUser(user);
-            const tokenPayload = {
-                sub: user.id,
-                exp: Math.floor(Date.now() / 1000) + 3600,
-                iat: Math.floor(Date.now() / 1000),
-                email: user.email,
-                phone: user.phone,
-                isVerified: user.isVerified,
-                isMfaEnabled: user.isMfaEnabled,
-                sessionId: oldSession.id,
-            };
-            const refreshToken = await jwtService.generateRefreshToken(tokenPayload);
-            const result = await service.refreshToken(refreshToken);
-            expect(result).toHaveProperty('accessToken');
-            expect(result).toHaveProperty('refreshToken');
-            // Verify old session was deleted
-            const deletedSession = await sessionService.getSession(oldSession.id);
-            expect(deletedSession).toBeNull();
-            // Verify new session was created
-            const payload = await jwtService.verifyToken(result.accessToken);
-            expect(payload.sessionId).toBeDefined();
-            const sessions = await sessionService.getSession(payload.sessionId);
-            expect(sessions).toBeDefined();
-        });
-        it('should throw UnauthorizedException for non-existent session', async () => {
-            // Create test user
-            const user = new NestAuthUser();
-            user.email = 'test@example.com';
-            await userRepository.save(user);
-            const nonExistentSessionId = uuidv4();
-            // Mock JWT verification
-            jest.spyOn(jwtService, 'verifyToken').mockResolvedValue({
-                sub: user.id,
-                sessionId: nonExistentSessionId,
-            });
-            await expect(service.refreshToken('invalid-token'))
-                .rejects
-                .toThrow(UnauthorizedException);
-        });
-    });
-    describe('logout', () => {
-        it('should delete session', async () => {
-            // Create test user
-            const user = new NestAuthUser();
-            user.email = 'test@example.com';
-            user.isVerified = true;
-            await user.setPassword('password123');
-            await userRepository.save(user);
-            // Create session
-            const session = await sessionService.createSessionFromUser(user);
-            // Mock RequestContext
-            (RequestContext.currentSession as jest.Mock).mockReturnValue(session);
-            const result = await service.logout();
-            expect(result).toBe(true);
-            // Verify session was deleted
-            const deletedSession = await sessionService.getSession(session.id);
-            expect(deletedSession).toBeNull();
-        });
-        it('should not throw error if session not found', async () => {
-            const result = await service.logout();
-            expect(result).toBe(true);
-        });
-    });
-    describe('logoutAll', () => {
-        it('should delete all user sessions', async () => {
-            // Create test user
-            const user = new NestAuthUser();
-            user.email = 'test@example.com';
-            user.isVerified = true;
-            await user.setPassword('password123');
-            await userRepository.save(user);
-            // Create multiple sessions
-            const sessions = [];
-            for (let i = 0; i < 3; i++) {
-                const session = await sessionService.createSessionFromUser(user);
-                sessions.push(session);
-            }
-            await service.logoutAll(user.id);
-            // Verify all sessions were deleted
-            const remainingSessions = await sessionService.getUserSessions(user.id);
-            expect(remainingSessions).toHaveLength(0);
-        });
-    });
-});