mongodb-dynamic-api 2.3.16 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (286) hide show
  1. package/CHANGELOG.md +14 -0
  2. package/package.json +5 -2
  3. package/src/adapters/socket-adapter.d.ts +8 -0
  4. package/src/adapters/socket-adapter.js +11 -0
  5. package/src/adapters/socket-adapter.js.map +1 -0
  6. package/src/builders/route-decorators/auth-decorators.builder.d.ts +4 -4
  7. package/src/builders/route-decorators/auth-decorators.builder.js +9 -6
  8. package/src/builders/route-decorators/auth-decorators.builder.js.map +1 -1
  9. package/src/dtos/index.d.ts +1 -1
  10. package/src/dtos/index.js +1 -1
  11. package/src/dtos/index.js.map +1 -1
  12. package/src/dtos/many-entity.query.d.ts +3 -0
  13. package/src/dtos/{delete-many-entity.query.js → many-entity.query.js} +5 -5
  14. package/src/dtos/many-entity.query.js.map +1 -0
  15. package/src/dynamic-api.module.d.ts +2 -2
  16. package/src/dynamic-api.module.js +10 -7
  17. package/src/dynamic-api.module.js.map +1 -1
  18. package/src/filters/ws-exception/dynamic-api-ws-exception.filter.d.ts +5 -0
  19. package/src/filters/ws-exception/dynamic-api-ws-exception.filter.js +29 -0
  20. package/src/filters/ws-exception/dynamic-api-ws-exception.filter.js.map +1 -0
  21. package/src/gateways/base.gateway.d.ts +10 -0
  22. package/src/gateways/base.gateway.js +45 -0
  23. package/src/gateways/base.gateway.js.map +1 -0
  24. package/src/gateways/index.d.ts +1 -0
  25. package/src/gateways/index.js +18 -0
  26. package/src/gateways/index.js.map +1 -0
  27. package/src/helpers/controller-mixin.helper.js +2 -20
  28. package/src/helpers/controller-mixin.helper.js.map +1 -1
  29. package/src/helpers/format.helper.d.ts +7 -4
  30. package/src/helpers/format.helper.js +12 -4
  31. package/src/helpers/format.helper.js.map +1 -1
  32. package/src/helpers/index.d.ts +1 -0
  33. package/src/helpers/index.js +1 -0
  34. package/src/helpers/index.js.map +1 -1
  35. package/src/helpers/socket-config.helper.d.ts +5 -0
  36. package/src/helpers/socket-config.helper.js +30 -0
  37. package/src/helpers/socket-config.helper.js.map +1 -0
  38. package/src/index.d.ts +1 -0
  39. package/src/index.js +1 -0
  40. package/src/index.js.map +1 -1
  41. package/src/interfaces/dynamic-api-global-state.interface.d.ts +3 -0
  42. package/src/interfaces/dynamic-api-options.interface.d.ts +3 -0
  43. package/src/interfaces/dynamic-api-options.interface.js.map +1 -1
  44. package/src/interfaces/dynamic-api-policy-handler.interface.d.ts +2 -2
  45. package/src/interfaces/dynamic-api-route-config.interface.d.ts +2 -0
  46. package/src/interfaces/dynamic-api-service-callback.interface.d.ts +2 -2
  47. package/src/interfaces/dynamic-api-web-socket.interface.d.ts +13 -0
  48. package/src/interfaces/dynamic-api-web-socket.interface.js +3 -0
  49. package/src/interfaces/dynamic-api-web-socket.interface.js.map +1 -0
  50. package/src/interfaces/index.d.ts +1 -0
  51. package/src/interfaces/index.js +1 -0
  52. package/src/interfaces/index.js.map +1 -1
  53. package/src/modules/auth/auth.helper.d.ts +7 -5
  54. package/src/modules/auth/auth.helper.js +29 -5
  55. package/src/modules/auth/auth.helper.js.map +1 -1
  56. package/src/modules/auth/auth.module.js +28 -10
  57. package/src/modules/auth/auth.module.js.map +1 -1
  58. package/src/modules/auth/guards/index.d.ts +4 -2
  59. package/src/modules/auth/guards/index.js +4 -2
  60. package/src/modules/auth/guards/index.js.map +1 -1
  61. package/src/modules/auth/guards/jwt-auth/jwt-auth.guard.js.map +1 -0
  62. package/src/modules/auth/guards/jwt-socket-auth/jwt-socket-auth.guard.d.ts +5 -0
  63. package/src/modules/auth/guards/jwt-socket-auth/jwt-socket-auth.guard.js +57 -0
  64. package/src/modules/auth/guards/jwt-socket-auth/jwt-socket-auth.guard.js.map +1 -0
  65. package/src/modules/auth/guards/local-auth/local-auth.guard.js.map +1 -0
  66. package/src/modules/auth/guards/reset-password/reset-password.guard.d.ts +6 -0
  67. package/src/modules/auth/guards/reset-password/reset-password.guard.js +30 -0
  68. package/src/modules/auth/guards/reset-password/reset-password.guard.js.map +1 -0
  69. package/src/modules/auth/interfaces/auth-controller.interface.d.ts +3 -0
  70. package/src/modules/auth/interfaces/auth-gateway.interface.d.ts +16 -0
  71. package/src/modules/auth/interfaces/auth-gateway.interface.js +3 -0
  72. package/src/modules/auth/interfaces/auth-gateway.interface.js.map +1 -0
  73. package/src/modules/auth/interfaces/auth-options.interface.d.ts +15 -8
  74. package/src/modules/auth/interfaces/auth-service.interface.d.ts +1 -0
  75. package/src/modules/auth/interfaces/index.d.ts +1 -0
  76. package/src/modules/auth/interfaces/index.js +1 -0
  77. package/src/modules/auth/interfaces/index.js.map +1 -1
  78. package/src/modules/auth/mixins/auth-controller.mixin.d.ts +2 -2
  79. package/src/modules/auth/mixins/auth-controller.mixin.js +31 -5
  80. package/src/modules/auth/mixins/auth-controller.mixin.js.map +1 -1
  81. package/src/modules/auth/mixins/auth-gateway.mixin.d.ts +5 -0
  82. package/src/modules/auth/mixins/auth-gateway.mixin.js +191 -0
  83. package/src/modules/auth/mixins/auth-gateway.mixin.js.map +1 -0
  84. package/src/modules/auth/mixins/auth-policies-guard.mixin.d.ts +6 -0
  85. package/src/modules/auth/mixins/auth-policies-guard.mixin.js +52 -0
  86. package/src/modules/auth/mixins/auth-policies-guard.mixin.js.map +1 -0
  87. package/src/modules/auth/mixins/index.d.ts +2 -1
  88. package/src/modules/auth/mixins/index.js +2 -1
  89. package/src/modules/auth/mixins/index.js.map +1 -1
  90. package/src/modules/auth/services/base-auth.service.d.ts +2 -0
  91. package/src/modules/auth/services/base-auth.service.js +27 -7
  92. package/src/modules/auth/services/base-auth.service.js.map +1 -1
  93. package/src/routes/create-many/create-many-body-dto.mixin.d.ts +7 -0
  94. package/src/routes/create-many/create-many-body-dto.mixin.js +30 -0
  95. package/src/routes/create-many/create-many-body-dto.mixin.js.map +1 -0
  96. package/src/routes/create-many/create-many-controller.interface.d.ts +5 -4
  97. package/src/routes/create-many/create-many-gateway.interface.d.ts +10 -0
  98. package/src/routes/create-many/create-many-gateway.interface.js +3 -0
  99. package/src/routes/create-many/create-many-gateway.interface.js.map +1 -0
  100. package/src/routes/create-many/create-many-gateway.mixin.d.ts +6 -0
  101. package/src/routes/create-many/create-many-gateway.mixin.js +60 -0
  102. package/src/routes/create-many/create-many-gateway.mixin.js.map +1 -0
  103. package/src/routes/create-many/create-many.helper.d.ts +4 -2
  104. package/src/routes/create-many/create-many.helper.js +21 -1
  105. package/src/routes/create-many/create-many.helper.js.map +1 -1
  106. package/src/routes/create-many/create-many.module.d.ts +2 -2
  107. package/src/routes/create-many/create-many.module.js +12 -2
  108. package/src/routes/create-many/create-many.module.js.map +1 -1
  109. package/src/routes/create-many/index.d.ts +3 -0
  110. package/src/routes/create-many/index.js +3 -0
  111. package/src/routes/create-many/index.js.map +1 -1
  112. package/src/routes/create-one/create-one-gateway.interface.d.ts +9 -0
  113. package/src/routes/create-one/create-one-gateway.interface.js +3 -0
  114. package/src/routes/create-one/create-one-gateway.interface.js.map +1 -0
  115. package/src/routes/create-one/create-one-gateway.mixin.d.ts +6 -0
  116. package/src/routes/create-one/create-one-gateway.mixin.js +61 -0
  117. package/src/routes/create-one/create-one-gateway.mixin.js.map +1 -0
  118. package/src/routes/create-one/create-one.helper.d.ts +4 -2
  119. package/src/routes/create-one/create-one.helper.js +21 -1
  120. package/src/routes/create-one/create-one.helper.js.map +1 -1
  121. package/src/routes/create-one/create-one.module.d.ts +2 -2
  122. package/src/routes/create-one/create-one.module.js +12 -2
  123. package/src/routes/create-one/create-one.module.js.map +1 -1
  124. package/src/routes/create-one/index.d.ts +2 -0
  125. package/src/routes/create-one/index.js +2 -0
  126. package/src/routes/create-one/index.js.map +1 -1
  127. package/src/routes/delete-many/delete-many-controller.interface.d.ts +2 -2
  128. package/src/routes/delete-many/delete-many-controller.mixin.js +1 -1
  129. package/src/routes/delete-many/delete-many-controller.mixin.js.map +1 -1
  130. package/src/routes/delete-many/delete-many-gateway.interface.d.ts +10 -0
  131. package/src/routes/delete-many/delete-many-gateway.interface.js +3 -0
  132. package/src/routes/delete-many/delete-many-gateway.interface.js.map +1 -0
  133. package/src/routes/delete-many/delete-many-gateway.mixin.d.ts +6 -0
  134. package/src/routes/delete-many/delete-many-gateway.mixin.js +60 -0
  135. package/src/routes/delete-many/delete-many-gateway.mixin.js.map +1 -0
  136. package/src/routes/delete-many/delete-many.helper.d.ts +4 -2
  137. package/src/routes/delete-many/delete-many.helper.js +21 -1
  138. package/src/routes/delete-many/delete-many.helper.js.map +1 -1
  139. package/src/routes/delete-many/delete-many.module.d.ts +2 -2
  140. package/src/routes/delete-many/delete-many.module.js +12 -2
  141. package/src/routes/delete-many/delete-many.module.js.map +1 -1
  142. package/src/routes/delete-many/index.d.ts +2 -0
  143. package/src/routes/delete-many/index.js +2 -0
  144. package/src/routes/delete-many/index.js.map +1 -1
  145. package/src/routes/delete-one/delete-one-gateway.interface.d.ts +10 -0
  146. package/src/routes/delete-one/delete-one-gateway.interface.js +3 -0
  147. package/src/routes/delete-one/delete-one-gateway.interface.js.map +1 -0
  148. package/src/routes/delete-one/delete-one-gateway.mixin.d.ts +6 -0
  149. package/src/routes/delete-one/delete-one-gateway.mixin.js +60 -0
  150. package/src/routes/delete-one/delete-one-gateway.mixin.js.map +1 -0
  151. package/src/routes/delete-one/delete-one.helper.d.ts +4 -2
  152. package/src/routes/delete-one/delete-one.helper.js +21 -1
  153. package/src/routes/delete-one/delete-one.helper.js.map +1 -1
  154. package/src/routes/delete-one/delete-one.module.d.ts +2 -2
  155. package/src/routes/delete-one/delete-one.module.js +12 -2
  156. package/src/routes/delete-one/delete-one.module.js.map +1 -1
  157. package/src/routes/delete-one/index.d.ts +2 -0
  158. package/src/routes/delete-one/index.js +2 -0
  159. package/src/routes/delete-one/index.js.map +1 -1
  160. package/src/routes/duplicate-many/base-duplicate-many.service.js +1 -1
  161. package/src/routes/duplicate-many/base-duplicate-many.service.js.map +1 -1
  162. package/src/routes/duplicate-many/duplicate-many-gateway.interface.d.ts +10 -0
  163. package/src/routes/duplicate-many/duplicate-many-gateway.interface.js +3 -0
  164. package/src/routes/duplicate-many/duplicate-many-gateway.interface.js.map +1 -0
  165. package/src/routes/duplicate-many/duplicate-many-gateway.mixin.d.ts +6 -0
  166. package/src/routes/duplicate-many/duplicate-many-gateway.mixin.js +60 -0
  167. package/src/routes/duplicate-many/duplicate-many-gateway.mixin.js.map +1 -0
  168. package/src/routes/duplicate-many/duplicate-many.helper.d.ts +4 -2
  169. package/src/routes/duplicate-many/duplicate-many.helper.js +21 -1
  170. package/src/routes/duplicate-many/duplicate-many.helper.js.map +1 -1
  171. package/src/routes/duplicate-many/duplicate-many.module.d.ts +2 -2
  172. package/src/routes/duplicate-many/duplicate-many.module.js +12 -2
  173. package/src/routes/duplicate-many/duplicate-many.module.js.map +1 -1
  174. package/src/routes/duplicate-many/index.d.ts +2 -0
  175. package/src/routes/duplicate-many/index.js +2 -0
  176. package/src/routes/duplicate-many/index.js.map +1 -1
  177. package/src/routes/duplicate-one/duplicate-one-gateway.interface.d.ts +10 -0
  178. package/src/routes/duplicate-one/duplicate-one-gateway.interface.js +3 -0
  179. package/src/routes/duplicate-one/duplicate-one-gateway.interface.js.map +1 -0
  180. package/src/routes/duplicate-one/duplicate-one-gateway.mixin.d.ts +6 -0
  181. package/src/routes/duplicate-one/duplicate-one-gateway.mixin.js +60 -0
  182. package/src/routes/duplicate-one/duplicate-one-gateway.mixin.js.map +1 -0
  183. package/src/routes/duplicate-one/duplicate-one.helper.d.ts +4 -2
  184. package/src/routes/duplicate-one/duplicate-one.helper.js +21 -1
  185. package/src/routes/duplicate-one/duplicate-one.helper.js.map +1 -1
  186. package/src/routes/duplicate-one/duplicate-one.module.d.ts +2 -2
  187. package/src/routes/duplicate-one/duplicate-one.module.js +12 -2
  188. package/src/routes/duplicate-one/duplicate-one.module.js.map +1 -1
  189. package/src/routes/duplicate-one/index.d.ts +2 -0
  190. package/src/routes/duplicate-one/index.js +2 -0
  191. package/src/routes/duplicate-one/index.js.map +1 -1
  192. package/src/routes/get-many/get-many-gateway.interface.d.ts +9 -0
  193. package/src/routes/get-many/get-many-gateway.interface.js +3 -0
  194. package/src/routes/get-many/get-many-gateway.interface.js.map +1 -0
  195. package/src/routes/get-many/get-many-gateway.mixin.d.ts +6 -0
  196. package/src/routes/get-many/get-many-gateway.mixin.js +56 -0
  197. package/src/routes/get-many/get-many-gateway.mixin.js.map +1 -0
  198. package/src/routes/get-many/get-many.helper.d.ts +4 -2
  199. package/src/routes/get-many/get-many.helper.js +21 -1
  200. package/src/routes/get-many/get-many.helper.js.map +1 -1
  201. package/src/routes/get-many/get-many.module.d.ts +2 -2
  202. package/src/routes/get-many/get-many.module.js +12 -2
  203. package/src/routes/get-many/get-many.module.js.map +1 -1
  204. package/src/routes/get-many/index.d.ts +2 -0
  205. package/src/routes/get-many/index.js +2 -0
  206. package/src/routes/get-many/index.js.map +1 -1
  207. package/src/routes/get-one/get-one-gateway.interface.d.ts +10 -0
  208. package/src/routes/get-one/get-one-gateway.interface.js +3 -0
  209. package/src/routes/get-one/get-one-gateway.interface.js.map +1 -0
  210. package/src/routes/get-one/get-one-gateway.mixin.d.ts +6 -0
  211. package/src/routes/get-one/get-one-gateway.mixin.js +60 -0
  212. package/src/routes/get-one/get-one-gateway.mixin.js.map +1 -0
  213. package/src/routes/get-one/get-one.helper.d.ts +4 -2
  214. package/src/routes/get-one/get-one.helper.js +21 -1
  215. package/src/routes/get-one/get-one.helper.js.map +1 -1
  216. package/src/routes/get-one/get-one.module.d.ts +2 -2
  217. package/src/routes/get-one/get-one.module.js +12 -2
  218. package/src/routes/get-one/get-one.module.js.map +1 -1
  219. package/src/routes/get-one/index.d.ts +2 -0
  220. package/src/routes/get-one/index.js +2 -0
  221. package/src/routes/get-one/index.js.map +1 -1
  222. package/src/routes/replace-one/index.d.ts +2 -0
  223. package/src/routes/replace-one/index.js +2 -0
  224. package/src/routes/replace-one/index.js.map +1 -1
  225. package/src/routes/replace-one/replace-one-gateway.interface.d.ts +10 -0
  226. package/src/routes/replace-one/replace-one-gateway.interface.js +3 -0
  227. package/src/routes/replace-one/replace-one-gateway.interface.js.map +1 -0
  228. package/src/routes/replace-one/replace-one-gateway.mixin.d.ts +6 -0
  229. package/src/routes/replace-one/replace-one-gateway.mixin.js +60 -0
  230. package/src/routes/replace-one/replace-one-gateway.mixin.js.map +1 -0
  231. package/src/routes/replace-one/replace-one.helper.d.ts +4 -2
  232. package/src/routes/replace-one/replace-one.helper.js +21 -1
  233. package/src/routes/replace-one/replace-one.helper.js.map +1 -1
  234. package/src/routes/replace-one/replace-one.module.d.ts +2 -2
  235. package/src/routes/replace-one/replace-one.module.js +12 -2
  236. package/src/routes/replace-one/replace-one.module.js.map +1 -1
  237. package/src/routes/update-many/index.d.ts +2 -0
  238. package/src/routes/update-many/index.js +2 -0
  239. package/src/routes/update-many/index.js.map +1 -1
  240. package/src/routes/update-many/update-many-gateway.interface.d.ts +10 -0
  241. package/src/routes/update-many/update-many-gateway.interface.js +3 -0
  242. package/src/routes/update-many/update-many-gateway.interface.js.map +1 -0
  243. package/src/routes/update-many/update-many-gateway.mixin.d.ts +6 -0
  244. package/src/routes/update-many/update-many-gateway.mixin.js +63 -0
  245. package/src/routes/update-many/update-many-gateway.mixin.js.map +1 -0
  246. package/src/routes/update-many/update-many.helper.d.ts +4 -2
  247. package/src/routes/update-many/update-many.helper.js +21 -1
  248. package/src/routes/update-many/update-many.helper.js.map +1 -1
  249. package/src/routes/update-many/update-many.module.d.ts +2 -2
  250. package/src/routes/update-many/update-many.module.js +12 -2
  251. package/src/routes/update-many/update-many.module.js.map +1 -1
  252. package/src/routes/update-one/update-one-gateway.interface.d.ts +10 -0
  253. package/src/routes/update-one/update-one-gateway.interface.js +3 -0
  254. package/src/routes/update-one/update-one-gateway.interface.js.map +1 -0
  255. package/src/routes/update-one/update-one-gateway.mixin.d.ts +6 -0
  256. package/src/routes/update-one/update-one-gateway.mixin.js +60 -0
  257. package/src/routes/update-one/update-one-gateway.mixin.js.map +1 -0
  258. package/src/routes/update-one/update-one.helper.d.ts +4 -2
  259. package/src/routes/update-one/update-one.helper.js +21 -1
  260. package/src/routes/update-one/update-one.helper.js.map +1 -1
  261. package/src/routes/update-one/update-one.module.d.ts +2 -2
  262. package/src/routes/update-one/update-one.module.js +12 -2
  263. package/src/routes/update-one/update-one.module.js.map +1 -1
  264. package/src/services/base/base.service.d.ts +4 -3
  265. package/src/services/base/base.service.js +12 -5
  266. package/src/services/base/base.service.js.map +1 -1
  267. package/src/services/dynamic-api-global-state/dynamic-api-global-state.service.js +4 -0
  268. package/src/services/dynamic-api-global-state/dynamic-api-global-state.service.js.map +1 -1
  269. package/src/version.json +1 -1
  270. package/test/dynamic-api-for-root.e2e-spec.js +893 -476
  271. package/test/dynamic-api-for-root.e2e-spec.js.map +1 -1
  272. package/test/e2e.setup.d.ts +16 -1
  273. package/test/e2e.setup.js +62 -7
  274. package/test/e2e.setup.js.map +1 -1
  275. package/tsconfig.tsbuildinfo +1 -1
  276. package/src/dtos/delete-many-entity.query.d.ts +0 -3
  277. package/src/dtos/delete-many-entity.query.js.map +0 -1
  278. package/src/modules/auth/guards/jwt-auth.guard.js.map +0 -1
  279. package/src/modules/auth/guards/local-auth.guard.js.map +0 -1
  280. package/src/modules/auth/mixins/auth-register-policies-guard.mixin.d.ts +0 -5
  281. package/src/modules/auth/mixins/auth-register-policies-guard.mixin.js +0 -31
  282. package/src/modules/auth/mixins/auth-register-policies-guard.mixin.js.map +0 -1
  283. /package/src/modules/auth/guards/{jwt-auth.guard.d.ts → jwt-auth/jwt-auth.guard.d.ts} +0 -0
  284. /package/src/modules/auth/guards/{jwt-auth.guard.js → jwt-auth/jwt-auth.guard.js} +0 -0
  285. /package/src/modules/auth/guards/{local-auth.guard.d.ts → local-auth/local-auth.guard.d.ts} +0 -0
  286. /package/src/modules/auth/guards/{local-auth.guard.js → local-auth/local-auth.guard.js} +0 -0
package/test/dynamic-api-for-root.e2e-spec.js CHANGED
@@ -16,17 +16,18 @@ const testing_1 = require("@nestjs/testing");
16
16
  const class_validator_1 = require("class-validator");
17
17
  const mongoose_2 = require("mongoose");
18
18
  const src_1 = require("../src");
19
+ const socket_adapter_1 = require("../src/adapters/socket-adapter");
19
20
  const e2e_setup_1 = require("./e2e.setup");
20
21
  require("dotenv/config");
21
22
  const utils_1 = require("./utils");
22
23
  describe('DynamicApiModule forRoot (e2e)', () => {
23
- let app;
24
24
  const uri = process.env.MONGO_DB_URL;
25
- const initModule = async (dynamicApiForRootOptions, initFixtures) => {
25
+ const initModule = async (dynamicApiForRootOptions, initFixtures, initMainCb, testGateway) => {
26
26
  const moduleRef = await testing_1.Test.createTestingModule({
27
27
  imports: [src_1.DynamicApiModule.forRoot(uri, dynamicApiForRootOptions)],
28
+ providers: testGateway ? [e2e_setup_1.TestGateway] : [],
28
29
  }).compile();
29
- return (0, e2e_setup_1.createTestingApp)(moduleRef, initFixtures);
30
+ return (0, e2e_setup_1.createTestingApp)(moduleRef, initFixtures, initMainCb);
30
31
  };
31
32
  beforeEach(() => {
32
33
  src_1.DynamicApiModule.state['resetState']();
@@ -35,7 +36,7 @@ describe('DynamicApiModule forRoot (e2e)', () => {
35
36
  await (0, e2e_setup_1.closeTestingApp)(mongoose_2.default.connections);
36
37
  });
37
38
  it('should initialize dynamic api module state with default options', async () => {
38
- app = await initModule({});
39
+ const app = await initModule({});
39
40
  expect(app).toBeDefined();
40
41
  expect(src_1.DynamicApiModule.state.get()).toStrictEqual({
41
42
  uri,
@@ -45,6 +46,7 @@ describe('DynamicApiModule forRoot (e2e)', () => {
45
46
  cacheExcludedPaths: [],
46
47
  credentials: null,
47
48
  isAuthEnabled: false,
49
+ jwtExpirationTime: undefined,
48
50
  jwtSecret: undefined,
49
51
  routesConfig: {
50
52
  defaults: [
@@ -62,10 +64,11 @@ describe('DynamicApiModule forRoot (e2e)', () => {
62
64
  ],
63
65
  excluded: [],
64
66
  },
67
+ gatewayOptions: undefined,
65
68
  });
66
69
  });
67
70
  it('should initialize dynamic api module state with custom options', async () => {
68
- app = await initModule({
71
+ const app = await initModule({
69
72
  useGlobalCache: false,
70
73
  cacheOptions: {
71
74
  excludePaths: ['/fake-path'],
@@ -84,545 +87,959 @@ describe('DynamicApiModule forRoot (e2e)', () => {
84
87
  cacheExcludedPaths: ['/fake-path'],
85
88
  credentials: null,
86
89
  isAuthEnabled: false,
90
+ jwtExpirationTime: undefined,
87
91
  jwtSecret: undefined,
88
92
  routesConfig: {
89
93
  defaults: ['GetMany', 'GetOne', 'CreateOne', 'UpdateOne', 'DeleteOne'],
90
94
  excluded: ['CreateMany', 'UpdateMany', 'DeleteMany'],
91
95
  },
96
+ gatewayOptions: undefined,
92
97
  });
93
98
  });
94
- describe('useAuth when only userEntity is provided', () => {
95
- let UserEntity = class UserEntity extends src_1.BaseEntity {
96
- };
97
- __decorate([
98
- (0, mongoose_1.Prop)({ type: String, required: true }),
99
- __metadata("design:type", String)
100
- ], UserEntity.prototype, "email", void 0);
101
- __decorate([
102
- (0, mongoose_1.Prop)({ type: String, required: true }),
103
- __metadata("design:type", String)
104
- ], UserEntity.prototype, "password", void 0);
105
- UserEntity = __decorate([
106
- (0, mongoose_1.Schema)({ collection: 'users' })
107
- ], UserEntity);
108
- beforeEach(async () => {
109
- app = await initModule({ useAuth: { userEntity: UserEntity } });
110
- });
111
- it('should initialize dynamic api module state and authentication API with default options', async () => {
112
- expect(app).toBeDefined();
113
- expect(src_1.DynamicApiModule.state.get()).toStrictEqual({
114
- uri,
115
- initialized: true,
116
- isGlobalCacheEnabled: true,
117
- connectionName: 'dynamic-api-connection',
118
- cacheExcludedPaths: [],
119
- credentials: {
120
- loginField: 'email',
121
- passwordField: 'password',
122
- },
123
- isAuthEnabled: true,
124
- jwtSecret: 'dynamic-api-jwt-secret',
125
- routesConfig: {
126
- defaults: [
127
- 'GetMany',
128
- 'GetOne',
129
- 'CreateMany',
130
- 'CreateOne',
131
- 'UpdateMany',
132
- 'UpdateOne',
133
- 'ReplaceOne',
134
- 'DuplicateMany',
135
- 'DuplicateOne',
136
- 'DeleteMany',
137
- 'DeleteOne',
138
- ],
139
- excluded: [],
140
- },
99
+ describe('Authentication API', () => {
100
+ describe('useAuth when only userEntity is provided', () => {
101
+ let UserEntity = class UserEntity extends src_1.BaseEntity {
102
+ };
103
+ __decorate([
104
+ (0, mongoose_1.Prop)({ type: String, required: true }),
105
+ __metadata("design:type", String)
106
+ ], UserEntity.prototype, "email", void 0);
107
+ __decorate([
108
+ (0, mongoose_1.Prop)({ type: String, required: true }),
109
+ __metadata("design:type", String)
110
+ ], UserEntity.prototype, "password", void 0);
111
+ UserEntity = __decorate([
112
+ (0, mongoose_1.Schema)({ collection: 'users' })
113
+ ], UserEntity);
114
+ let app;
115
+ beforeEach(async () => {
116
+ app = await initModule({ useAuth: { userEntity: UserEntity } });
141
117
  });
142
- });
143
- describe('POST /register', () => {
144
- it('should throw a bad request exception if email is missing', async () => {
145
- const { body, status } = await e2e_setup_1.server.post('/auth/register', { username: 'unit-test', password: 'test-2' });
146
- expect(status).toBe(400);
147
- expect(body).toEqual({
148
- error: 'Bad Request',
149
- message: ['email property is required'],
150
- statusCode: 400,
118
+ it('should initialize dynamic api module state and authentication API with default options', async () => {
119
+ expect(app).toBeDefined();
120
+ expect(src_1.DynamicApiModule.state.get()).toStrictEqual({
121
+ uri,
122
+ initialized: true,
123
+ isGlobalCacheEnabled: true,
124
+ connectionName: 'dynamic-api-connection',
125
+ cacheExcludedPaths: [],
126
+ credentials: {
127
+ loginField: 'email',
128
+ passwordField: 'password',
129
+ },
130
+ isAuthEnabled: true,
131
+ jwtExpirationTime: '1d',
132
+ jwtSecret: 'dynamic-api-jwt-secret',
133
+ routesConfig: {
134
+ defaults: [
135
+ 'GetMany',
136
+ 'GetOne',
137
+ 'CreateMany',
138
+ 'CreateOne',
139
+ 'UpdateMany',
140
+ 'UpdateOne',
141
+ 'ReplaceOne',
142
+ 'DuplicateMany',
143
+ 'DuplicateOne',
144
+ 'DeleteMany',
145
+ 'DeleteOne',
146
+ ],
147
+ excluded: [],
148
+ },
149
+ gatewayOptions: undefined,
150
+ });
151
+ });
152
+ describe('POST /auth/register', () => {
153
+ it('should throw a bad request exception if email is missing', async () => {
154
+ const { body, status } = await e2e_setup_1.server.post('/auth/register', { username: 'unit-test', password: 'test-2' });
155
+ expect(status).toBe(400);
156
+ expect(body).toEqual({
157
+ error: 'Bad Request',
158
+ message: ['email property is required'],
159
+ statusCode: 400,
160
+ });
161
+ });
162
+ it('should throw a bad request exception if password is missing', async () => {
163
+ const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', pass: 'test-2' });
164
+ expect(status).toBe(400);
165
+ expect(body).toEqual({
166
+ error: 'Bad Request',
167
+ message: ['password property is required'],
168
+ statusCode: 400,
169
+ });
170
+ });
171
+ it('should create a new user and return access token', async () => {
172
+ const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
173
+ expect(status).toBe(201);
174
+ expect(body).toEqual({ accessToken: expect.any(String) });
175
+ });
176
+ });
177
+ describe('POST /auth/login', () => {
178
+ it('should throw an unauthorized exception if email is missing', async () => {
179
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { pass: 'test-2' });
180
+ expect(status).toBe(401);
181
+ expect(body).toEqual({
182
+ message: 'Unauthorized',
183
+ statusCode: 401,
184
+ });
185
+ });
186
+ it('should throw an unauthorized exception if password is missing', async () => {
187
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co' });
188
+ expect(status).toBe(401);
189
+ expect(body).toEqual({
190
+ message: 'Unauthorized',
191
+ statusCode: 401,
192
+ });
193
+ });
194
+ it('should return access token', async () => {
195
+ await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
196
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co', password: 'test' });
197
+ expect(status).toBe(200);
198
+ expect(body).toEqual({ accessToken: expect.any(String) });
199
+ });
200
+ });
201
+ describe('GET /auth/account', () => {
202
+ it('should throw an unauthorized exception if access token is missing', async () => {
203
+ const { body, status } = await e2e_setup_1.server.get('/auth/account');
204
+ expect(status).toBe(401);
205
+ expect(body).toEqual({
206
+ message: 'Unauthorized',
207
+ statusCode: 401,
208
+ });
209
+ });
210
+ it('should return user account', async () => {
211
+ await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
212
+ const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co', password: 'test' });
213
+ const headers = { Authorization: `Bearer ${accessToken}` };
214
+ const { body: account, status: accountStatus } = await e2e_setup_1.server.get('/auth/account', { headers });
215
+ expect(accountStatus).toBe(200);
216
+ expect(account).toEqual({ id: expect.any(String), email: 'unit@test.co' });
151
217
  });
152
218
  });
153
- it('should throw a bad request exception if password is missing', async () => {
154
- const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', pass: 'test-2' });
155
- expect(status).toBe(400);
219
+ it('should throw a Service Unavailable exception when requesting reset password endpoint if reset password options are not configured', async () => {
220
+ const { body, status } = await e2e_setup_1.server.post('/auth/reset-password', { email: 'toto@test.co' });
221
+ expect(status).toBe(503);
156
222
  expect(body).toEqual({
157
- error: 'Bad Request',
158
- message: ['password property is required'],
159
- statusCode: 400,
223
+ error: 'Service Unavailable',
224
+ message: 'This feature is not available',
225
+ statusCode: 503,
160
226
  });
161
227
  });
162
- it('should create a new user and return access token', async () => {
163
- const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
164
- expect(status).toBe(201);
165
- expect(body).toEqual({ accessToken: expect.any(String) });
228
+ it('should throw a Service Unavailable exception when requesting change password endpoint if reset password options are not configured', async () => {
229
+ const { body, status } = await e2e_setup_1.server.patch('/auth/change-password', { newPassword: 'test' });
230
+ expect(status).toBe(503);
231
+ expect(body).toEqual({
232
+ error: 'Service Unavailable',
233
+ message: 'This feature is not available',
234
+ statusCode: 503,
235
+ });
166
236
  });
167
237
  });
168
- describe('POST /login', () => {
169
- it('should throw an unauthorized exception if email is missing', async () => {
170
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { pass: 'test-2' });
171
- expect(status).toBe(401);
172
- expect(body).toEqual({
173
- message: 'Unauthorized',
174
- statusCode: 401,
238
+ describe('useAuth with jwt options', () => {
239
+ let jwtService;
240
+ let token;
241
+ let app;
242
+ let UserEntity = class UserEntity extends src_1.BaseEntity {
243
+ };
244
+ __decorate([
245
+ (0, mongoose_1.Prop)({ type: String, required: true }),
246
+ __metadata("design:type", String)
247
+ ], UserEntity.prototype, "email", void 0);
248
+ __decorate([
249
+ (0, mongoose_1.Prop)({ type: String, required: true }),
250
+ __metadata("design:type", String)
251
+ ], UserEntity.prototype, "password", void 0);
252
+ UserEntity = __decorate([
253
+ (0, mongoose_1.Schema)({ collection: 'users' })
254
+ ], UserEntity);
255
+ beforeEach(async () => {
256
+ app = await initModule({
257
+ useAuth: {
258
+ userEntity: UserEntity,
259
+ jwt: {
260
+ secret: 'test-secret',
261
+ expiresIn: '4s',
262
+ },
263
+ },
264
+ });
265
+ jwtService = app.get(jwt_1.JwtService);
266
+ const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
267
+ token = accessToken;
268
+ });
269
+ it('should initialize dynamic api module state and authentication API with jwt options', async () => {
270
+ expect(app).toBeDefined();
271
+ expect(src_1.DynamicApiModule.state.get()).toStrictEqual({
272
+ uri,
273
+ initialized: true,
274
+ isGlobalCacheEnabled: true,
275
+ connectionName: 'dynamic-api-connection',
276
+ cacheExcludedPaths: [],
277
+ credentials: {
278
+ loginField: 'email',
279
+ passwordField: 'password',
280
+ },
281
+ isAuthEnabled: true,
282
+ jwtExpirationTime: '4s',
283
+ jwtSecret: 'test-secret',
284
+ routesConfig: {
285
+ defaults: [
286
+ 'GetMany',
287
+ 'GetOne',
288
+ 'CreateMany',
289
+ 'CreateOne',
290
+ 'UpdateMany',
291
+ 'UpdateOne',
292
+ 'ReplaceOne',
293
+ 'DuplicateMany',
294
+ 'DuplicateOne',
295
+ 'DeleteMany',
296
+ 'DeleteOne',
297
+ ],
298
+ excluded: [],
299
+ },
300
+ gatewayOptions: undefined,
175
301
  });
176
302
  });
177
- it('should throw an unauthorized exception if password is missing', async () => {
178
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co' });
303
+ it('should throw an unauthorized exception if access token is expired', async () => {
304
+ await (0, utils_1.wait)(5000);
305
+ const headers = { Authorization: `Bearer ${token}` };
306
+ const { body, status } = await e2e_setup_1.server.get('/auth/account', { headers });
179
307
  expect(status).toBe(401);
180
308
  expect(body).toEqual({
181
309
  message: 'Unauthorized',
182
310
  statusCode: 401,
183
311
  });
184
- });
185
- it('should return access token', async () => {
186
- await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
187
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co', password: 'test' });
188
- expect(status).toBe(200);
189
- expect(body).toEqual({ accessToken: expect.any(String) });
190
- });
191
- });
192
- describe('GET /account', () => {
193
- it('should throw an unauthorized exception if access token is missing', async () => {
194
- const { body, status } = await e2e_setup_1.server.get('/auth/account');
312
+ }, 6000);
313
+ it('should throw an unauthorized exception if secret is invalid', async () => {
314
+ const invalidToken = jwtService.sign({ email: 'u', password: 'p' }, { secret: 'invalid-secret' });
315
+ const headers = { Authorization: `Bearer ${invalidToken}` };
316
+ const { body, status } = await e2e_setup_1.server.get('/auth/account', { headers });
195
317
  expect(status).toBe(401);
196
318
  expect(body).toEqual({
197
319
  message: 'Unauthorized',
198
320
  statusCode: 401,
199
321
  });
200
322
  });
201
- it('should return user account', async () => {
202
- await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
203
- const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co', password: 'test' });
204
- const headers = { Authorization: `Bearer ${accessToken}` };
205
- const { body: account, status: accountStatus } = await e2e_setup_1.server.get('/auth/account', { headers });
206
- expect(accountStatus).toBe(200);
207
- expect(account).toEqual({ id: expect.any(String), email: 'unit@test.co' });
208
- });
209
- });
210
- });
211
- describe('useAuth with userEntity and jwt options', () => {
212
- let jwtService;
213
- let token;
214
- let UserEntity = class UserEntity extends src_1.BaseEntity {
215
- };
216
- __decorate([
217
- (0, mongoose_1.Prop)({ type: String, required: true }),
218
- __metadata("design:type", String)
219
- ], UserEntity.prototype, "email", void 0);
220
- __decorate([
221
- (0, mongoose_1.Prop)({ type: String, required: true }),
222
- __metadata("design:type", String)
223
- ], UserEntity.prototype, "password", void 0);
224
- UserEntity = __decorate([
225
- (0, mongoose_1.Schema)({ collection: 'users' })
226
- ], UserEntity);
227
- beforeEach(async () => {
228
- app = await initModule({
229
- useAuth: {
230
- userEntity: UserEntity,
231
- jwt: {
232
- secret: 'test-secret',
233
- expiresIn: '4s',
234
- },
235
- },
236
- });
237
- jwtService = app.get(jwt_1.JwtService);
238
- const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
239
- token = accessToken;
240
323
  });
241
- it('should initialize dynamic api module state and authentication API with jwt options', async () => {
242
- expect(app).toBeDefined();
243
- expect(src_1.DynamicApiModule.state.get()).toStrictEqual({
244
- uri,
245
- initialized: true,
246
- isGlobalCacheEnabled: true,
247
- connectionName: 'dynamic-api-connection',
248
- cacheExcludedPaths: [],
249
- credentials: {
250
- loginField: 'email',
251
- passwordField: 'password',
252
- },
253
- isAuthEnabled: true,
254
- jwtSecret: 'test-secret',
255
- routesConfig: {
256
- defaults: [
257
- 'GetMany',
258
- 'GetOne',
259
- 'CreateMany',
260
- 'CreateOne',
261
- 'UpdateMany',
262
- 'UpdateOne',
263
- 'ReplaceOne',
264
- 'DuplicateMany',
265
- 'DuplicateOne',
266
- 'DeleteMany',
267
- 'DeleteOne',
268
- ],
269
- excluded: [],
270
- },
271
- });
272
- });
273
- it('should throw an unauthorized exception if access token is expired', async () => {
274
- await (0, utils_1.wait)(5000);
275
- const headers = { Authorization: `Bearer ${token}` };
276
- const { body, status } = await e2e_setup_1.server.get('/auth/account', { headers });
277
- expect(status).toBe(401);
278
- expect(body).toEqual({
279
- message: 'Unauthorized',
280
- statusCode: 401,
281
- });
282
- }, 6000);
283
- it('should throw an unauthorized exception if secret is invalid', async () => {
284
- const invalidToken = jwtService.sign({ email: 'u', password: 'p' }, { secret: 'invalid-secret' });
285
- const headers = { Authorization: `Bearer ${invalidToken}` };
286
- const { body, status } = await e2e_setup_1.server.get('/auth/account', { headers });
287
- expect(status).toBe(401);
288
- expect(body).toEqual({
289
- message: 'Unauthorized',
290
- statusCode: 401,
291
- });
292
- });
293
- });
294
- describe('useAuth with userEntity and validation options', () => {
295
- let UserEntity = class UserEntity extends src_1.BaseEntity {
296
- };
297
- __decorate([
298
- (0, mongoose_1.Prop)({ type: String, required: true }),
299
- (0, class_validator_1.IsEmail)(),
300
- __metadata("design:type", String)
301
- ], UserEntity.prototype, "email", void 0);
302
- __decorate([
303
- (0, mongoose_1.Prop)({ type: String, required: true }),
304
- (0, class_validator_1.IsStrongPassword)({
305
- minLength: 6,
306
- minLowercase: 1,
307
- minUppercase: 1,
308
- minNumbers: 1,
309
- minSymbols: 1,
310
- }),
311
- __metadata("design:type", String)
312
- ], UserEntity.prototype, "password", void 0);
313
- UserEntity = __decorate([
314
- (0, mongoose_1.Schema)({ collection: 'users' })
315
- ], UserEntity);
316
- beforeEach(async () => {
317
- app = await initModule({
318
- useAuth: {
319
- userEntity: UserEntity,
320
- validationPipeOptions: {
321
- whitelist: true,
322
- forbidNonWhitelisted: true,
323
- transform: true,
324
+ describe('useAuth with validation options', () => {
325
+ let app;
326
+ let UserEntity = class UserEntity extends src_1.BaseEntity {
327
+ };
328
+ __decorate([
329
+ (0, mongoose_1.Prop)({ type: String, required: true }),
330
+ (0, class_validator_1.IsEmail)(),
331
+ __metadata("design:type", String)
332
+ ], UserEntity.prototype, "email", void 0);
333
+ __decorate([
334
+ (0, mongoose_1.Prop)({ type: String, required: true }),
335
+ (0, class_validator_1.IsStrongPassword)({
336
+ minLength: 6,
337
+ minLowercase: 1,
338
+ minUppercase: 1,
339
+ minNumbers: 1,
340
+ minSymbols: 1,
341
+ }),
342
+ __metadata("design:type", String)
343
+ ], UserEntity.prototype, "password", void 0);
344
+ UserEntity = __decorate([
345
+ (0, mongoose_1.Schema)({ collection: 'users' })
346
+ ], UserEntity);
347
+ beforeEach(async () => {
348
+ app = await initModule({
349
+ useAuth: {
350
+ userEntity: UserEntity,
351
+ validationPipeOptions: {
352
+ whitelist: true,
353
+ forbidNonWhitelisted: true,
354
+ transform: true,
355
+ },
324
356
  },
325
- },
326
- });
327
- });
328
- describe('POST /register', () => {
329
- it('should throw a bad request exception if payload contains non whitelisted property', async () => {
330
- const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'Test-2', role: 'ADMIN' });
331
- expect(status).toBe(400);
332
- expect(body).toEqual({
333
- error: 'Bad Request',
334
- message: ['property role should not exist'],
335
- statusCode: 400,
336
357
  });
337
358
  });
338
- it('should throw a bad request exception if validation fails', async () => {
339
- const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit.test.co', password: 'test-2' });
340
- expect(status).toBe(400);
341
- expect(body).toEqual({
342
- error: 'Bad Request',
343
- message: [
344
- 'email must be an email',
345
- 'password is not strong enough',
346
- ],
347
- statusCode: 400,
359
+ describe('POST /auth/register', () => {
360
+ it('should throw a bad request exception if payload contains non whitelisted property', async () => {
361
+ const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'Test-2', role: 'ADMIN' });
362
+ expect(status).toBe(400);
363
+ expect(body).toEqual({
364
+ error: 'Bad Request',
365
+ message: ['property role should not exist'],
366
+ statusCode: 400,
367
+ });
368
+ });
369
+ it('should throw a bad request exception if validation fails', async () => {
370
+ const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit.test.co', password: 'test-2' });
371
+ expect(status).toBe(400);
372
+ expect(body).toEqual({
373
+ error: 'Bad Request',
374
+ message: [
375
+ 'email must be an email',
376
+ 'password is not strong enough',
377
+ ],
378
+ statusCode: 400,
379
+ });
380
+ });
381
+ it('should create a new user and return access token if the validation was successful', async () => {
382
+ const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'Test-2' });
383
+ expect(status).toBe(201);
384
+ expect(body).toEqual({ accessToken: expect.any(String) });
348
385
  });
349
386
  });
350
- it('should create a new user and return access token if the validation was successful', async () => {
351
- const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'Test-2' });
352
- expect(status).toBe(201);
353
- expect(body).toEqual({ accessToken: expect.any(String) });
387
+ describe('POST /auth/login', () => {
388
+ beforeEach(async () => {
389
+ await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'Test-2' });
390
+ });
391
+ it('should throw an unauthorized exception if payload contains non whitelisted property', async () => {
392
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co', password: 'Test-2', role: 'ADMIN' });
393
+ expect(status).toBe(400);
394
+ expect(body).toEqual({
395
+ error: 'Bad Request',
396
+ message: ['property role should not exist'],
397
+ statusCode: 400,
398
+ });
399
+ });
400
+ it('should throw an unauthorized exception if email is missing', async () => {
401
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { password: 'Test-2' });
402
+ expect(status).toBe(401);
403
+ expect(body).toEqual({
404
+ message: 'Unauthorized',
405
+ statusCode: 401,
406
+ });
407
+ });
408
+ it('should throw an unauthorized exception if password is missing', async () => {
409
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co' });
410
+ expect(status).toBe(401);
411
+ expect(body).toEqual({
412
+ message: 'Unauthorized',
413
+ statusCode: 401,
414
+ });
415
+ });
416
+ it('should return access token if the validation was successful', async () => {
417
+ await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
418
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co', password: 'Test-2' });
419
+ expect(status).toBe(200);
420
+ expect(body).toEqual({ accessToken: expect.any(String) });
421
+ });
354
422
  });
355
423
  });
356
- describe('POST /login', () => {
424
+ describe('POST /auth/register with register options', () => {
425
+ let User = class User extends src_1.BaseEntity {
426
+ constructor() {
427
+ super(...arguments);
428
+ this.role = 'user';
429
+ }
430
+ };
431
+ __decorate([
432
+ (0, mongoose_1.Prop)({ type: String, required: true }),
433
+ __metadata("design:type", String)
434
+ ], User.prototype, "email", void 0);
435
+ __decorate([
436
+ (0, mongoose_1.Prop)({ type: String, required: true }),
437
+ __metadata("design:type", String)
438
+ ], User.prototype, "password", void 0);
439
+ __decorate([
440
+ (0, mongoose_1.Prop)({ type: String, default: 'user' }),
441
+ __metadata("design:type", String)
442
+ ], User.prototype, "role", void 0);
443
+ __decorate([
444
+ (0, mongoose_1.Prop)({ type: Boolean, default: false }),
445
+ __metadata("design:type", Boolean)
446
+ ], User.prototype, "isVerified", void 0);
447
+ User = __decorate([
448
+ (0, mongoose_1.Schema)({ collection: 'users' })
449
+ ], User);
450
+ const admin = { email: 'admin@test.co', password: 'admin', role: 'admin', isVerified: true };
451
+ const user = { email: 'user@test.co', password: 'user' };
357
452
  beforeEach(async () => {
358
- await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'Test-2' });
453
+ const bcryptService = new src_1.BcryptService();
454
+ const fixtures = async (_) => {
455
+ const model = await (0, utils_1.getModelFromEntity)(User);
456
+ await model.insertMany([
457
+ { ...admin, password: await bcryptService.hashPassword(admin.password) },
458
+ { ...user, password: await bcryptService.hashPassword(user.password) },
459
+ ]);
460
+ };
461
+ await initModule({
462
+ useAuth: {
463
+ userEntity: User,
464
+ register: {
465
+ protected: true,
466
+ abilityPredicate: (user) => user.isVerified,
467
+ additionalFields: ['role'],
468
+ callback: async (user, { updateOneDocument }) => {
469
+ if (user.role !== 'admin') {
470
+ return;
471
+ }
472
+ await updateOneDocument(User, { _id: user.id }, { $set: { isVerified: true } });
473
+ },
474
+ },
475
+ login: {
476
+ additionalFields: ['role', 'isVerified'],
477
+ },
478
+ },
479
+ }, fixtures);
359
480
  });
360
- it('should throw an unauthorized exception if payload contains non whitelisted property', async () => {
361
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co', password: 'Test-2', role: 'ADMIN' });
362
- expect(status).toBe(400);
363
- expect(body).toEqual({
364
- error: 'Bad Request',
365
- message: ['property role should not exist'],
366
- statusCode: 400,
481
+ describe('protected', () => {
482
+ it('should throw an unauthorized exception if user is not logged in and protected is true', async () => {
483
+ const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
484
+ expect(status).toBe(401);
485
+ expect(body).toEqual({
486
+ message: 'Unauthorized',
487
+ statusCode: 401,
488
+ });
367
489
  });
368
490
  });
369
- it('should throw an unauthorized exception if email is missing', async () => {
370
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { password: 'Test-2' });
371
- expect(status).toBe(401);
372
- expect(body).toEqual({
373
- message: 'Unauthorized',
374
- statusCode: 401,
491
+ describe('abilityPredicate', () => {
492
+ it('should not create a new user if user is not verified', async () => {
493
+ const { email, password } = user;
494
+ const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/login', { email, password });
495
+ const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' }, {
496
+ headers: { Authorization: `Bearer ${accessToken}` },
497
+ });
498
+ expect(status).toBe(403);
499
+ expect(body).toEqual({
500
+ error: 'Forbidden',
501
+ message: 'Access denied',
502
+ statusCode: 403,
503
+ });
504
+ });
505
+ it('should create a new user and return access token if user is verified', async () => {
506
+ const { email, password } = admin;
507
+ const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/login', { email, password });
508
+ const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' }, {
509
+ headers: { Authorization: `Bearer ${accessToken}` },
510
+ });
511
+ expect(status).toBe(201);
512
+ expect(body).toEqual({ accessToken: expect.any(String) });
375
513
  });
376
514
  });
377
- it('should throw an unauthorized exception if password is missing', async () => {
378
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co' });
379
- expect(status).toBe(401);
380
- expect(body).toEqual({
381
- message: 'Unauthorized',
382
- statusCode: 401,
515
+ describe('additionalFields', () => {
516
+ it('should allow to register a new user with additional fields', async () => {
517
+ const { email, password } = admin;
518
+ const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/login', { email, password });
519
+ const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'client@test.co', password: 'client', role: 'client' }, {
520
+ headers: { Authorization: `Bearer ${accessToken}` },
521
+ });
522
+ expect(status).toBe(201);
523
+ expect(body).toEqual({ accessToken: expect.any(String) });
383
524
  });
384
525
  });
385
- it('should return access token if the validation was successful', async () => {
386
- await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
387
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { email: 'unit@test.co', password: 'Test-2' });
388
- expect(status).toBe(200);
389
- expect(body).toEqual({ accessToken: expect.any(String) });
526
+ describe('callback', () => {
527
+ it('should not set isVerified to true if role is not admin', async () => {
528
+ const { email, password } = admin;
529
+ const { body: loginBody } = await e2e_setup_1.server.post('/auth/login', { email, password });
530
+ const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/register', { email: 'client@test.co', password: 'client', role: 'client' }, {
531
+ headers: { Authorization: `Bearer ${loginBody.accessToken}` },
532
+ });
533
+ const { body, status } = await e2e_setup_1.server.get('/auth/account', { headers: { Authorization: `Bearer ${accessToken}` } });
534
+ expect(status).toBe(200);
535
+ expect(body).toHaveProperty('isVerified', false);
536
+ });
537
+ it('should set isVerified to true if role is admin', async () => {
538
+ const { email, password } = admin;
539
+ const { body: loginBody } = await e2e_setup_1.server.post('/auth/login', { email, password });
540
+ const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/register', { email: 'admin2@test.co', password: 'admin2', role: 'admin' }, {
541
+ headers: { Authorization: `Bearer ${loginBody.accessToken}` },
542
+ });
543
+ const { body, status } = await e2e_setup_1.server.get('/auth/account', { headers: { Authorization: `Bearer ${accessToken}` } });
544
+ expect(status).toBe(200);
545
+ expect(body).toHaveProperty('isVerified', true);
546
+ });
390
547
  });
391
548
  });
392
- });
393
- describe('POST /register with register options', () => {
394
- let User = class User extends src_1.BaseEntity {
395
- constructor() {
396
- super(...arguments);
397
- this.role = 'user';
398
- }
399
- };
400
- __decorate([
401
- (0, mongoose_1.Prop)({ type: String, required: true }),
402
- __metadata("design:type", String)
403
- ], User.prototype, "email", void 0);
404
- __decorate([
405
- (0, mongoose_1.Prop)({ type: String, required: true }),
406
- __metadata("design:type", String)
407
- ], User.prototype, "password", void 0);
408
- __decorate([
409
- (0, mongoose_1.Prop)({ type: String, default: 'user' }),
410
- __metadata("design:type", String)
411
- ], User.prototype, "role", void 0);
412
- __decorate([
413
- (0, mongoose_1.Prop)({ type: Boolean, default: false }),
414
- __metadata("design:type", Boolean)
415
- ], User.prototype, "isVerified", void 0);
416
- User = __decorate([
417
- (0, mongoose_1.Schema)({ collection: 'users' })
418
- ], User);
419
- const admin = { email: 'admin@test.co', password: 'admin', role: 'admin', isVerified: true };
420
- const user = { email: 'user@test.co', password: 'user' };
421
- beforeEach(async () => {
422
- const bcryptService = new src_1.BcryptService();
423
- const fixtures = async (_) => {
424
- const model = await (0, utils_1.getModelFromEntity)(User);
425
- await model.insertMany([
426
- { ...admin, password: await bcryptService.hashPassword(admin.password) },
427
- { ...user, password: await bcryptService.hashPassword(user.password) },
428
- ]);
549
+ describe('POST /auth/login with login options', () => {
550
+ let User = class User extends src_1.BaseEntity {
551
+ constructor() {
552
+ super(...arguments);
553
+ this.role = 'user';
554
+ }
429
555
  };
430
- await initModule({
431
- useAuth: {
432
- userEntity: User,
433
- register: {
434
- protected: true,
435
- abilityPredicate: (user) => user.isVerified,
436
- additionalFields: ['role'],
437
- callback: async (user, { updateOneDocument }) => {
438
- if (user.role !== 'admin') {
439
- return;
440
- }
441
- await updateOneDocument(User, { _id: user.id }, { $set: { isVerified: true } });
556
+ __decorate([
557
+ (0, mongoose_1.Prop)({ type: String, required: true }),
558
+ __metadata("design:type", String)
559
+ ], User.prototype, "username", void 0);
560
+ __decorate([
561
+ (0, mongoose_1.Prop)({ type: String, required: true }),
562
+ __metadata("design:type", String)
563
+ ], User.prototype, "pass", void 0);
564
+ __decorate([
565
+ (0, mongoose_1.Prop)({ type: String, default: 'user' }),
566
+ __metadata("design:type", String)
567
+ ], User.prototype, "role", void 0);
568
+ __decorate([
569
+ (0, mongoose_1.Prop)({ type: Boolean, default: false }),
570
+ __metadata("design:type", Boolean)
571
+ ], User.prototype, "isVerified", void 0);
572
+ User = __decorate([
573
+ (0, mongoose_1.Schema)({ collection: 'users' })
574
+ ], User);
575
+ const admin = { username: 'admin', pass: 'admin', role: 'admin', isVerified: true };
576
+ const user = { username: 'user', pass: 'user' };
577
+ const client = { username: 'client', pass: 'client', role: 'client', isVerified: true };
578
+ beforeEach(async () => {
579
+ const bcryptService = new src_1.BcryptService();
580
+ const fixtures = async (_) => {
581
+ const model = await (0, utils_1.getModelFromEntity)(User);
582
+ await model.insertMany([
583
+ { ...admin, pass: await bcryptService.hashPassword(admin.pass) },
584
+ { ...user, pass: await bcryptService.hashPassword(user.pass) },
585
+ { ...client, pass: await bcryptService.hashPassword(client.pass) },
586
+ ]);
587
+ };
588
+ await initModule({
589
+ useAuth: {
590
+ userEntity: User,
591
+ login: {
592
+ loginField: 'username',
593
+ passwordField: 'pass',
594
+ additionalFields: ['role', 'isVerified'],
595
+ abilityPredicate: (user) => user.role === 'admin' || user.role === 'user',
596
+ callback: async (user) => {
597
+ if (user.isVerified) {
598
+ return;
599
+ }
600
+ throw new common_1.UnauthorizedException(`Hello ${user.username}, you must verify your account first!`);
601
+ },
442
602
  },
443
603
  },
444
- login: {
445
- additionalFields: ['role', 'isVerified'],
446
- },
447
- },
448
- }, fixtures);
449
- });
450
- describe('protected', () => {
451
- it('should throw an unauthorized exception if user is not logged in and protected is true', async () => {
452
- const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' });
453
- expect(status).toBe(401);
454
- expect(body).toEqual({
455
- message: 'Unauthorized',
456
- statusCode: 401,
457
- });
604
+ }, fixtures);
458
605
  });
459
- });
460
- describe('abilityPredicate', () => {
461
- it('should not create a new user if user is not verified', async () => {
462
- const { email, password } = user;
463
- const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/login', { email, password });
464
- const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' }, {
465
- headers: { Authorization: `Bearer ${accessToken}` },
466
- });
467
- expect(status).toBe(403);
468
- expect(body).toEqual({
469
- error: 'Forbidden',
470
- message: 'Access denied',
471
- statusCode: 403,
606
+ describe('loginField', () => {
607
+ it('should throw an unauthorized exception if loginField is missing', async () => {
608
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { pass: 'test' });
609
+ expect(status).toBe(401);
610
+ expect(body).toEqual({
611
+ message: 'Unauthorized',
612
+ statusCode: 401,
613
+ });
472
614
  });
473
615
  });
474
- it('should create a new user and return access token if user is verified', async () => {
475
- const { email, password } = admin;
476
- const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/login', { email, password });
477
- const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'unit@test.co', password: 'test' }, {
478
- headers: { Authorization: `Bearer ${accessToken}` },
479
- });
480
- expect(status).toBe(201);
481
- expect(body).toEqual({ accessToken: expect.any(String) });
616
+ describe('passwordField', () => {
617
+ it('should throw an unauthorized exception if passwordField is missing', async () => {
618
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { username: 'unit' });
619
+ expect(status).toBe(401);
620
+ expect(body).toEqual({
621
+ message: 'Unauthorized',
622
+ statusCode: 401,
623
+ });
624
+ });
482
625
  });
483
- });
484
- describe('additionalFields', () => {
485
- it('should allow to register a new user with additional fields', async () => {
486
- const { email, password } = admin;
487
- const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/login', { email, password });
488
- const { body, status } = await e2e_setup_1.server.post('/auth/register', { email: 'client@test.co', password: 'client', role: 'client' }, {
489
- headers: { Authorization: `Bearer ${accessToken}` },
490
- });
491
- expect(status).toBe(201);
492
- expect(body).toEqual({ accessToken: expect.any(String) });
626
+ describe('abilityPredicate', () => {
627
+ it('should throw an forbidden exception if user role is not admin or user', async () => {
628
+ const { username, pass } = client;
629
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { username, pass });
630
+ expect(status).toBe(403);
631
+ expect(body).toEqual({
632
+ error: 'Forbidden',
633
+ message: 'Access denied',
634
+ statusCode: 403,
635
+ });
636
+ });
493
637
  });
494
- });
495
- describe('callback', () => {
496
- it('should not set isVerified to true if role is not admin', async () => {
497
- const { email, password } = admin;
498
- const { body: loginBody } = await e2e_setup_1.server.post('/auth/login', { email, password });
499
- const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/register', { email: 'client@test.co', password: 'client', role: 'client' }, {
500
- headers: { Authorization: `Bearer ${loginBody.accessToken}` },
501
- });
502
- const { body, status } = await e2e_setup_1.server.get('/auth/account', { headers: { Authorization: `Bearer ${accessToken}` } });
503
- expect(status).toBe(200);
504
- expect(body).toHaveProperty('isVerified', false);
638
+ describe('callback', () => {
639
+ it('should throw an unauthorized exception if user is not verified', async () => {
640
+ const { username, pass } = user;
641
+ const { body, status } = await e2e_setup_1.server.post('/auth/login', { username, pass });
642
+ expect(status).toBe(401);
643
+ expect(body).toEqual({
644
+ error: 'Unauthorized',
645
+ message: `Hello ${username}, you must verify your account first!`,
646
+ statusCode: 401,
647
+ });
648
+ });
505
649
  });
506
- it('should set isVerified to true if role is admin', async () => {
507
- const { email, password } = admin;
508
- const { body: loginBody } = await e2e_setup_1.server.post('/auth/login', { email, password });
509
- const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/register', { email: 'admin2@test.co', password: 'admin2', role: 'admin' }, {
510
- headers: { Authorization: `Bearer ${loginBody.accessToken}` },
511
- });
512
- const { body, status } = await e2e_setup_1.server.get('/auth/account', { headers: { Authorization: `Bearer ${accessToken}` } });
513
- expect(status).toBe(200);
514
- expect(body).toHaveProperty('isVerified', true);
650
+ describe('additionalFields', () => {
651
+ it('should return additional fields', async () => {
652
+ const { username, pass } = admin;
653
+ const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/login', { username, pass });
654
+ const { body, status } = await e2e_setup_1.server.get('/auth/account', { headers: { Authorization: `Bearer ${accessToken}` } });
655
+ expect(status).toBe(200);
656
+ expect(body).toEqual({ id: expect.any(String), username: 'admin', role: 'admin', isVerified: true });
657
+ });
515
658
  });
516
659
  });
517
- });
518
- describe('POST /login with login options', () => {
519
- let User = class User extends src_1.BaseEntity {
520
- constructor() {
521
- super(...arguments);
522
- this.role = 'user';
523
- }
524
- };
525
- __decorate([
526
- (0, mongoose_1.Prop)({ type: String, required: true }),
527
- __metadata("design:type", String)
528
- ], User.prototype, "username", void 0);
529
- __decorate([
530
- (0, mongoose_1.Prop)({ type: String, required: true }),
531
- __metadata("design:type", String)
532
- ], User.prototype, "pass", void 0);
533
- __decorate([
534
- (0, mongoose_1.Prop)({ type: String, default: 'user' }),
535
- __metadata("design:type", String)
536
- ], User.prototype, "role", void 0);
537
- __decorate([
538
- (0, mongoose_1.Prop)({ type: Boolean, default: false }),
539
- __metadata("design:type", Boolean)
540
- ], User.prototype, "isVerified", void 0);
541
- User = __decorate([
542
- (0, mongoose_1.Schema)({ collection: 'users' })
543
- ], User);
544
- const admin = { username: 'admin', pass: 'admin', role: 'admin', isVerified: true };
545
- const user = { username: 'user', pass: 'user' };
546
- const client = { username: 'client', pass: 'client', role: 'client', isVerified: true };
547
- beforeEach(async () => {
548
- const bcryptService = new src_1.BcryptService();
549
- const fixtures = async (_) => {
550
- const model = await (0, utils_1.getModelFromEntity)(User);
551
- await model.insertMany([
552
- { ...admin, pass: await bcryptService.hashPassword(admin.pass) },
553
- { ...user, pass: await bcryptService.hashPassword(user.pass) },
554
- { ...client, pass: await bcryptService.hashPassword(client.pass) },
555
- ]);
660
+ describe('useAuth with resetPassword options', () => {
661
+ let User = class User extends src_1.BaseEntity {
556
662
  };
557
- await initModule({
558
- useAuth: {
559
- userEntity: User,
560
- login: {
561
- loginField: 'username',
562
- passwordField: 'pass',
563
- additionalFields: ['role', 'isVerified'],
564
- abilityPredicate: (user) => user.role === 'admin' || user.role === 'user',
565
- callback: async (user) => {
566
- if (user.isVerified) {
567
- return;
568
- }
569
- throw new common_1.UnauthorizedException(`Hello ${user.username}, you must verify your account first!`);
663
+ __decorate([
664
+ (0, mongoose_1.Prop)({ type: String, required: true }),
665
+ __metadata("design:type", String)
666
+ ], User.prototype, "email", void 0);
667
+ __decorate([
668
+ (0, mongoose_1.Prop)({ type: String, required: true }),
669
+ __metadata("design:type", String)
670
+ ], User.prototype, "password", void 0);
671
+ __decorate([
672
+ (0, mongoose_1.Prop)({ type: Boolean, default: false }),
673
+ __metadata("design:type", Boolean)
674
+ ], User.prototype, "isVerified", void 0);
675
+ __decorate([
676
+ (0, mongoose_1.Prop)({ type: String }),
677
+ __metadata("design:type", String)
678
+ ], User.prototype, "resetPasswordToken", void 0);
679
+ User = __decorate([
680
+ (0, mongoose_1.Schema)({ collection: 'users' })
681
+ ], User);
682
+ let model;
683
+ let user;
684
+ let client;
685
+ let app;
686
+ beforeEach(async () => {
687
+ user = { email: 'user@test.co', password: 'user', isVerified: true };
688
+ client = { email: 'client@test.co', password: 'client' };
689
+ const bcryptService = new src_1.BcryptService();
690
+ const fixtures = async (_) => {
691
+ model = await (0, utils_1.getModelFromEntity)(User);
692
+ await model.insertMany([
693
+ { ...user, password: await bcryptService.hashPassword(user.password) },
694
+ { ...client, password: await bcryptService.hashPassword(client.password) },
695
+ ]);
696
+ };
697
+ app = await initModule({
698
+ useAuth: {
699
+ userEntity: User,
700
+ resetPassword: {
701
+ emailField: 'email',
702
+ expirationInMinutes: 1,
703
+ resetPasswordCallback: async ({ resetPasswordToken }, { updateUserByEmail }) => {
704
+ await updateUserByEmail({ $set: { resetPasswordToken } });
705
+ },
706
+ changePasswordAbilityPredicate: (user) => user.isVerified && !!user.resetPasswordToken,
707
+ changePasswordCallback: async (user, { updateOneDocument }) => {
708
+ await updateOneDocument(User, { _id: user.id }, { $unset: { resetPasswordToken: 1 } });
709
+ },
570
710
  },
571
711
  },
572
- },
573
- }, fixtures);
574
- });
575
- describe('loginField', () => {
576
- it('should throw an unauthorized exception if loginField is missing', async () => {
577
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { pass: 'test' });
578
- expect(status).toBe(401);
579
- expect(body).toEqual({
580
- message: 'Unauthorized',
581
- statusCode: 401,
582
- });
712
+ }, fixtures);
583
713
  });
584
- });
585
- describe('passwordField', () => {
586
- it('should throw an unauthorized exception if passwordField is missing', async () => {
587
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { username: 'unit' });
588
- expect(status).toBe(401);
589
- expect(body).toEqual({
590
- message: 'Unauthorized',
591
- statusCode: 401,
714
+ describe('POST /auth/reset-password', () => {
715
+ it('should throw a bad request exception if email is missing if no validation options are provided', async () => {
716
+ const { body, status } = await e2e_setup_1.server.post('/auth/reset-password', {});
717
+ expect(status).toBe(400);
718
+ expect(body).toEqual({
719
+ error: 'Bad Request',
720
+ message: 'Invalid or missing argument',
721
+ statusCode: 400,
722
+ });
723
+ });
724
+ it('should not throw a bad request exception if email is invalid if no validation options are provided', async () => {
725
+ const { body, status } = await e2e_setup_1.server.post('/auth/reset-password', { email: 'unit.test.co' });
726
+ expect(status).toBe(204);
727
+ expect(body).toEqual({});
728
+ });
729
+ it('should not throw an exception if email is not found', async () => {
730
+ const { body, status } = await e2e_setup_1.server.post('/auth/reset-password', { email: 'invalid@test.co' });
731
+ expect(status).toBe(204);
732
+ expect(body).toEqual({});
733
+ });
734
+ describe('resetPasswordCallback', () => {
735
+ it('should set resetPasswordToken if email is valid', async () => {
736
+ const { email } = user;
737
+ const { resetPasswordToken: resetPasswordTokenBeforeUpdate } = (await model.findOne({ email }).lean().exec());
738
+ const { status } = await e2e_setup_1.server.post('/auth/reset-password', { email });
739
+ const { resetPasswordToken: resetPasswordTokenAfterUpdate } = (await model.findOne({ email }).lean().exec());
740
+ expect(status).toBe(204);
741
+ expect(resetPasswordTokenBeforeUpdate).toStrictEqual(undefined);
742
+ expect(resetPasswordTokenAfterUpdate).toStrictEqual(expect.any(String));
743
+ });
592
744
  });
593
745
  });
594
- });
595
- describe('abilityPredicate', () => {
596
- it('should throw an forbidden exception if user role is not admin or user', async () => {
597
- const { username, pass } = client;
598
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { username, pass });
599
- expect(status).toBe(403);
600
- expect(body).toEqual({
601
- error: 'Forbidden',
602
- message: 'Access denied',
603
- statusCode: 403,
746
+ describe('PATCH /auth/change-password', () => {
747
+ it('should throw a bad request exception if resetPasswordToken is missing', async () => {
748
+ const { body, status } = await e2e_setup_1.server.patch('/auth/change-password', { newPassword: 'test' });
749
+ expect(status).toBe(400);
750
+ expect(body).toEqual({
751
+ error: 'Bad Request',
752
+ message: 'Invalid or missing argument',
753
+ statusCode: 400,
754
+ });
755
+ });
756
+ it('should throw a bad request exception if newPassword is missing', async () => {
757
+ const { email } = user;
758
+ await e2e_setup_1.server.post('/auth/reset-password', { email });
759
+ const { resetPasswordToken: resetPasswordTokenAfterUpdate } = (await model.findOne({ email }).lean().exec());
760
+ const resetPasswordToken = resetPasswordTokenAfterUpdate;
761
+ const { body, status } = await e2e_setup_1.server.patch('/auth/change-password', { resetPasswordToken });
762
+ expect(status).toBe(400);
763
+ expect(body).toEqual({
764
+ error: 'Bad Request',
765
+ message: 'Invalid or missing argument',
766
+ statusCode: 400,
767
+ });
768
+ });
769
+ it('should throw an unauthorized exception if resetPasswordToken is invalid', async () => {
770
+ const { body, status } = await e2e_setup_1.server.patch('/auth/change-password', { resetPasswordToken: 'test', newPassword: 'newPassword' });
771
+ expect(status).toBe(400);
772
+ expect(body).toEqual({
773
+ error: 'Bad Request',
774
+ message: 'Invalid reset password token. Please redo the reset password process.',
775
+ statusCode: 400,
776
+ });
777
+ });
778
+ it('should throw an unauthorized exception if resetPasswordToken is expired', async () => {
779
+ const jwtService = app.get(jwt_1.JwtService);
780
+ const expiredResetPasswordToken = jwtService.sign({ email: user.email }, { expiresIn: 1 });
781
+ await (0, utils_1.wait)(500);
782
+ const { body, status } = await e2e_setup_1.server.patch('/auth/change-password', { resetPasswordToken: expiredResetPasswordToken, newPassword: 'newPassword' });
783
+ expect(status).toBe(401);
784
+ expect(body).toEqual({
785
+ error: 'Unauthorized',
786
+ message: 'Time to reset password has expired. Please redo the reset password process.',
787
+ statusCode: 401,
788
+ });
789
+ });
790
+ describe('changePasswordAbilityPredicate', () => {
791
+ let resetPasswordToken;
792
+ beforeEach(async () => {
793
+ await e2e_setup_1.server.post('/auth/reset-password', { email: client.email });
794
+ const { resetPasswordToken: token } = (await model.findOne({ email: client.email }).lean().exec());
795
+ resetPasswordToken = token;
796
+ });
797
+ it('should throw a forbidden exception if user is not allowed to change password', async () => {
798
+ expect(resetPasswordToken).toStrictEqual(expect.any(String));
799
+ const { body, status } = await e2e_setup_1.server.patch('/auth/change-password', { resetPasswordToken, newPassword: 'newPassword' });
800
+ expect(status).toBe(403);
801
+ expect(body).toEqual({
802
+ error: 'Forbidden',
803
+ message: 'You are not allowed to change your password.',
804
+ statusCode: 403,
805
+ });
806
+ });
807
+ });
808
+ describe('changePasswordCallback', () => {
809
+ let resetPasswordToken;
810
+ beforeEach(async () => {
811
+ await e2e_setup_1.server.post('/auth/reset-password', { email: user.email });
812
+ const { resetPasswordToken: token } = (await model.findOne({ email: user.email }).lean().exec());
813
+ resetPasswordToken = token;
814
+ });
815
+ it('should change password and unset resetPasswordToken if resetPasswordToken is valid', async () => {
816
+ expect(resetPasswordToken).toStrictEqual(expect.any(String));
817
+ const newPassword = 'newPassword';
818
+ const bcryptService = app.get(src_1.BcryptService);
819
+ const { password: passwordBeforeUpdate } = (await model.findOne({ email: user.email }).lean().exec());
820
+ const { status } = await e2e_setup_1.server.patch('/auth/change-password', { resetPasswordToken, newPassword });
821
+ const { password: passwordAfterUpdate, resetPasswordToken: tokenAfterUpdate } = (await model.findOne({ email: user.email }).lean().exec());
822
+ const isPreviousPassword = await bcryptService.comparePassword(user.password, passwordBeforeUpdate);
823
+ expect(isPreviousPassword).toBe(true);
824
+ const isNewPassword = await bcryptService.comparePassword(newPassword, passwordAfterUpdate);
825
+ expect(isNewPassword).toBe(true);
826
+ expect(status).toBe(204);
827
+ expect(tokenAfterUpdate).toStrictEqual(undefined);
828
+ });
604
829
  });
605
830
  });
606
831
  });
607
- describe('callback', () => {
608
- it('should throw an unauthorized exception if user is not verified', async () => {
609
- const { username, pass } = user;
610
- const { body, status } = await e2e_setup_1.server.post('/auth/login', { username, pass });
611
- expect(status).toBe(401);
612
- expect(body).toEqual({
613
- error: 'Unauthorized',
614
- message: `Hello ${username}, you must verify your account first!`,
615
- statusCode: 401,
832
+ });
833
+ describe('Websockets', () => {
834
+ it('should enable websockets globally', async () => {
835
+ await initModule({
836
+ webSocket: true,
837
+ }, undefined, async (app) => {
838
+ app.useWebSocketAdapter(new socket_adapter_1.SocketAdapter(app));
839
+ }, true);
840
+ expect(src_1.DynamicApiModule.state.get('gatewayOptions')).toStrictEqual({});
841
+ await e2e_setup_1.server.emit('test', { message: 'Hello' });
842
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
843
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledWith({ message: 'Hello' });
844
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
845
+ });
846
+ describe('Authentication EVENTS', () => {
847
+ describe('useAuth when only userEntity is provided', () => {
848
+ let UserEntity = class UserEntity extends src_1.BaseEntity {
849
+ };
850
+ __decorate([
851
+ (0, mongoose_1.Prop)({ type: String, required: true }),
852
+ __metadata("design:type", String)
853
+ ], UserEntity.prototype, "email", void 0);
854
+ __decorate([
855
+ (0, mongoose_1.Prop)({ type: String, required: true }),
856
+ __metadata("design:type", String)
857
+ ], UserEntity.prototype, "password", void 0);
858
+ UserEntity = __decorate([
859
+ (0, mongoose_1.Schema)({ collection: 'users' })
860
+ ], UserEntity);
861
+ beforeEach(async () => {
862
+ await initModule({
863
+ useAuth: {
864
+ userEntity: UserEntity,
865
+ webSocket: true,
866
+ },
867
+ }, undefined, async (app) => {
868
+ app.useWebSocketAdapter(new socket_adapter_1.SocketAdapter(app));
869
+ });
870
+ });
871
+ describe('EVENT auth-register', () => {
872
+ it('should throw a ws exception if email is missing', async () => {
873
+ await e2e_setup_1.server.emit('auth-register', { username: 'unit-test', password: 'test-2' });
874
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
875
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
876
+ message: ['email property is required'],
877
+ });
878
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
879
+ });
880
+ it('should throw a ws exception if password is missing', async () => {
881
+ await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', pass: 'test-2' });
882
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
883
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
884
+ message: ['password property is required'],
885
+ });
886
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
887
+ });
888
+ it('should create a new user and return access token', async () => {
889
+ await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', password: 'test' });
890
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
891
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
892
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledWith({ accessToken: expect.any(String) });
893
+ });
894
+ });
895
+ describe('EVENT auth-login', () => {
896
+ it('should throw a ws exception if email is missing', async () => {
897
+ await e2e_setup_1.server.emit('auth-login', { password: 'test-2' });
898
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
899
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
900
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
901
+ message: 'Unauthorized',
902
+ });
903
+ });
904
+ it('should throw a ws exception if password is missing', async () => {
905
+ await e2e_setup_1.server.emit('auth-login', { email: 'unit@test.co' });
906
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
907
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
908
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
909
+ message: 'Unauthorized',
910
+ });
911
+ });
912
+ it('should return access token', async () => {
913
+ await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', password: 'test' });
914
+ await e2e_setup_1.server.emit('auth-login', { email: 'unit@test.co', password: 'test' });
915
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
916
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(2);
917
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenNthCalledWith(2, { accessToken: expect.any(String) });
918
+ });
919
+ });
920
+ describe('EVENT auth-get-account', () => {
921
+ it('should throw a ws exception if access token is missing', async () => {
922
+ await e2e_setup_1.server.emit('auth-get-account');
923
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
924
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
925
+ message: 'Unauthorized',
926
+ });
927
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
928
+ });
929
+ it('should return user account', async () => {
930
+ const { accessToken } = await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', password: 'test' });
931
+ await e2e_setup_1.server.emit('auth-get-account', undefined, { accessToken });
932
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
933
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(2);
934
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenNthCalledWith(1, { accessToken: expect.any(String) });
935
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenNthCalledWith(2, { email: 'unit@test.co', id: expect.any(String) });
936
+ });
937
+ });
938
+ it('should throw a ws exception when receiving reset password event if reset password options are not configured', async () => {
939
+ await e2e_setup_1.server.emit('auth-reset-password', { email: 'toto@test.co' });
940
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
941
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
942
+ message: 'This feature is not available',
943
+ });
944
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
945
+ });
946
+ it('should throw a ws exception when receiving change password event if reset password options are not configured', async () => {
947
+ await e2e_setup_1.server.emit('auth-change-password', { newPassword: 'test' });
948
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
949
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
950
+ message: 'This feature is not available',
951
+ });
952
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
616
953
  });
617
954
  });
618
- });
619
- describe('additionalFields', () => {
620
- it('should return additional fields', async () => {
621
- const { username, pass } = admin;
622
- const { body: { accessToken } } = await e2e_setup_1.server.post('/auth/login', { username, pass });
623
- const { body, status } = await e2e_setup_1.server.get('/auth/account', { headers: { Authorization: `Bearer ${accessToken}` } });
624
- expect(status).toBe(200);
625
- expect(body).toEqual({ id: expect.any(String), username: 'admin', role: 'admin', isVerified: true });
955
+ describe('useAuth with jwt options', () => {
956
+ let jwtService;
957
+ let accessToken;
958
+ let app;
959
+ let UserEntity = class UserEntity extends src_1.BaseEntity {
960
+ };
961
+ __decorate([
962
+ (0, mongoose_1.Prop)({ type: String, required: true }),
963
+ __metadata("design:type", String)
964
+ ], UserEntity.prototype, "email", void 0);
965
+ __decorate([
966
+ (0, mongoose_1.Prop)({ type: String, required: true }),
967
+ __metadata("design:type", String)
968
+ ], UserEntity.prototype, "password", void 0);
969
+ UserEntity = __decorate([
970
+ (0, mongoose_1.Schema)({ collection: 'users' })
971
+ ], UserEntity);
972
+ beforeEach(async () => {
973
+ app = await initModule({
974
+ useAuth: {
975
+ userEntity: UserEntity,
976
+ webSocket: true,
977
+ jwt: {
978
+ secret: 'test-secret',
979
+ expiresIn: '3s',
980
+ },
981
+ },
982
+ }, undefined, async (_) => {
983
+ _.useWebSocketAdapter(new socket_adapter_1.SocketAdapter(_));
984
+ });
985
+ jwtService = app.get(jwt_1.JwtService);
986
+ const { accessToken: token } = await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', password: 'test' });
987
+ accessToken = token;
988
+ });
989
+ it('should initialize state and authentication EVENTS with jwt options', async () => {
990
+ expect(app).toBeDefined();
991
+ expect(src_1.DynamicApiModule.state.get()).toStrictEqual({
992
+ uri,
993
+ initialized: true,
994
+ isGlobalCacheEnabled: true,
995
+ connectionName: 'dynamic-api-connection',
996
+ cacheExcludedPaths: [],
997
+ credentials: {
998
+ loginField: 'email',
999
+ passwordField: 'password',
1000
+ },
1001
+ isAuthEnabled: true,
1002
+ jwtExpirationTime: '3s',
1003
+ jwtSecret: 'test-secret',
1004
+ routesConfig: {
1005
+ defaults: [
1006
+ 'GetMany',
1007
+ 'GetOne',
1008
+ 'CreateMany',
1009
+ 'CreateOne',
1010
+ 'UpdateMany',
1011
+ 'UpdateOne',
1012
+ 'ReplaceOne',
1013
+ 'DuplicateMany',
1014
+ 'DuplicateOne',
1015
+ 'DeleteMany',
1016
+ 'DeleteOne',
1017
+ ],
1018
+ excluded: [],
1019
+ },
1020
+ gatewayOptions: undefined,
1021
+ });
1022
+ });
1023
+ it('should throw a ws exception if access token is expired', async () => {
1024
+ e2e_setup_1.handleSocketResponse.mockReset();
1025
+ await (0, utils_1.wait)(4000);
1026
+ await e2e_setup_1.server.emit('auth-get-account', undefined, { accessToken });
1027
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1028
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1029
+ message: 'Unauthorized',
1030
+ });
1031
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1032
+ });
1033
+ it('should throw a ws exception if secret is invalid', async () => {
1034
+ e2e_setup_1.handleSocketResponse.mockReset();
1035
+ const invalidToken = jwtService.sign({ email: 'u', password: 'p' }, { secret: 'invalid-secret' });
1036
+ await e2e_setup_1.server.emit('auth-get-account', undefined, { accessToken: invalidToken });
1037
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1038
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1039
+ message: 'Unauthorized',
1040
+ });
1041
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1042
+ });
626
1043
  });
627
1044
  });
628
1045
  });