mongodb-dynamic-api 2.4.0 → 2.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/package.json +1 -1
  3. package/src/modules/auth/guards/jwt-socket-auth/jwt-socket-auth.guard.d.ts +3 -0
  4. package/src/modules/auth/guards/jwt-socket-auth/jwt-socket-auth.guard.js +16 -10
  5. package/src/modules/auth/guards/jwt-socket-auth/jwt-socket-auth.guard.js.map +1 -1
  6. package/src/modules/auth/mixins/auth-gateway.mixin.js +0 -3
  7. package/src/modules/auth/mixins/auth-gateway.mixin.js.map +1 -1
  8. package/src/modules/auth/mixins/auth-policies-guard.mixin.js +10 -4
  9. package/src/modules/auth/mixins/auth-policies-guard.mixin.js.map +1 -1
  10. package/src/version.json +1 -1
  11. package/test/dynamic-api-for-root.e2e-spec.js +526 -0
  12. package/test/dynamic-api-for-root.e2e-spec.js.map +1 -1
  13. package/tsconfig.tsbuildinfo +1 -1
package/test/dynamic-api-for-root.e2e-spec.js CHANGED
@@ -1041,6 +1041,532 @@ describe('DynamicApiModule forRoot (e2e)', () => {
1041
1041
  expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1042
1042
  });
1043
1043
  });
1044
+ describe('useAuth with validation options', () => {
1045
+ let UserEntity = class UserEntity extends src_1.BaseEntity {
1046
+ };
1047
+ __decorate([
1048
+ (0, mongoose_1.Prop)({ type: String, required: true }),
1049
+ (0, class_validator_1.IsEmail)(),
1050
+ __metadata("design:type", String)
1051
+ ], UserEntity.prototype, "email", void 0);
1052
+ __decorate([
1053
+ (0, mongoose_1.Prop)({ type: String, required: true }),
1054
+ (0, class_validator_1.IsStrongPassword)({
1055
+ minLength: 6,
1056
+ minLowercase: 1,
1057
+ minUppercase: 1,
1058
+ minNumbers: 1,
1059
+ minSymbols: 1,
1060
+ }),
1061
+ __metadata("design:type", String)
1062
+ ], UserEntity.prototype, "password", void 0);
1063
+ UserEntity = __decorate([
1064
+ (0, mongoose_1.Schema)({ collection: 'users' })
1065
+ ], UserEntity);
1066
+ beforeEach(async () => {
1067
+ await initModule({
1068
+ useAuth: {
1069
+ userEntity: UserEntity,
1070
+ validationPipeOptions: {
1071
+ whitelist: true,
1072
+ forbidNonWhitelisted: true,
1073
+ transform: true,
1074
+ },
1075
+ },
1076
+ webSocket: true,
1077
+ }, undefined, async (_) => {
1078
+ _.useWebSocketAdapter(new socket_adapter_1.SocketAdapter(_));
1079
+ });
1080
+ e2e_setup_1.handleSocketResponse.mockReset();
1081
+ });
1082
+ describe('EVENT auth-register', () => {
1083
+ it('should throw a ws exception if payload contains non whitelisted property', async () => {
1084
+ await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', password: 'Test-2', role: 'ADMIN' });
1085
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1086
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1087
+ message: ['property role should not exist'],
1088
+ });
1089
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1090
+ });
1091
+ it('should throw a ws exception if validation fails', async () => {
1092
+ await e2e_setup_1.server.emit('auth-register', { email: 'unit.test.co', password: 'test-2' });
1093
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1094
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1095
+ message: [
1096
+ 'email must be an email',
1097
+ 'password is not strong enough',
1098
+ ],
1099
+ });
1100
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1101
+ });
1102
+ it('should create a new user and emit access token if the validation was successful', async () => {
1103
+ await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', password: 'Test-2' });
1104
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1105
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1106
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledWith({
1107
+ accessToken: expect.any(String),
1108
+ });
1109
+ });
1110
+ });
1111
+ describe('EVENT auth-login', () => {
1112
+ beforeEach(async () => {
1113
+ await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', password: 'Test-2' });
1114
+ e2e_setup_1.handleSocketResponse.mockReset();
1115
+ });
1116
+ it('should throw a ws exception if payload contains non whitelisted property', async () => {
1117
+ await e2e_setup_1.server.emit('auth-login', { email: 'unit@test.co', password: 'Test-2', role: 'ADMIN' });
1118
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1119
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1120
+ message: ['property role should not exist'],
1121
+ });
1122
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1123
+ });
1124
+ it('should throw a ws exception if email is missing', async () => {
1125
+ await e2e_setup_1.server.emit('auth-login', { password: 'Test-2' });
1126
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1127
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1128
+ message: ['email must be an email'],
1129
+ });
1130
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1131
+ });
1132
+ it('should throw a ws exception if password is missing', async () => {
1133
+ await e2e_setup_1.server.emit('auth-login', { email: 'unit@test.co' });
1134
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1135
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1136
+ message: ['password is not strong enough'],
1137
+ });
1138
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1139
+ });
1140
+ it('should emit access token if the validation was successful', async () => {
1141
+ await e2e_setup_1.server.emit('auth-login', { email: 'unit@test.co', password: 'Test-2' });
1142
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1143
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1144
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledWith({
1145
+ accessToken: expect.any(String),
1146
+ });
1147
+ });
1148
+ });
1149
+ });
1150
+ describe('EVENT auth-register with register options', () => {
1151
+ let User = class User extends src_1.BaseEntity {
1152
+ constructor() {
1153
+ super(...arguments);
1154
+ this.role = 'user';
1155
+ }
1156
+ };
1157
+ __decorate([
1158
+ (0, mongoose_1.Prop)({ type: String, required: true }),
1159
+ __metadata("design:type", String)
1160
+ ], User.prototype, "email", void 0);
1161
+ __decorate([
1162
+ (0, mongoose_1.Prop)({ type: String, required: true }),
1163
+ __metadata("design:type", String)
1164
+ ], User.prototype, "password", void 0);
1165
+ __decorate([
1166
+ (0, mongoose_1.Prop)({ type: String, default: 'user' }),
1167
+ __metadata("design:type", String)
1168
+ ], User.prototype, "role", void 0);
1169
+ __decorate([
1170
+ (0, mongoose_1.Prop)({ type: Boolean, default: false }),
1171
+ __metadata("design:type", Boolean)
1172
+ ], User.prototype, "isVerified", void 0);
1173
+ User = __decorate([
1174
+ (0, mongoose_1.Schema)({ collection: 'users' })
1175
+ ], User);
1176
+ const admin = { email: 'admin@test.co', password: 'admin', role: 'admin', isVerified: true };
1177
+ const user = { email: 'user@test.co', password: 'user' };
1178
+ beforeEach(async () => {
1179
+ const bcryptService = new src_1.BcryptService();
1180
+ const fixtures = async (_) => {
1181
+ const model = await (0, utils_1.getModelFromEntity)(User);
1182
+ await model.insertMany([
1183
+ { ...admin, password: await bcryptService.hashPassword(admin.password) },
1184
+ { ...user, password: await bcryptService.hashPassword(user.password) },
1185
+ ]);
1186
+ };
1187
+ await initModule({
1188
+ useAuth: {
1189
+ userEntity: User,
1190
+ register: {
1191
+ protected: true,
1192
+ abilityPredicate: (user) => user.isVerified,
1193
+ additionalFields: ['role'],
1194
+ callback: async (user, { updateOneDocument }) => {
1195
+ if (user.role !== 'admin') {
1196
+ return;
1197
+ }
1198
+ await updateOneDocument(User, { _id: user.id }, { $set: { isVerified: true } });
1199
+ },
1200
+ },
1201
+ login: {
1202
+ additionalFields: ['role', 'isVerified'],
1203
+ },
1204
+ },
1205
+ webSocket: true,
1206
+ }, fixtures, async (_) => {
1207
+ _.useWebSocketAdapter(new socket_adapter_1.SocketAdapter(_));
1208
+ });
1209
+ });
1210
+ describe('protected', () => {
1211
+ it('should throw a ws exception if user is not logged in and protected is true', async () => {
1212
+ await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', password: 'test' });
1213
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1214
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1215
+ message: 'Unauthorized',
1216
+ });
1217
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1218
+ });
1219
+ });
1220
+ describe('abilityPredicate', () => {
1221
+ it('should not create a new user if user is not verified', async () => {
1222
+ const { email, password } = user;
1223
+ const { accessToken } = await e2e_setup_1.server.emit('auth-login', { email, password });
1224
+ e2e_setup_1.handleSocketResponse.mockReset();
1225
+ await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', password: 'test' }, {
1226
+ accessToken,
1227
+ });
1228
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1229
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1230
+ message: 'Access denied',
1231
+ });
1232
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1233
+ });
1234
+ it('should create a new user and return access token if user is verified', async () => {
1235
+ const { email, password } = admin;
1236
+ const { accessToken } = await e2e_setup_1.server.emit('auth-login', { email, password });
1237
+ e2e_setup_1.handleSocketResponse.mockReset();
1238
+ await e2e_setup_1.server.emit('auth-register', { email: 'unit@test.co', password: 'test' }, {
1239
+ accessToken,
1240
+ });
1241
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1242
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1243
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledWith({ accessToken: expect.any(String) });
1244
+ });
1245
+ });
1246
+ describe('additionalFields', () => {
1247
+ it('should allow to register a new user with additional fields', async () => {
1248
+ const { email, password } = admin;
1249
+ const { accessToken } = await e2e_setup_1.server.emit('auth-login', { email, password });
1250
+ e2e_setup_1.handleSocketResponse.mockReset();
1251
+ await e2e_setup_1.server.emit('auth-register', { email: 'client@test.co', password: 'client', role: 'client' }, {
1252
+ accessToken,
1253
+ });
1254
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1255
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1256
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledWith({ accessToken: expect.any(String) });
1257
+ });
1258
+ });
1259
+ describe('callback', () => {
1260
+ let adminAccessToken;
1261
+ beforeEach(async () => {
1262
+ const { email, password } = admin;
1263
+ const { accessToken } = await e2e_setup_1.server.emit('auth-login', { email, password });
1264
+ adminAccessToken = accessToken;
1265
+ e2e_setup_1.handleSocketResponse.mockReset();
1266
+ });
1267
+ it('should not set isVerified to true if role is not admin', async () => {
1268
+ const { accessToken: clientAccessToken } = await e2e_setup_1.server.emit('auth-register', { email: 'client@test.co', password: 'client', role: 'client' }, {
1269
+ accessToken: adminAccessToken,
1270
+ });
1271
+ e2e_setup_1.handleSocketResponse.mockReset();
1272
+ const body = await e2e_setup_1.server.emit('auth-get-account', undefined, { accessToken: clientAccessToken });
1273
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1274
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1275
+ expect(body).toHaveProperty('isVerified', false);
1276
+ });
1277
+ it('should set isVerified to true if role is admin', async () => {
1278
+ const { accessToken: admin2AccessToken } = await e2e_setup_1.server.emit('auth-register', { email: 'admin2@test.co', password: 'admin2', role: 'admin' }, {
1279
+ accessToken: adminAccessToken,
1280
+ });
1281
+ e2e_setup_1.handleSocketResponse.mockReset();
1282
+ const body = await e2e_setup_1.server.emit('auth-get-account', undefined, { accessToken: admin2AccessToken });
1283
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1284
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1285
+ expect(body).toHaveProperty('isVerified', true);
1286
+ });
1287
+ });
1288
+ });
1289
+ describe('EVENT auth-login with login options', () => {
1290
+ let User = class User extends src_1.BaseEntity {
1291
+ constructor() {
1292
+ super(...arguments);
1293
+ this.role = 'user';
1294
+ }
1295
+ };
1296
+ __decorate([
1297
+ (0, mongoose_1.Prop)({ type: String, required: true }),
1298
+ __metadata("design:type", String)
1299
+ ], User.prototype, "username", void 0);
1300
+ __decorate([
1301
+ (0, mongoose_1.Prop)({ type: String, required: true }),
1302
+ __metadata("design:type", String)
1303
+ ], User.prototype, "pass", void 0);
1304
+ __decorate([
1305
+ (0, mongoose_1.Prop)({ type: String, default: 'user' }),
1306
+ __metadata("design:type", String)
1307
+ ], User.prototype, "role", void 0);
1308
+ __decorate([
1309
+ (0, mongoose_1.Prop)({ type: Boolean, default: false }),
1310
+ __metadata("design:type", Boolean)
1311
+ ], User.prototype, "isVerified", void 0);
1312
+ User = __decorate([
1313
+ (0, mongoose_1.Schema)({ collection: 'users' })
1314
+ ], User);
1315
+ const admin = { username: 'admin', pass: 'admin', role: 'admin', isVerified: true };
1316
+ const user = { username: 'user', pass: 'user' };
1317
+ const client = { username: 'client', pass: 'client', role: 'client', isVerified: true };
1318
+ beforeEach(async () => {
1319
+ const bcryptService = new src_1.BcryptService();
1320
+ const fixtures = async (_) => {
1321
+ const model = await (0, utils_1.getModelFromEntity)(User);
1322
+ await model.insertMany([
1323
+ { ...admin, pass: await bcryptService.hashPassword(admin.pass) },
1324
+ { ...user, pass: await bcryptService.hashPassword(user.pass) },
1325
+ { ...client, pass: await bcryptService.hashPassword(client.pass) },
1326
+ ]);
1327
+ };
1328
+ await initModule({
1329
+ useAuth: {
1330
+ userEntity: User,
1331
+ login: {
1332
+ loginField: 'username',
1333
+ passwordField: 'pass',
1334
+ additionalFields: ['role', 'isVerified'],
1335
+ abilityPredicate: (user) => user.role === 'admin' || user.role === 'user',
1336
+ callback: async (user) => {
1337
+ if (user.isVerified) {
1338
+ return;
1339
+ }
1340
+ throw new common_1.UnauthorizedException(`Hello ${user.username}, you must verify your account first!`);
1341
+ },
1342
+ },
1343
+ },
1344
+ webSocket: true,
1345
+ }, fixtures, async (_) => {
1346
+ _.useWebSocketAdapter(new socket_adapter_1.SocketAdapter(_));
1347
+ });
1348
+ });
1349
+ describe('loginField', () => {
1350
+ it('should throw a ws exception if loginField is missing', async () => {
1351
+ await e2e_setup_1.server.emit('auth-login', { pass: 'test' });
1352
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1353
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1354
+ message: 'Unauthorized',
1355
+ });
1356
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1357
+ });
1358
+ });
1359
+ describe('passwordField', () => {
1360
+ it('should throw an unauthorized exception if passwordField is missing', async () => {
1361
+ await e2e_setup_1.server.emit('auth-login', { username: 'unit' });
1362
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1363
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1364
+ message: 'Unauthorized',
1365
+ });
1366
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1367
+ });
1368
+ });
1369
+ describe('abilityPredicate', () => {
1370
+ it('should throw a ws exception if user role is not admin or user', async () => {
1371
+ const { username, pass } = client;
1372
+ await e2e_setup_1.server.emit('auth-login', { username, pass });
1373
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1374
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1375
+ message: 'Access denied',
1376
+ });
1377
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1378
+ });
1379
+ });
1380
+ describe('callback', () => {
1381
+ it('should throw a ws exception if user is not verified', async () => {
1382
+ const { username, pass } = user;
1383
+ await e2e_setup_1.server.emit('auth-login', { username, pass });
1384
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1385
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1386
+ message: 'Hello user, you must verify your account first!',
1387
+ });
1388
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1389
+ });
1390
+ });
1391
+ describe('additionalFields', () => {
1392
+ it('should return additional fields', async () => {
1393
+ const { username, pass } = admin;
1394
+ const { accessToken } = await e2e_setup_1.server.emit('auth-login', { username, pass });
1395
+ e2e_setup_1.handleSocketResponse.mockReset();
1396
+ await e2e_setup_1.server.emit('auth-get-account', undefined, { accessToken });
1397
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1398
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1399
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledWith({ id: expect.any(String), username: 'admin', role: 'admin', isVerified: true });
1400
+ });
1401
+ });
1402
+ });
1403
+ describe('useAuth with resetPassword options', () => {
1404
+ let User = class User extends src_1.BaseEntity {
1405
+ };
1406
+ __decorate([
1407
+ (0, mongoose_1.Prop)({ type: String, required: true }),
1408
+ __metadata("design:type", String)
1409
+ ], User.prototype, "email", void 0);
1410
+ __decorate([
1411
+ (0, mongoose_1.Prop)({ type: String, required: true }),
1412
+ __metadata("design:type", String)
1413
+ ], User.prototype, "password", void 0);
1414
+ __decorate([
1415
+ (0, mongoose_1.Prop)({ type: Boolean, default: false }),
1416
+ __metadata("design:type", Boolean)
1417
+ ], User.prototype, "isVerified", void 0);
1418
+ __decorate([
1419
+ (0, mongoose_1.Prop)({ type: String }),
1420
+ __metadata("design:type", String)
1421
+ ], User.prototype, "resetPasswordToken", void 0);
1422
+ User = __decorate([
1423
+ (0, mongoose_1.Schema)({ collection: 'users' })
1424
+ ], User);
1425
+ let model;
1426
+ let user;
1427
+ let client;
1428
+ let app;
1429
+ beforeEach(async () => {
1430
+ user = { email: 'user@test.co', password: 'user', isVerified: true };
1431
+ client = { email: 'client@test.co', password: 'client' };
1432
+ const bcryptService = new src_1.BcryptService();
1433
+ const fixtures = async (_) => {
1434
+ model = await (0, utils_1.getModelFromEntity)(User);
1435
+ await model.insertMany([
1436
+ { ...user, password: await bcryptService.hashPassword(user.password) },
1437
+ { ...client, password: await bcryptService.hashPassword(client.password) },
1438
+ ]);
1439
+ };
1440
+ app = await initModule({
1441
+ useAuth: {
1442
+ userEntity: User,
1443
+ resetPassword: {
1444
+ emailField: 'email',
1445
+ expirationInMinutes: 1,
1446
+ resetPasswordCallback: async ({ resetPasswordToken }, { updateUserByEmail }) => {
1447
+ await updateUserByEmail({ $set: { resetPasswordToken } });
1448
+ },
1449
+ changePasswordAbilityPredicate: (user) => user.isVerified && !!user.resetPasswordToken,
1450
+ changePasswordCallback: async (user, { updateOneDocument }) => {
1451
+ await updateOneDocument(User, { _id: user.id }, { $unset: { resetPasswordToken: 1 } });
1452
+ },
1453
+ },
1454
+ },
1455
+ webSocket: true,
1456
+ }, fixtures, async (_) => {
1457
+ _.useWebSocketAdapter(new socket_adapter_1.SocketAdapter(_));
1458
+ });
1459
+ });
1460
+ describe('EVENT auth-reset-password', () => {
1461
+ it('should throw a ws exception if email is missing if no validation options are provided', async () => {
1462
+ await e2e_setup_1.server.emit('auth-reset-password', {});
1463
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1464
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1465
+ message: 'Invalid or missing argument',
1466
+ });
1467
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1468
+ });
1469
+ it('should not throw a ws exception if email is invalid if no validation options are provided', async () => {
1470
+ await e2e_setup_1.server.emit('auth-reset-password', { email: 'unit.test.co' });
1471
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1472
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1473
+ });
1474
+ it('should not throw a ws exception if email is not found', async () => {
1475
+ await e2e_setup_1.server.emit('auth-reset-password', { email: 'invalid@test.co' });
1476
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1477
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1478
+ });
1479
+ describe('resetPasswordCallback', () => {
1480
+ it('should set resetPasswordToken if email is valid', async () => {
1481
+ const { email } = user;
1482
+ const { resetPasswordToken: resetPasswordTokenBeforeUpdate } = (await model.findOne({ email }).lean().exec());
1483
+ await e2e_setup_1.server.emit('auth-reset-password', { email });
1484
+ const { resetPasswordToken: resetPasswordTokenAfterUpdate } = (await model.findOne({ email }).lean().exec());
1485
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1486
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1487
+ expect(resetPasswordTokenBeforeUpdate).toStrictEqual(undefined);
1488
+ expect(resetPasswordTokenAfterUpdate).toStrictEqual(expect.any(String));
1489
+ });
1490
+ });
1491
+ });
1492
+ describe('EVENT auth-change-password', () => {
1493
+ it('should throw a ws exception if resetPasswordToken is missing', async () => {
1494
+ await e2e_setup_1.server.emit('auth-change-password', { newPassword: 'test' });
1495
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1496
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1497
+ message: 'Invalid or missing argument',
1498
+ });
1499
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1500
+ });
1501
+ it('should throw a ws exception if newPassword is missing', async () => {
1502
+ await e2e_setup_1.server.emit('auth-change-password', { resetPasswordToken: 'resetPasswordToken' });
1503
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1504
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1505
+ message: 'Invalid or missing argument',
1506
+ });
1507
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1508
+ });
1509
+ it('should throw a ws exception if resetPasswordToken is invalid', async () => {
1510
+ await e2e_setup_1.server.emit('auth-change-password', { resetPasswordToken: 'test', newPassword: 'newPassword' });
1511
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1512
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1513
+ message: 'Invalid reset password token. Please redo the reset password process.',
1514
+ });
1515
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1516
+ });
1517
+ it('should throw a ws exception if resetPasswordToken is expired', async () => {
1518
+ const jwtService = app.get(jwt_1.JwtService);
1519
+ const expiredResetPasswordToken = jwtService.sign({ email: user.email }, { expiresIn: 1 });
1520
+ await (0, utils_1.wait)(500);
1521
+ await e2e_setup_1.server.emit('auth-change-password', { resetPasswordToken: expiredResetPasswordToken, newPassword: 'newPassword' });
1522
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1523
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1524
+ message: 'Time to reset password has expired. Please redo the reset password process.',
1525
+ });
1526
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1527
+ });
1528
+ describe('changePasswordAbilityPredicate', () => {
1529
+ let resetPasswordToken;
1530
+ beforeEach(async () => {
1531
+ await e2e_setup_1.server.emit('auth-reset-password', { email: client.email });
1532
+ e2e_setup_1.handleSocketResponse.mockReset();
1533
+ const { resetPasswordToken: token } = (await model.findOne({ email: client.email }).lean().exec());
1534
+ resetPasswordToken = token;
1535
+ });
1536
+ it('should throw a ws exception if user is not allowed to change password', async () => {
1537
+ await e2e_setup_1.server.emit('auth-change-password', { resetPasswordToken, newPassword: 'newPassword' });
1538
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledTimes(1);
1539
+ expect(e2e_setup_1.handleSocketException).toHaveBeenCalledWith({
1540
+ message: 'You are not allowed to change your password.',
1541
+ });
1542
+ expect(e2e_setup_1.handleSocketResponse).not.toHaveBeenCalled();
1543
+ });
1544
+ });
1545
+ describe('changePasswordCallback', () => {
1546
+ let resetPasswordToken;
1547
+ beforeEach(async () => {
1548
+ await e2e_setup_1.server.emit('auth-reset-password', { email: user.email });
1549
+ e2e_setup_1.handleSocketResponse.mockReset();
1550
+ const { resetPasswordToken: token } = (await model.findOne({ email: user.email }).lean().exec());
1551
+ resetPasswordToken = token;
1552
+ });
1553
+ it('should change password and unset resetPasswordToken if resetPasswordToken is valid', async () => {
1554
+ const newPassword = 'newPassword';
1555
+ const bcryptService = app.get(src_1.BcryptService);
1556
+ const { password: passwordBeforeUpdate } = (await model.findOne({ email: user.email }).lean().exec());
1557
+ await e2e_setup_1.server.emit('auth-change-password', { resetPasswordToken, newPassword });
1558
+ const { password: passwordAfterUpdate, resetPasswordToken: tokenAfterUpdate } = (await model.findOne({ email: user.email }).lean().exec());
1559
+ const isPreviousPassword = await bcryptService.comparePassword(user.password, passwordBeforeUpdate);
1560
+ expect(isPreviousPassword).toBe(true);
1561
+ const isNewPassword = await bcryptService.comparePassword(newPassword, passwordAfterUpdate);
1562
+ expect(isNewPassword).toBe(true);
1563
+ expect(tokenAfterUpdate).toStrictEqual(undefined);
1564
+ expect(e2e_setup_1.handleSocketException).not.toHaveBeenCalled();
1565
+ expect(e2e_setup_1.handleSocketResponse).toHaveBeenCalledTimes(1);
1566
+ });
1567
+ });
1568
+ });
1569
+ });
1044
1570
  });
1045
1571
  });
1046
1572
  });