2022-07-07 00:19:05 +03:00
|
|
|
package forms_test
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
|
|
"github.com/pocketbase/pocketbase/forms"
|
|
|
|
|
"github.com/pocketbase/pocketbase/tests"
|
|
|
|
|
"github.com/pocketbase/pocketbase/tools/security"
|
|
|
|
|
)
|
|
|
|
|
|
2022-10-30 10:28:14 +02:00
|
|
|
func TestAdminPasswordResetConfirmValidateAndSubmit(t *testing.T) {
|
2022-07-07 00:19:05 +03:00
|
|
|
app, _ := tests.NewTestApp()
|
|
|
|
|
defer app.Cleanup()
|
|
|
|
|
|
|
|
|
|
form := forms.NewAdminPasswordResetConfirm(app)
|
|
|
|
|
|
|
|
|
|
scenarios := []struct {
|
|
|
|
|
token string
|
|
|
|
|
password string
|
|
|
|
|
passwordConfirm string
|
|
|
|
|
expectError bool
|
|
|
|
|
}{
|
|
|
|
|
{"", "", "", true},
|
|
|
|
|
{"", "123", "", true},
|
|
|
|
|
{"", "", "123", true},
|
|
|
|
|
{"test", "", "", true},
|
|
|
|
|
{"test", "123", "", true},
|
|
|
|
|
{"test", "123", "123", true},
|
|
|
|
|
{
|
|
|
|
|
// expired
|
2022-10-30 10:28:14 +02:00
|
|
|
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImV4cCI6MTY0MDk5MTY2MX0.GLwCOsgWTTEKXTK-AyGW838de1OeZGIjfHH0FoRLqZg",
|
2022-07-07 00:19:05 +03:00
|
|
|
"1234567890",
|
|
|
|
|
"1234567890",
|
|
|
|
|
true,
|
|
|
|
|
},
|
|
|
|
|
{
|
2022-10-30 10:28:14 +02:00
|
|
|
// valid with mismatched passwords
|
|
|
|
|
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImV4cCI6MjIwODk4MTYwMH0.kwFEler6KSMKJNstuaSDvE1QnNdCta5qSnjaIQ0hhhc",
|
2022-07-07 00:19:05 +03:00
|
|
|
"1234567890",
|
2022-10-30 10:28:14 +02:00
|
|
|
"1234567891",
|
2022-07-07 00:19:05 +03:00
|
|
|
true,
|
|
|
|
|
},
|
|
|
|
|
{
|
2022-10-30 10:28:14 +02:00
|
|
|
// valid with matching passwords
|
|
|
|
|
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImV4cCI6MjIwODk4MTYwMH0.kwFEler6KSMKJNstuaSDvE1QnNdCta5qSnjaIQ0hhhc",
|
|
|
|
|
"1234567891",
|
|
|
|
|
"1234567891",
|
2022-07-07 00:19:05 +03:00
|
|
|
false,
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for i, s := range scenarios {
|
|
|
|
|
form.Token = s.token
|
|
|
|
|
form.Password = s.password
|
|
|
|
|
form.PasswordConfirm = s.passwordConfirm
|
|
|
|
|
|
|
|
|
|
admin, err := form.Submit()
|
|
|
|
|
|
|
|
|
|
hasErr := err != nil
|
|
|
|
|
if hasErr != s.expectError {
|
|
|
|
|
t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
|
2022-10-30 10:28:14 +02:00
|
|
|
continue
|
2022-07-07 00:19:05 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if s.expectError {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
claims, _ := security.ParseUnverifiedJWT(s.token)
|
2022-07-09 22:17:41 +08:00
|
|
|
tokenAdminId := claims["id"]
|
2022-07-07 00:19:05 +03:00
|
|
|
|
|
|
|
|
if admin.Id != tokenAdminId {
|
|
|
|
|
t.Errorf("(%d) Expected admin with id %s to be returned, got %v", i, tokenAdminId, admin)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !admin.ValidatePassword(form.Password) {
|
|
|
|
|
t.Errorf("(%d) Expected the admin password to have been updated to %q", i, form.Password)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
