Merge pull request 'Selfservice donations reformatting feature/187-selfservice_donation' (#188) from feature/187-selfservice_donation into dev

Reviewed-on: #188

.drone.yml

@@ -1,5 +1,27 @@
+---
+kind: secret
+name: docker_username
+get:
+  path: odit-registry-builder
+  name: username
+
+---
+kind: secret
+name: docker_password
+get:
+  path: odit-registry-builder
+  name: password
+
+---
+kind: secret
+name: git_ssh
+get:
+  path: odit-git-bot
+  name: sshkey
+
 ---
 kind: pipeline
+type: kubernetes
 name: tests:node_latest
 clone:
   disable: true
@@ -20,7 +42,7 @@ trigger:
 
 ---
 kind: pipeline
-type: docker
+type: kubernetes
 name: build:dev
 clone:
   disable: true
@@ -36,13 +58,14 @@ steps:
     depends_on: [clone]
     settings:
       username:
-        from_secret: DOCKER_REGISTRY_USER
+        from_secret: docker_username
       password:
-        from_secret: DOCKER_REGISTRY_PASSWORD
+        from_secret: docker_password
       repo: registry.odit.services/lfk/backend
       tags:
         - dev
       registry: registry.odit.services
+      mtu: 1000
   - name: run changelog export
     depends_on: ["clone"]
     image: node:latest
@@ -58,7 +81,7 @@ steps:
       author_email: bot@odit.services
       remote: git@git.odit.services:lfk/backend.git
       ssh_key:
-        from_secret: GITLAB_SSHKEY
+        from_secret: git_ssh
   - name: run full license export
     depends_on: ["clone"]
     image: node:14.15.1-alpine3.12
@@ -76,7 +99,7 @@ steps:
       remote: git@git.odit.services:lfk/backend.git
       skip_verify: true
       ssh_key:
-        from_secret: GITLAB_SSHKEY
+        from_secret: git_ssh
 
 
 trigger:
@@ -87,7 +110,7 @@ trigger:
 
 ---
 kind: pipeline
-type: docker
+type: kubernetes
 name: build:latest
 clone:
   disable: true
@@ -105,13 +128,14 @@ steps:
     image: plugins/docker
     settings:
       username:
-        from_secret: DOCKER_REGISTRY_USER
+        from_secret: docker_username
       password:
-        from_secret: DOCKER_REGISTRY_PASSWORD
+        from_secret: docker_password
       repo: registry.odit.services/lfk/backend
       tags:
         - latest
       registry: registry.odit.services
+      mtu: 1000
   - name: push merge to repo
     depends_on: ["clone"]
     image: appleboy/drone-git-push
@@ -120,7 +144,7 @@ steps:
       commit: false
       remote: git@git.odit.services:lfk/backend.git
       ssh_key:
-        from_secret: GITLAB_SSHKEY
+        from_secret: git_ssh
 
 trigger:
   branch:
@@ -130,7 +154,7 @@ trigger:
 
 ---
 kind: pipeline
-type: docker
+type: kubernetes
 name: build:tags
 
 steps:
@@ -139,13 +163,14 @@ steps:
     depends_on: [clone]
     settings:
       username:
-        from_secret: DOCKER_REGISTRY_USER
+        from_secret: docker_username
       password:
-        from_secret: DOCKER_REGISTRY_PASSWORD
+        from_secret: docker_password
       repo: registry.odit.services/lfk/backend
       tags:
         - '${DRONE_TAG}'
       registry: registry.odit.services
+      mtu: 1000
   - name: trigger node lib build
     image: idcooldi/drone-webhook
     settings:

CHANGELOG.md

@@ -2,12 +2,225 @@
 
 All notable changes to this project will be documented in this file. Dates are displayed in UTC.
 
+#### [v0.10.0](https://git.odit.services/lfk/backend/compare/v0.9.2...v0.10.0)
+
+- Merge pull request 'Release 0.10.0' (#186) from dev into main [`b517dff`](https://git.odit.services/lfk/backend/commit/b517dff8a82c960836d9f0be90fd89f3ba2fae7d)
+- 🚀Bumped version to v0.10.0 [`dc3071f`](https://git.odit.services/lfk/backend/commit/dc3071f7d2be298f0bb02d86ec67ed1125cd3b49)
+- Added locale to mail related runner endpoints [`7af883f`](https://git.odit.services/lfk/backend/commit/7af883f27198206af542bcaff4686221d3788e87)
+- Added locale to mail related runner endpoints [`f543307`](https://git.odit.services/lfk/backend/commit/f5433076b01c743ed9af085fccadb8f1edc26419)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`5fb355f`](https://git.odit.services/lfk/backend/commit/5fb355f450f19e96d3671b1a46e94d564495942b)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`114c246`](https://git.odit.services/lfk/backend/commit/114c246aceba566cc0dd6daab51a77b951b031cc)
+- Merge pull request 'Mail locales feature/184-mail_locales' (#185) from feature/184-mail_locales into dev [`33c13de`](https://git.odit.services/lfk/backend/commit/33c13de32c68a3d9e87e4fd9ad12a815ed8c9fde)
+- Added locale to mail related user endpoints [`1be073a`](https://git.odit.services/lfk/backend/commit/1be073a4fa39f0332a46f567ee6af10a9137844c)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`6aafe4a`](https://git.odit.services/lfk/backend/commit/6aafe4a6ae7d253ab39220e551c52ae067cc481a)
+
+#### [v0.9.2](https://git.odit.services/lfk/backend/compare/v0.9.1...v0.9.2)
+
+> 29 March 2021
+
+- Merge pull request 'Release 0.9.2' (#183) from dev into main [`bdeeb03`](https://git.odit.services/lfk/backend/commit/bdeeb036459c2a2131e843d8a5a6b338e0ba46ea)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`675c876`](https://git.odit.services/lfk/backend/commit/675c8762e8e4cf28d2f334d5ab2e1cb6b594e33c)
+- Fixed bug in return creation [`6c9b91d`](https://git.odit.services/lfk/backend/commit/6c9b91d75a0d08fc4ab0e72c7a09bd0133566368)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`8c00aef`](https://git.odit.services/lfk/backend/commit/8c00aefd6ce3723d9f83d1c94e6491d5d597391f)
+- 🚀Bumped version to v0.9.2 [`89e3924`](https://git.odit.services/lfk/backend/commit/89e392473c52a3f328545699a0f4df89be33ba89)
+
+#### [v0.9.1](https://git.odit.services/lfk/backend/compare/v0.9.0...v0.9.1)
+
+> 29 March 2021
+
+- Merge pull request 'Release v0.9.1' (#182) from dev into main [`3afd785`](https://git.odit.services/lfk/backend/commit/3afd785a54fac91c12af789af19b45e6124e0e39)
+- 🚀Bumped version to v0.9.1 [`a139554`](https://git.odit.services/lfk/backend/commit/a139554e059e9a10acb1733ce1a82b610cc99269)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`8099999`](https://git.odit.services/lfk/backend/commit/8099999e2cdfc8046f9ff4a90681281b671e402d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`0290b0e`](https://git.odit.services/lfk/backend/commit/0290b0e5f531364d37d8157e639614cf5a6b4189)
+- Merge pull request 'Return cards generated in bulk feature/180-blank_generation_return' (#181) from feature/180-blank_generation_return into dev [`0f7fa99`](https://git.odit.services/lfk/backend/commit/0f7fa990d473ce2dce032c47c39f79c1d0e8df90)
+- Added query param to return created runenrcards [`5a36c8d`](https://git.odit.services/lfk/backend/commit/5a36c8dcae3d79b3b05ffb30a7ebb0d31dc8183a)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`58f4d21`](https://git.odit.services/lfk/backend/commit/58f4d2151f459bc72692cc70e02a59b77abfb9f0)
+- Added test for returnCards=true array length [`1cb2dc9`](https://git.odit.services/lfk/backend/commit/1cb2dc9d53b530435f5798f9cdf7ee866eb7416e)
+- Added test for single card generation with returnCards=true [`6005b06`](https://git.odit.services/lfk/backend/commit/6005b0661f1d5c461bb102e243cc209a8adc21fa)
+- Fixed copy-paste oversight [`2f568c9`](https://git.odit.services/lfk/backend/commit/2f568c9cb8ae39ce40ec8df6d9acbaf0d5ae1a26)
+
+#### [v0.9.0](https://git.odit.services/lfk/backend/compare/v0.8.0...v0.9.0)
+
+> 26 March 2021
+
+- Merge pull request 'Release 0.9.0' (#179) from dev into main [`95135dd`](https://git.odit.services/lfk/backend/commit/95135ddc893dcf64be67b47b0ef2b0d9041253bd)
+- Reenabled user tests [`4c66650`](https://git.odit.services/lfk/backend/commit/4c6665062fe6717242e43b58e66c1f1d030c018d)
+- Moved to tmp files to better check for other problems [`7a64f23`](https://git.odit.services/lfk/backend/commit/7a64f2393783f97a9729356bc1dfd831927dd312)
+- Added user creation invalid tests [`888cab5`](https://git.odit.services/lfk/backend/commit/888cab5898caf9e552c421346934bf90f717a653)
+- Updated auth test to comply with the new pw requirements [`63f6526`](https://git.odit.services/lfk/backend/commit/63f6526e4f59621edbf1fad59fc569b4bd6acbf2)
+- Added user deletion tests [`e6a8ebc`](https://git.odit.services/lfk/backend/commit/e6a8ebcb5b4f430254da4afe159141b21d8da0ed)
+- Added user creation valid tests [`383a809`](https://git.odit.services/lfk/backend/commit/383a8095b8286d51fb2fb24ae2fd0156230e56ab)
+- 📖New license file version [CI SKIP] [skip ci] [`bd7b81e`](https://git.odit.services/lfk/backend/commit/bd7b81efe795c02512c87f3b5dd5eec796580144)
+- Added password errors [`24c38cc`](https://git.odit.services/lfk/backend/commit/24c38cce26da41ccf375e1ccf04afa1868aad8df)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`274a146`](https://git.odit.services/lfk/backend/commit/274a146b9bccfe5e1a879ca137ebb4f51eaa5d57)
+- Fixed test params [`070560e`](https://git.odit.services/lfk/backend/commit/070560e8632e833dd26505c02ccb2474462b63ac)
+- No longer using createuser in seeding process [`96ba25e`](https://git.odit.services/lfk/backend/commit/96ba25ec6c6c397cd2aa322afa79024395f658fe)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a7fe1e1`](https://git.odit.services/lfk/backend/commit/a7fe1e175918edd7a98983ece570b47075e85e9a)
+- 🚀Bumped version to v0.8.0 [`c23b4d9`](https://git.odit.services/lfk/backend/commit/c23b4d907f20ed7af37a6de6ea4c61433e30b29b)
+- 🚀Bumped version to v0.9.0 [`56a5f41`](https://git.odit.services/lfk/backend/commit/56a5f4168621263daeab5d2fda97b944cdc6ab31)
+- Merge pull request 'Password security feature/99-password_checks' (#177) from feature/99-password_checks into dev [`5a3fc5b`](https://git.odit.services/lfk/backend/commit/5a3fc5b2bd06b3e26177d017d3503f4f627be3f2)
+- Added pw errors to user controller [`b24e24f`](https://git.odit.services/lfk/backend/commit/b24e24ff7dd75d972cdab0fd1e2fe6c532ca2b2f)
+- Now checking password rules on user creation [`5daaa3a`](https://git.odit.services/lfk/backend/commit/5daaa3a73c4eca2817d67e226679d125928a3645)
+- Now checking password rules on user update [`48a87e8`](https://git.odit.services/lfk/backend/commit/48a87e8936e13c48f4baa3f4b10f781ad2f55a44)
+- Fixed pw not getting hashed currectly; [`cb3ea9b`](https://git.odit.services/lfk/backend/commit/cb3ea9b1ebb82c650abd83d4be8629cfe29a5b21)
+- Added pw errors to me controller [`9ce35d8`](https://git.odit.services/lfk/backend/commit/9ce35d8eb78a01f40af8c70e640eca3bcb142304)
+- Now forceing user deletion in tests [`8154e71`](https://git.odit.services/lfk/backend/commit/8154e715bbf18938bd5d1031656a88d39231fa81)
+- Added password checker dependency [`bd00f4f`](https://git.odit.services/lfk/backend/commit/bd00f4f8d585fb6878874810f7de0b8b9f3950d5)
+- Fixed empty object getting called [`5369000`](https://git.odit.services/lfk/backend/commit/536900091afd7366128f21058490d0d4f15c6c89)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`03d76e6`](https://git.odit.services/lfk/backend/commit/03d76e6d0bc5b4655f7f441232681c9462815526)
+- Formatting [`b8c28eb`](https://git.odit.services/lfk/backend/commit/b8c28ebb0808395218b5fb9031f477ae1d48e65e)
+
+#### [v0.8.0](https://git.odit.services/lfk/backend/compare/v0.7.1...v0.8.0)
+
+> 26 March 2021
+
+- Merge pull request 'Release 0.8.0' (#176) from dev into main [`3f8e8ce`](https://git.odit.services/lfk/backend/commit/3f8e8ce3a66a943801c0c8e17885e71feeee744f)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`c9bd6de`](https://git.odit.services/lfk/backend/commit/c9bd6de4762fec04e1e02cd3b667838d05ef39a7)
+- Merge pull request 'Selfservice deletion feature/174-selfservice_deletion' (#175) from feature/174-selfservice_deletion into dev [`e702118`](https://git.odit.services/lfk/backend/commit/e702118d4d80e362e41bb88c74343d50530d1338)
+- Added tests for the new endpoint [`20aeed8`](https://git.odit.services/lfk/backend/commit/20aeed87780247dc6401bba725801fc1874e50b5)
+- Removed param from test [`97159dd`](https://git.odit.services/lfk/backend/commit/97159dd9f81aed080c174a3eb8da9e66dfea9b10)
+- Added selfservice deletion endpoint [`dcb12b0`](https://git.odit.services/lfk/backend/commit/dcb12b0ac289f8df148ba10ae6389727c16f53fd)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`88844e1`](https://git.odit.services/lfk/backend/commit/88844e1a44d87a7dc253bf9aedf2fb3f6cdd1cfe)
+- Fixed response bug [`ccb7ae2`](https://git.odit.services/lfk/backend/commit/ccb7ae29a39387c0f2762861565dc22996a2493a)
+- Updated old hint [`dd12583`](https://git.odit.services/lfk/backend/commit/dd1258333ef67243f8a8df97c176ec5a054a5e3b)
+
+#### [v0.7.1](https://git.odit.services/lfk/backend/compare/v0.7.0...v0.7.1)
+
+> 26 March 2021
+
+- Merge pull request 'Release 0.7.1' (#173) from dev into main [`e76a9ce`](https://git.odit.services/lfk/backend/commit/e76a9cef956b00de7bbb11b6d863d4f33e3d5a34)
+- Revert "Set timeout even higher b/c sqlite just kills itself during these tests" [`f159252`](https://git.odit.services/lfk/backend/commit/f159252651942e442026dbcaae09b242e05d8204)
+- Set timeout even higher b/c sqlite just kills itself during these tests [`6ab6099`](https://git.odit.services/lfk/backend/commit/6ab60998d4f716aded93bb3b5d15594fc5e0434a)
+- Adjusted jest timeout to mitigate sqlite from invalidateing all tests⏱ [`30d220b`](https://git.odit.services/lfk/backend/commit/30d220bc36a28f224406e49ed27ff3f6b4f409e9)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`963253c`](https://git.odit.services/lfk/backend/commit/963253cbc84ed07af13ed0925952ec1b7dcc53ad)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3ef3a94`](https://git.odit.services/lfk/backend/commit/3ef3a94b20c1abf6fd2f19472e5f448b4c72bd7f)
+- 🚀Bumped version to v0.7.1 [`135852e`](https://git.odit.services/lfk/backend/commit/135852eb9a91010a4ab972ba9efc7b71dfe4d68f)
+- Merge pull request 'RESPONSERUNNERCARD fix bugfix/171-responserunnercards' (#172) from bugfix/171-responserunnercards into dev [`539a650`](https://git.odit.services/lfk/backend/commit/539a6509b17cfd373eef8e443eaa7d41168ac7a9)
+- Now resolveing runnercards [`24aff3b`](https://git.odit.services/lfk/backend/commit/24aff3bac458a9886ca40163484bc72733dc766a)
+- Tests now keep the group [`f3d73d5`](https://git.odit.services/lfk/backend/commit/f3d73d53467a4d00011d280c24e1e12fbb8e443d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`ce63043`](https://git.odit.services/lfk/backend/commit/ce63043887769e1f92a8c064d6647e0deb81b7fa)
+
+#### [v0.7.0](https://git.odit.services/lfk/backend/compare/v0.6.4...v0.7.0)
+
+> 23 March 2021
+
+- Merge pull request 'Release 0.7.0' (#170) from dev into main [`e40017a`](https://git.odit.services/lfk/backend/commit/e40017a6b88d83d5bfc57ff4603abeaca7a9a37b)
+- Added bulk card creation tests [`438ff0f`](https://git.odit.services/lfk/backend/commit/438ff0fc3f246f83b1fa04cb11828f4a61dfcd1e)
+- Added new "bulk" endpoint [`c1bbda5`](https://git.odit.services/lfk/backend/commit/c1bbda51f067cbd9ac1a9a5378ae3f5d7b9f4eca)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`7a49e7c`](https://git.odit.services/lfk/backend/commit/7a49e7c5c98eb23af1cd0d2084914641e9a1bf90)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`e843a46`](https://git.odit.services/lfk/backend/commit/e843a464e747c0d41280484cb54495cb2de2a9e8)
+- 🚀Bumped version to v0.7.0 [`d0ae50d`](https://git.odit.services/lfk/backend/commit/d0ae50d5579e969ad33d6b9cfd66dac7fa472223)
+- Merge pull request 'Bulk card creation feature/168-runnercards_bulk' (#169) from feature/168-runnercards_bulk into dev [`1dd6420`](https://git.odit.services/lfk/backend/commit/1dd64204cc63fb1a8a4a4aa503c21da42945eafd)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`4705a39`](https://git.odit.services/lfk/backend/commit/4705a39aabaad894d332a5062df03840c23c6bfa)
+
+#### [v0.6.4](https://git.odit.services/lfk/backend/compare/v0.6.3...v0.6.4)
+
+> 19 March 2021
+
+- Merge pull request 'Release 0.6.4' (#167) from dev into main [`4d721f6`](https://git.odit.services/lfk/backend/commit/4d721f62d9a5f6a1361ef2811a3a2ff63011b2ad)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`b0328ff`](https://git.odit.services/lfk/backend/commit/b0328ffdaffc8ef2e6e01e808c29748f58f42cac)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`cc6568c`](https://git.odit.services/lfk/backend/commit/cc6568c3810fed3ff2597df0db73a6ca9e072413)
+- 🚀Bumped version to v0.6.4 [`031cede`](https://git.odit.services/lfk/backend/commit/031cede5426742dc3c2b9dc6b049951d7c14871c)
+- Adjsuted endpoint [`3c69f8c`](https://git.odit.services/lfk/backend/commit/3c69f8c4a824e588977b06dbb45119cccb03c6bc)
+
+#### [v0.6.3](https://git.odit.services/lfk/backend/compare/v0.6.2...v0.6.3)
+
+> 18 March 2021
+
+- Merge pull request 'Release 0.6.3' (#165) from dev into main [`a3a1395`](https://git.odit.services/lfk/backend/commit/a3a1395a46d7970cff1b8cc2e84306a97791ed88)
+- The basic bugfix 🐞 [`fbdadbe`](https://git.odit.services/lfk/backend/commit/fbdadbef1f9eb835e1914e8d3770cca836b4c443)
+- The basic bugfix 🐞 [`c87c97c`](https://git.odit.services/lfk/backend/commit/c87c97c90f5e1229f92671b1f2ebe1fa0d2307cd)
+- Updated tests 🧪 [`f347b7a`](https://git.odit.services/lfk/backend/commit/f347b7ad4982ed3760117c08e11dca5c3f72d495)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3f9a704`](https://git.odit.services/lfk/backend/commit/3f9a7049e31a6948125a07e847233b804f27ba31)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`b08acc6`](https://git.odit.services/lfk/backend/commit/b08acc666035ed766cc6ccfa9a410a54db4d7321)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a6bca59`](https://git.odit.services/lfk/backend/commit/a6bca59ffe06a37f03af21500c442cebeaa74c7e)
+- 🚀Bumped version to v0.6.3 [`7a303c2`](https://git.odit.services/lfk/backend/commit/7a303c2b2c267d6dd566b1470649e65bc1c1b2ee)
+- Merge pull request 'TrackScan Update bug 🐞bugfix/163-trackscan_updates' (#164) from bugfix/163-trackscan_updates into dev [`6249419`](https://git.odit.services/lfk/backend/commit/6249419fae22e0203c046c1a3cd82c07f94f510c)
+
+#### [v0.6.2](https://git.odit.services/lfk/backend/compare/v0.6.1...v0.6.2)
+
+> 17 March 2021
+
+- Merge pull request 'Release 0.6.2' (#162) from dev into main [`732a1b8`](https://git.odit.services/lfk/backend/commit/732a1b88d916720ea82cd4b192fc696640ade2aa)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`fcb43f9`](https://git.odit.services/lfk/backend/commit/fcb43f92b0b7a8fa2ed3772357c3eab8e6564eef)
+- Fixed trackscan vaildation [`a8ea4fa`](https://git.odit.services/lfk/backend/commit/a8ea4fa659732ca2c922fc3c75d2238be2feb5c7)
+- Added comments✏ [`289f9e2`](https://git.odit.services/lfk/backend/commit/289f9e219692789f86c631f52c67b578216acb48)
+- Added comments✏ [`937a9fa`](https://git.odit.services/lfk/backend/commit/937a9fad4d8914b83fc6300f776c0720b756a9f4)
+- Removed duplicate openapi declarations 🗑 [`c8882ae`](https://git.odit.services/lfk/backend/commit/c8882ae6a18188a9c98a237dd594548ebac6f460)
+- Now defining security per endpoint 🔐 [`d709ee7`](https://git.odit.services/lfk/backend/commit/d709ee74795b785599cda50b4351bd566a0b8573)
+- Changed the method of getting a parameter from the headers🛠 [`1d38d30`](https://git.odit.services/lfk/backend/commit/1d38d308ad8ae00d67c2b807b584da4f00bd9a58)
+- Now auto-etting the station token🔥🔥🔥 [`aae042c`](https://git.odit.services/lfk/backend/commit/aae042c041e325626b89b146d005e900bd880453)
+- Marked station as optional (quality of life improvements incoming) [`1f32ed0`](https://git.odit.services/lfk/backend/commit/1f32ed0727cb1117e5d201b5530b2f2d7f0323d8)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`4c960fe`](https://git.odit.services/lfk/backend/commit/4c960feeb22f819d1c618ced73f5799a3c7e4f00)
+- Fixed missing renameing🛠 [`0ed7f78`](https://git.odit.services/lfk/backend/commit/0ed7f78b2c284909d47fa0533424c279adef0ba3)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`c1dd451`](https://git.odit.services/lfk/backend/commit/c1dd4518d128edd8b8e36981a513744471241a25)
+- 🚀Bumped version to v0.6.2 [`5ba8f1d`](https://git.odit.services/lfk/backend/commit/5ba8f1dd4451c1a1b38fdd36cf632c9e6efa829c)
+- Merge pull request 'Bugfixes for trackscans feature/160-responseTrackScan_total_distance' (#161) from feature/160-responseTrackScan_total_distance into dev [`3d3790c`](https://git.odit.services/lfk/backend/commit/3d3790c2eb6a92bb5b1d2c7e44c75aef4e1b015f)
+- Fixed wrong error type 👀👀 [`1fa3fa7`](https://git.odit.services/lfk/backend/commit/1fa3fa75ee447b9919585e02c7997e3f1de9c8a7)
+- Added missing discription [`673e896`](https://git.odit.services/lfk/backend/commit/673e896aa3dc853b301a2e560e785c464a449b6f)
+
+#### [v0.6.1](https://git.odit.services/lfk/backend/compare/v0.6.0...v0.6.1)
+
+> 17 March 2021
+
+#### [v0.6.0](https://git.odit.services/lfk/backend/compare/v0.5.0...v0.6.0)
+
+> 17 March 2021
+
+- Merge pull request 'Release v0.6.0' (#159) from dev into main [`bdc7bb6`](https://git.odit.services/lfk/backend/commit/bdc7bb67e7e21769d95a762c3b6dfbf82e7e38d0)
+- 📖New license file version [CI SKIP] [skip ci] [`5f5c8a0`](https://git.odit.services/lfk/backend/commit/5f5c8a061eb94361e4cd02e9a6469194a9092513)
+- As requested by @philpp [`2cb7ec7`](https://git.odit.services/lfk/backend/commit/2cb7ec7317d8a48364261506facb2c11c7cf895f)
+- Updated ci with new kubernetes secrets 🚀🚀🚀 [`5541ae6`](https://git.odit.services/lfk/backend/commit/5541ae6ebd7f36f4482ae752f358102a18b95de0)
+- Added selfservice forgott positive tests [`bf1ec97`](https://git.odit.services/lfk/backend/commit/bf1ec976e3732b6ac052a55a51ee2ee18a8b1d3d)
+- Added all "negative" tests [`d0a7e34`](https://git.odit.services/lfk/backend/commit/d0a7e34de8095fca282adefff01fa5f72e7cdba3)
+- Added mailer functions [`8376513`](https://git.odit.services/lfk/backend/commit/83765136ccacd82ba6a8f9fb43eed78191ee0aa5)
+- Added tests for the new endpoint [`757332e`](https://git.odit.services/lfk/backend/commit/757332ed2b3325d8730ef1b284ac6ba40356df93)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`e4ed20d`](https://git.odit.services/lfk/backend/commit/e4ed20da3e0a9e32a2e4664d50f316f9131564f0)
+- Added first selfservice forgotten test [`a95a9b4`](https://git.odit.services/lfk/backend/commit/a95a9b4ec4a3012a91f6f622cfb9f5bff3376344)
+- Created basic endpoint for user forgotten mails [`d709971`](https://git.odit.services/lfk/backend/commit/d7099717c2eee8aaf1b580345717cc5acc06dbd2)
+- Implemented the "real" errors [`e26b7d4`](https://git.odit.services/lfk/backend/commit/e26b7d4923777a3013368e29c122709de7e1d9da)
+- Runner controller now uses the Mailer functions [`a343747`](https://git.odit.services/lfk/backend/commit/a3437475caf6b435ae4bdf6d48aeb7da7d43b25f)
+- Added scanstation me endpoint [`c5178e0`](https://git.odit.services/lfk/backend/commit/c5178e01814cedaa4402773b10f24d186714c1d2)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`54988ba`](https://git.odit.services/lfk/backend/commit/54988ba0fe012ce87d44c9068f7546a9be73723c)
+- Added last reset requested timestamp to runners [`66d6023`](https://git.odit.services/lfk/backend/commit/66d6023335c7a9d1a145c4189b610940ef5a525a)
+- Scanauth return objects [`46b7ace`](https://git.odit.services/lfk/backend/commit/46b7aceb0b86b03688faf0ec6661e4c9fbc6115c)
+- Revert "Switched normal images to chached registry" [`ca6fa63`](https://git.odit.services/lfk/backend/commit/ca6fa633a156a265d8f643a5f23090b6ab32260d)
+- Switched normal images to chached registry [`cba4455`](https://git.odit.services/lfk/backend/commit/cba4455d53f9a39b6f9993c36b5abd281201dfa1)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a7958ee`](https://git.odit.services/lfk/backend/commit/a7958eecd65116ab937f640cbebcae1962cb86c8)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`076aa87`](https://git.odit.services/lfk/backend/commit/076aa87dba1d6fc544e76c16f99c64d37fc82ea0)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`486e450`](https://git.odit.services/lfk/backend/commit/486e450a58d3671dc867ae1a99d052d9fe814c1a)
+- Updated request timeout [`ffcd45e`](https://git.odit.services/lfk/backend/commit/ffcd45e5724fccdec9b1dbc48f1320525dcd7288)
+- Added testing env check [`3f37212`](https://git.odit.services/lfk/backend/commit/3f372123fd2e1fae467e9cb20985de1eeb9f6a57)
+- 🚀Bumped version to v0.6.1 [`ce3ca9f`](https://git.odit.services/lfk/backend/commit/ce3ca9f1c86a6fe72e4dd77e3a0d60bf1e1bf542)
+- 🚀Bumped version to v0.6.0 [`623b5a1`](https://git.odit.services/lfk/backend/commit/623b5a1873afa73a984251543995b7da1cfdb5c9)
+- Merge pull request 'Scanstation "me" endpoint feature/157-scanstation_me' (#158) from feature/157-scanstation_me into dev [`13e8399`](https://git.odit.services/lfk/backend/commit/13e839902c063057e902fdb52b403be081d1667e)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a1a94ec`](https://git.odit.services/lfk/backend/commit/a1a94ec9dafecd9b4c453cc8cfe32c2e90acccf5)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`d5930f7`](https://git.odit.services/lfk/backend/commit/d5930f7c46f4fc8ed56b6eeec9f784d435fd3b2b)
+- Changed ci pipeline type to kubernetes [`6c43872`](https://git.odit.services/lfk/backend/commit/6c43872198c3dba44b3af3a7cfc7b628d5b304a3)
+- Mailer now ignores mailing erros when env is set to test [`6bb3ae8`](https://git.odit.services/lfk/backend/commit/6bb3ae8ba992bd6c4d5809d75a264c710999cdcf)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`bf71e35`](https://git.odit.services/lfk/backend/commit/bf71e35ecd333d888d63213d69b04fc681a9d0bd)
+- Adjusted tests for the new testing env [`9292027`](https://git.odit.services/lfk/backend/commit/92920273bec409563d1e38ea27f4d30f893598e8)
+- Applied Docker MTU fix 🛠 [`f7af777`](https://git.odit.services/lfk/backend/commit/f7af77710421d7aae5efb048e0622cd067fc20eb)
+- Updated description [`94001a4`](https://git.odit.services/lfk/backend/commit/94001a48f1b314e91ea5ec982e5585124f9541b6)
+- Now adding station id to headers of request for scan auth [`8ba7ee1`](https://git.odit.services/lfk/backend/commit/8ba7ee1d481e44e686489e237980b21aaaf6071c)
+- Merge pull request 'selfservice forgotten mails feature/154-selfservice_forgotten' (#155) from feature/154-selfservice_forgotten into dev [`cb6e78f`](https://git.odit.services/lfk/backend/commit/cb6e78fc176ec9efe94311b64286020b3c5bf633)
+- Changed endpoint url to avoid conflicts [`e5dab34`](https://git.odit.services/lfk/backend/commit/e5dab3469c3cef6298fc8deb1192a38f7d18406b)
+- Added console logging when a testing env get's discovered [`c01233b`](https://git.odit.services/lfk/backend/commit/c01233b4d663aefece26dbb86f8b6bcd5c916325)
+- Added not found error logic [`e7f0cb4`](https://git.odit.services/lfk/backend/commit/e7f0cb45c9ac3aa06e2a57786aa1cc51c9d66598)
+- Updated to new responsetype [`08957d4`](https://git.odit.services/lfk/backend/commit/08957d4dc2951cfeec56a54680c2ae4ef1525ab2)
+- Added readme description for testing env [`cedc175`](https://git.odit.services/lfk/backend/commit/cedc1750c21ad256c3337f293f06e894e2c2ef9f)
+- Renamed test [`1d762f5`](https://git.odit.services/lfk/backend/commit/1d762f56628eff47f4e1a910c7152bd0158283bd)
+
 #### [v0.5.0](https://git.odit.services/lfk/backend/compare/v0.4.6...v0.5.0)
 
+> 4 March 2021
+
+- Merge pull request 'Alpha Release 0.5.0' (#153) from dev into main [`64da0ea`](https://git.odit.services/lfk/backend/commit/64da0eadb313f3bd3ae20a66bcaf4401528008d9)
 - Removed mail templates [`c2fdfee`](https://git.odit.services/lfk/backend/commit/c2fdfeed4f5fc454b02bc4b198965889c173bbaa)
 - Removed mail config [`0342757`](https://git.odit.services/lfk/backend/commit/0342757d929b12635c88e74f17495df656865b1a)
 - Added selfservice scan response class [`6074ac5`](https://git.odit.services/lfk/backend/commit/6074ac5b3a8e43fd98394c1fb70c6e1dea8fcd5e)
 - Removed old mailer code [`0fcc729`](https://git.odit.services/lfk/backend/commit/0fcc729b56430f0fdb56242857aa1d883d5a4866)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`5272829`](https://git.odit.services/lfk/backend/commit/52728290b477d3f90ee7c14e0d438c4c74415322)
 - Added the new mailer code [`1551a44`](https://git.odit.services/lfk/backend/commit/1551a444babc025cde6e894c66d2be2c84ab26da)
 - Removed (now useless) mail controller [`485c247`](https://git.odit.services/lfk/backend/commit/485c247cd3305c4c4422d5582b1d61cc7af84989)
 - Trackscans now have a laptime that get's calculated on creation [`aa83373`](https://git.odit.services/lfk/backend/commit/aa833736d32993b1656abeeb02a4f8b021ec6252)
@@ -23,11 +236,11 @@ All notable changes to this project will be documented in this file. Dates are d
 - Updated auth reset test for new mailer [`ae7d617`](https://git.odit.services/lfk/backend/commit/ae7d6176902699f82ea127194908ee360233e7b4)
 - Added scans returns 200 test [`82c65b6`](https://git.odit.services/lfk/backend/commit/82c65b632cdf44165b083494702b836c74e46a41)
 - 🚀Bumped version to v0.4.7 [`f1d85cf`](https://git.odit.services/lfk/backend/commit/f1d85cfb855c2aae581ade69751b3969ce38f020)
+- Now generateing bs mailer config in test env [`bf6b701`](https://git.odit.services/lfk/backend/commit/bf6b70106eb735d9ad6f6ad89f09194680af5ae1)
 - Added new mailer settings to config [`ddea02d`](https://git.odit.services/lfk/backend/commit/ddea02db574cc348685558f3fa3ecc84adbd6b65)
-- 🧾New changelog file version [CI SKIP] [skip ci] [`be397c8`](https://git.odit.services/lfk/backend/commit/be397c8899d5b4406c17e8f9951555c54f852901)
 - 🚀Bumped version to v0.5.0 [`3f2a2d2`](https://git.odit.services/lfk/backend/commit/3f2a2d292979c7f8162d92465b60b220f2634e7a)
 - Merge pull request 'Features for the new selfservice feature/151-selfservice_scans_mails' (#152) from feature/151-selfservice_scans_mails into dev [`15356c1`](https://git.odit.services/lfk/backend/commit/15356c1030988d03e3739f3ffe770669789759f2)
-- Now generateing bs mailer config in test env [`bf6b701`](https://git.odit.services/lfk/backend/commit/bf6b70106eb735d9ad6f6ad89f09194680af5ae1)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`be397c8`](https://git.odit.services/lfk/backend/commit/be397c8899d5b4406c17e8f9951555c54f852901)
 - Promoted axios to dependency [`a9e06c9`](https://git.odit.services/lfk/backend/commit/a9e06c905537b6da24706389e304e825a33a28ad)
 - Removed nodemailer from backend [`5833f42`](https://git.odit.services/lfk/backend/commit/5833f4218f9a4c97b69021814df92470a1816917)
 - Added another resonse type [`030b225`](https://git.odit.services/lfk/backend/commit/030b2255d42aab21d8974fc3a7235285934d53b7)

README.md

@@ -60,7 +60,7 @@ yarn docs
 | DB_USER | String | N/A | The user for accessing the db
 | DB_PASSWORD | String | N/A | The user's password for accessing the db
 | DB_NAME | String | N/A | The db's name
-| NODE_ENV | String | dev | The apps env - influences debug info.
+| NODE_ENV | String | dev | The apps env - influences debug info. Also when the env is set to "test", mailing errors get ignored.
 | POSTALCODE_COUNTRYCODE | String/CountryCode | N/A | The countrycode used to validate address's postal codes
 | PHONE_COUNTRYCODE | String/CountryCode | null (international) | The countrycode used to validate phone numers
 | SEED_TEST_DATA | Boolean | False | If you want the app to seed some example data set this to true

licenses.md

@@ -57,6 +57,33 @@ SOFTWARE.
 
  
 
+# axios
+**Author**: Matt Zabriskie
+**Repo**: [object Object]
+**License**: MIT
+**Description**: Promise based HTTP client for the browser and node.js
+## License Text
+Copyright (c) 2014-present Matt Zabriskie
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+ 
+
 # body-parser
 **Author**: undefined
 **Repo**: expressjs/body-parser
@@ -88,6 +115,35 @@ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  
 
+# check-password-strength
+**Author**: deanilvincent
+**Repo**: [object Object]
+**License**: MIT
+**Description**: A NPM Password strength checker based from Javascript RegExp. Check passphrase if it's "Weak", "Medium" or "Strong"
+## License Text
+MIT License
+
+Copyright (c) 2020 Mark Deanil Vicente
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+ 
+
 # class-transformer
 **Author**: [object Object]
 **Repo**: [object Object]
@@ -390,30 +446,6 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 ## License Text
  
 
-# nodemailer
-**Author**: Andris Reinman
-**Repo**: [object Object]
-**License**: MIT
-**Description**: Easy as cake e-mail sending from your Node.js applications
-## License Text
-Copyright (c) 2011-2019 Andris Reinman
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
- 
-
 # pg
 **Author**: Brian Carlson <brian.m.carlson@gmail.com>
 **Repo**: [object Object]
@@ -865,35 +897,6 @@ OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
     SOFTWARE
  
 
-# @types/nodemailer
-**Author**: undefined
-**Repo**: [object Object]
-**License**: MIT
-**Description**: TypeScript definitions for Nodemailer
-## License Text
-    MIT License
-
-    Copyright (c) Microsoft Corporation. All rights reserved.
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE
- 
-
 # @types/uuid
 **Author**: undefined
 **Repo**: [object Object]
@@ -923,33 +926,6 @@ OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
     SOFTWARE
  
 
-# axios
-**Author**: Matt Zabriskie
-**Repo**: [object Object]
-**License**: MIT
-**Description**: Promise based HTTP client for the browser and node.js
-## License Text
-Copyright (c) 2014-present Matt Zabriskie
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
- 
-
 # cp-cli
 **Author**: undefined
 **Repo**: [object Object]

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@odit/lfk-backend",
-  "version": "0.5.0",
+  "version": "0.10.0",
   "main": "src/app.ts",
   "repository": "https://git.odit.services/lfk/backend",
   "author": {
@@ -26,6 +26,7 @@
     "argon2": "^0.27.1",
     "axios": "^0.21.1",
     "body-parser": "^1.19.0",
+    "check-password-strength": "^2.0.2",
     "class-transformer": "0.3.1",
     "class-validator": "^0.13.1",
     "consola": "^2.15.0",

scripts/create_testenv.ts

@@ -10,7 +10,7 @@ DB_PORT=bla
 DB_USER=bla
 DB_PASSWORD=bla
 DB_NAME=./test.sqlite
-NODE_ENV=dev
+NODE_ENV=test
 POSTALCODE_COUNTRYCODE=DE
 SEED_TEST_DATA=true
 MAILER_URL=https://dev.lauf-fuer-kaya.de/mailer

src/app.ts

@@ -20,6 +20,9 @@ const app = createExpressServer({
 
 async function main() {
   await loaders(app);
+  if (config.testing) {
+    consola.info("🛠[config]: Discovered testing env. Mailing errors will get ignored!")
+  }
   app.listen(config.internal_port, () => {
     consola.success(
       `⚡️[server]: Server is running at http://localhost:${config.internal_port}`

src/config.ts

@@ -6,6 +6,7 @@ configDotenv();
 export const config = {
     internal_port: parseInt(process.env.APP_PORT) || 4010,
     development: process.env.NODE_ENV === "production",
+    testing: process.env.NODE_ENV === "test",
     jwt_secret: process.env.JWT_SECRET || "secretjwtsecret",
     phone_validation_countrycode: getPhoneCodeLocale(),
     postalcode_validation_countrycode: getPostalCodeLocale(),

src/controllers/AuthController.ts

@@ -87,7 +87,7 @@ export class AuthController {
 	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UsernameOrEmailNeededError, { statusCode: 406 })
 	@ResponseSchema(MailSendingError, { statusCode: 500 })
-	@OpenAPI({ description: "Request a password reset token. <br> This will provide you with a reset token that you can use by posting to /api/auth/reset/{token}." })
+	@OpenAPI({ description: "Request a password reset token. <br> This will provide you with a reset token that you can use by posting to /api/auth/reset/{token}.", parameters: [{ in: "query", name: "locale", schema: { type: "string", enum: ["de", "en"] } }] })
 	async getResetToken(@Body({ validate: true }) passwordReset: CreateResetToken, @QueryParam("locale") locale: string = "en") {
 		const reset_token: string = await passwordReset.toResetToken();
 		await Mailer.sendResetMail(passwordReset.email, reset_token, locale);

src/controllers/MeController.ts

@@ -1,7 +1,7 @@
 import { Body, CurrentUser, Delete, Get, JsonController, OnUndefined, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
 import { getConnectionManager, Repository } from 'typeorm';
-import { UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
 import { UpdateUser } from '../models/actions/update/UpdateUser';
 import { User } from '../models/entities/User';
 import { ResponseUser } from '../models/responses/ResponseUser';
@@ -32,7 +32,7 @@ export class MeController {
 		return new ResponseUser(user);
 	}
 
-	@Get('/')
+	@Get('/permissions')
 	@ResponseSchema(ResponseUserPermissions)
 	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
 	@OnUndefined(UserNotFoundError)
@@ -48,6 +48,10 @@ export class MeController {
 	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UserIdsNotMatchingError, { statusCode: 406 })
 	@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainUppercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainLowercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainNumberError, { statusCode: 406 })
+	@ResponseSchema(PasswordTooShortError, { statusCode: 406 })
 	@OpenAPI({ description: "Update the yourself. <br> You can't edit your own permissions or group memberships here - Please use the /api/users/:id enpoint instead. <br> Please remember that ids can't be changed." })
 	async put(@CurrentUser() currentUser: User, @Body({ validate: true }) updateUser: UpdateUser) {
 		let oldUser = await this.userRepository.findOne({ id: currentUser.id }, { relations: ['groups'] });

src/controllers/RunnerCardController.ts

@@ -28,7 +28,7 @@ export class RunnerCardController {
 	@OpenAPI({ description: 'Lists all card.' })
 	async getAll() {
 		let responseCards: ResponseRunnerCard[] = new Array<ResponseRunnerCard>();
-		const cards = await this.cardRepository.find({ relations: ['runner'] });
+		const cards = await this.cardRepository.find({ relations: ['runner', 'runner.group', 'runner.group.parentGroup'] });
 		cards.forEach(card => {
 			responseCards.push(new ResponseRunnerCard(card));
 		});
@@ -42,11 +42,36 @@ export class RunnerCardController {
 	@OnUndefined(RunnerCardNotFoundError)
 	@OpenAPI({ description: "Lists all information about the card whose id got provided." })
 	async getOne(@Param('id') id: number) {
-		let card = await this.cardRepository.findOne({ id: id }, { relations: ['runner'] });
+		let card = await this.cardRepository.findOne({ id: id }, { relations: ['runner', 'runner.group', 'runner.group.parentGroup'] });
 		if (!card) { throw new RunnerCardNotFoundError(); }
 		return card.toResponse();
 	}
 
+	@Post('/bulk')
+	@Authorized("CARD:CREATE")
+	@ResponseSchema(ResponseEmpty, { statusCode: 200 })
+	@OpenAPI({ description: "Create blank cards in bulk. <br> Just provide the count as a query param and wait for the 200 response. <br> You can provide the 'returnCards' query param if you want to receive the RESPONSERUNNERCARD objects in the response." })
+	async postBlancoBulk(@QueryParam("count") count: number, @QueryParam("returnCards") returnCards: boolean = false) {
+		let createPromises = new Array<any>();
+		for (let index = 0; index < count; index++) {
+			createPromises.push(this.cardRepository.save({ runner: null, enabled: true }))
+		}
+
+		const cards = await Promise.all(createPromises);
+
+		if (returnCards) {
+			let responseCards: ResponseRunnerCard[] = new Array<ResponseRunnerCard>();
+			for await (let card of cards) {
+				let dbCard = await this.cardRepository.findOne({ id: card.id });
+				responseCards.push(new ResponseRunnerCard(dbCard));
+			}
+			return responseCards;
+		}
+		let response = new ResponseEmpty();
+		response.response = `Created ${count} new blanco cards.`
+		return response;
+	}
+
 	@Post()
 	@Authorized("CARD:CREATE")
 	@ResponseSchema(ResponseRunnerCard)
@@ -55,7 +80,7 @@ export class RunnerCardController {
 	async post(@Body({ validate: true }) createCard: CreateRunnerCard) {
 		let card = await createCard.toEntity();
 		card = await this.cardRepository.save(card);
-		return (await this.cardRepository.findOne({ id: card.id }, { relations: ['runner'] })).toResponse();
+		return (await this.cardRepository.findOne({ id: card.id }, { relations: ['runner', 'runner.group', 'runner.group.parentGroup'] })).toResponse();
 	}
 
 	@Put('/:id')
@@ -77,7 +102,7 @@ export class RunnerCardController {
 		}
 
 		await this.cardRepository.save(await card.update(oldCard));
-		return (await this.cardRepository.findOne({ id: id }, { relations: ['runner'] })).toResponse();
+		return (await this.cardRepository.findOne({ id: id }, { relations: ['runner', 'runner.group', 'runner.group.parentGroup'] })).toResponse();
 	}
 
 	@Delete('/:id')

src/controllers/RunnerSelfServiceController.ts

@@ -1,26 +1,37 @@
+import { Request } from "express";
 import * as jwt from "jsonwebtoken";
-import { Body, Get, JsonController, OnUndefined, Param, Post } from 'routing-controllers';
+import { Body, Delete, Get, JsonController, OnUndefined, Param, Post, QueryParam, Req, UseBefore } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
 import { getConnectionManager, Repository } from 'typeorm';
 import { config } from '../config';
 import { InvalidCredentialsError, JwtNotProvidedError } from '../errors/AuthError';
-import { RunnerEmailNeededError, RunnerNotFoundError } from '../errors/RunnerErrors';
+import { MailSendingError } from '../errors/MailErrors';
+import { RunnerEmailNeededError, RunnerHasDistanceDonationsError, RunnerNotFoundError, RunnerSelfserviceTimeoutError } from '../errors/RunnerErrors';
 import { RunnerOrganizationNotFoundError } from '../errors/RunnerOrganizationErrors';
+import { ScanStationNotFoundError } from '../errors/ScanStationErrors';
 import { JwtCreator } from '../jwtcreator';
+import { Mailer } from '../mailer';
+import ScanAuth from '../middlewares/ScanAuth';
 import { CreateSelfServiceCitizenRunner } from '../models/actions/create/CreateSelfServiceCitizenRunner';
 import { CreateSelfServiceRunner } from '../models/actions/create/CreateSelfServiceRunner';
 import { Runner } from '../models/entities/Runner';
 import { RunnerGroup } from '../models/entities/RunnerGroup';
 import { RunnerOrganization } from '../models/entities/RunnerOrganization';
+import { ScanStation } from '../models/entities/ScanStation';
+import { ResponseEmpty } from '../models/responses/ResponseEmpty';
+import { ResponseScanStation } from '../models/responses/ResponseScanStation';
 import { ResponseSelfServiceOrganisation } from '../models/responses/ResponseSelfServiceOrganisation';
 import { ResponseSelfServiceRunner } from '../models/responses/ResponseSelfServiceRunner';
 import { ResponseSelfServiceScan } from '../models/responses/ResponseSelfServiceScan';
-
+import { DonationController } from './DonationController';
+import { RunnerCardController } from './RunnerCardController';
+import { ScanController } from './ScanController';
 
 @JsonController()
 export class RunnerSelfServiceController {
 	private runnerRepository: Repository<Runner>;
 	private orgRepository: Repository<RunnerOrganization>;
+	private stationRepository: Repository<ScanStation>;
 
 	/**
 	 * Gets the repository of this controller's model/entity.
@@ -28,17 +39,57 @@ export class RunnerSelfServiceController {
 	constructor() {
 		this.runnerRepository = getConnectionManager().get().getRepository(Runner);
 		this.orgRepository = getConnectionManager().get().getRepository(RunnerOrganization);
+		this.stationRepository = getConnectionManager().get().getRepository(ScanStation);
 	}
 
 	@Get('/runners/me/:jwt')
 	@ResponseSchema(ResponseSelfServiceRunner)
 	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
 	@OnUndefined(RunnerNotFoundError)
-	@OpenAPI({ description: 'Lists all information about yourself. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please contact support.' })
+	@OpenAPI({ description: 'Lists all information about yourself. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please use the forgot endpoint.' })
 	async get(@Param('jwt') token: string) {
 		return (new ResponseSelfServiceRunner(await this.getRunner(token)));
 	}
 
+	@Delete('/runners/me/:jwt')
+	@ResponseSchema(ResponseSelfServiceRunner)
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OnUndefined(RunnerNotFoundError)
+	@OpenAPI({ description: 'Deletes all information about yourself. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please use the forgot endpoint.' })
+	async remove(@Param('jwt') token: string, @QueryParam("force") force: boolean) {
+		const responseRunner = await this.getRunner(token);
+		let runner = await this.runnerRepository.findOne({ id: responseRunner.id });
+
+		if (!runner) { return null; }
+		if (!runner) {
+			throw new RunnerNotFoundError();
+		}
+
+		const runnerDonations = (await this.runnerRepository.findOne({ id: runner.id }, { relations: ["distanceDonations"] })).distanceDonations;
+		if (runnerDonations.length > 0 && !force) {
+			throw new RunnerHasDistanceDonationsError();
+		}
+		const donationController = new DonationController();
+		for (let donation of runnerDonations) {
+			await donationController.remove(donation.id, force);
+		}
+
+		const runnerCards = (await this.runnerRepository.findOne({ id: runner.id }, { relations: ["cards"] })).cards;
+		const cardController = new RunnerCardController;
+		for (let card of runnerCards) {
+			await cardController.remove(card.id, force);
+		}
+
+		const runnerScans = (await this.runnerRepository.findOne({ id: runner.id }, { relations: ["scans"] })).scans;
+		const scanController = new ScanController;
+		for (let scan of runnerScans) {
+			await scanController.remove(scan.id, force);
+		}
+
+		await this.runnerRepository.delete(runner);
+		return new ResponseSelfServiceRunner(responseRunner);
+	}
+
 	@Get('/runners/me/:jwt/scans')
 	@ResponseSchema(ResponseSelfServiceScan, { isArray: true })
 	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
@@ -53,24 +104,69 @@ export class RunnerSelfServiceController {
 		return responseScans;
 	}
 
+	@Get('/stations/me')
+	@UseBefore(ScanAuth)
+	@ResponseSchema(ResponseScanStation)
+	@ResponseSchema(ScanStationNotFoundError, { statusCode: 404 })
+	@OnUndefined(ScanStationNotFoundError)
+	@OpenAPI({ description: 'Lists basic information about the station whose token got provided. <br> This includes it\'s associated track.', security: [{ "StationApiToken": [] }] })
+	async getStationMe(@Req() req: Request) {
+		let scan = await this.stationRepository.findOne({ id: parseInt(req.headers["station_id"].toString()) }, { relations: ['track'] })
+		if (!scan) { throw new ScanStationNotFoundError(); }
+		return scan.toResponse();
+	}
+
+	@Post('/runners/forgot')
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OnUndefined(ResponseEmpty)
+	@OpenAPI({ description: 'Use this endpoint to reuqest a new selfservice token/link to be sent to your mail address (rate limited to one mail every 24hrs).', parameters: [{ in: "query", name: "locale", schema: { type: "string", enum: ["de", "en"] } }] })
+	async requestNewToken(@QueryParam('mail') mail: string, @QueryParam("locale") locale: string = "en") {
+		if (!mail) {
+			throw new RunnerNotFoundError();
+		}
+		const runner = await this.runnerRepository.findOne({ email: mail });
+		if (!runner) { throw new RunnerNotFoundError(); }
+
+		if (runner.resetRequestedTimestamp > (Math.floor(Date.now() / 1000) - 60 * 60 * 24)) { throw new RunnerSelfserviceTimeoutError(); }
+		const token = JwtCreator.createSelfService(runner);
+
+		try {
+			await Mailer.sendSelfserviceForgottenMail(runner.email, token, locale)
+		} catch (error) {
+			throw new MailSendingError();
+		}
+
+		runner.resetRequestedTimestamp = Math.floor(Date.now() / 1000);
+		await this.runnerRepository.save(runner);
+
+		return { token };
+	}
+
 	@Post('/runners/register')
 	@ResponseSchema(ResponseSelfServiceRunner)
 	@ResponseSchema(RunnerEmailNeededError, { statusCode: 406 })
-	@OpenAPI({ description: 'Create a new selfservice runner in the citizen org. <br> This endpoint shoud be used to allow "everyday citizen" to register themselves. <br> You have to provide a mail address, b/c the future we\'ll implement email verification.' })
-	async registerRunner(@Body({ validate: true }) createRunner: CreateSelfServiceCitizenRunner) {
+	@OpenAPI({ description: 'Create a new selfservice runner in the citizen org. <br> This endpoint shoud be used to allow "everyday citizen" to register themselves. <br> You have to provide a mail address, b/c the future we\'ll implement email verification.', parameters: [{ in: "query", name: "locale", schema: { type: "string", enum: ["de", "en"] } }] })
+	async registerRunner(@Body({ validate: true }) createRunner: CreateSelfServiceCitizenRunner, @QueryParam("locale") locale: string = "en") {
 		let runner = await createRunner.toEntity();
 
 		runner = await this.runnerRepository.save(runner);
 		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
 		response.token = JwtCreator.createSelfService(runner);
+
+		try {
+			await Mailer.sendSelfserviceWelcomeMail(runner.email, response.token, locale)
+		} catch (error) {
+			throw new MailSendingError();
+		}
+
 		return response;
 	}
 
 	@Post('/runners/register/:token')
 	@ResponseSchema(ResponseSelfServiceRunner)
 	@ResponseSchema(RunnerOrganizationNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: 'Create a new selfservice runner in a provided org. <br> The orgs get provided and authorized via api tokens that can be optained via the /organizations endpoint.' })
-	async registerOrganizationRunner(@Param('token') token: string, @Body({ validate: true }) createRunner: CreateSelfServiceRunner) {
+	@OpenAPI({ description: 'Create a new selfservice runner in a provided org. <br> The orgs get provided and authorized via api tokens that can be optained via the /organizations endpoint.', parameters: [{ in: "query", name: "locale", schema: { type: "string", enum: ["de", "en"] } }] })
+	async registerOrganizationRunner(@Param('token') token: string, @Body({ validate: true }) createRunner: CreateSelfServiceRunner, @QueryParam("locale") locale: string = "en") {
 		const org = await this.getOrgansisation(token);
 
 		let runner = await createRunner.toEntity(org);
@@ -78,6 +174,13 @@ export class RunnerSelfServiceController {
 
 		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
 		response.token = JwtCreator.createSelfService(runner);
+
+		try {
+			await Mailer.sendSelfserviceWelcomeMail(runner.email, response.token, locale)
+		} catch (error) {
+			throw new MailSendingError();
+		}
+
 		return response;
 	}
 

src/controllers/ScanController.ts

@@ -1,4 +1,5 @@
-import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam, UseBefore } from 'routing-controllers';
+import { Request } from "express";
+import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam, Req, UseBefore } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
 import { getConnectionManager, Repository } from 'typeorm';
 import { RunnerNotFoundError } from '../errors/RunnerErrors';
@@ -14,7 +15,6 @@ import { TrackScan } from '../models/entities/TrackScan';
 import { ResponseEmpty } from '../models/responses/ResponseEmpty';
 import { ResponseScan } from '../models/responses/ResponseScan';
 import { ResponseTrackScan } from '../models/responses/ResponseTrackScan';
-
 @JsonController('/scans')
 @OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
 export class ScanController {
@@ -60,7 +60,7 @@ export class ScanController {
 	@UseBefore(ScanAuth)
 	@ResponseSchema(ResponseScan)
 	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: 'Create a new scan (not track scan - use /scans/trackscans instead). <br> Please rmemember to provide the scan\'s runner\'s id and distance.', security: [{ "ScanApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
+	@OpenAPI({ description: 'Create a new scan (not track scan - use /scans/trackscans instead). <br> Please rmemember to provide the scan\'s runner\'s id and distance.', security: [{ "StationApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
 	async post(@Body({ validate: true }) createScan: CreateScan) {
 		let scan = await createScan.toEntity();
 		scan = await this.scanRepository.save(scan);
@@ -71,8 +71,12 @@ export class ScanController {
 	@UseBefore(ScanAuth)
 	@ResponseSchema(ResponseTrackScan)
 	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: 'Create a new track scan (for "normal" scans use /scans instead). <br> Please remember that to provide the scan\'s card\'s station\'s id.', security: [{ "ScanApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
-	async postTrackScans(@Body({ validate: true }) createScan: CreateTrackScan) {
+	@OpenAPI({ description: 'Create a new track scan (for "normal" scans use /scans instead). <br> Please remember that to provide the scan\'s card\'s station\'s id.', security: [{ "StationApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
+	async postTrackScans(@Body({ validate: true }) createScan: CreateTrackScan, @Req() req: Request) {
+		const station_id = req.headers["station_id"];
+		if (station_id) {
+			createScan.station = parseInt(station_id.toString());
+		}
 		let scan = await createScan.toEntity();
 		scan = await this.trackScanRepository.save(scan);
 		return (await this.scanRepository.findOne({ id: scan.id }, { relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] })).toResponse();

src/controllers/UserController.ts

@@ -1,7 +1,7 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
 import { getConnectionManager, Repository } from 'typeorm';
-import { UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
 import { UserGroupNotFoundError } from '../errors/UserGroupErrors';
 import { CreateUser } from '../models/actions/create/CreateUser';
 import { UpdateUser } from '../models/actions/update/UpdateUser';
@@ -66,6 +66,10 @@ export class UserController {
 	@ResponseSchema(ResponseUser)
 	@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainUppercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainLowercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainNumberError, { statusCode: 406 })
+	@ResponseSchema(PasswordTooShortError, { statusCode: 406 })
 	@OpenAPI({ description: 'Create a new user. <br> If you want to grant permissions to the user you have to create them seperately by posting to /api/permissions after creating the user.' })
 	async post(@Body({ validate: true }) createUser: CreateUser) {
 		let user;
@@ -85,6 +89,10 @@ export class UserController {
 	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UserIdsNotMatchingError, { statusCode: 406 })
 	@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainUppercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainLowercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainNumberError, { statusCode: 406 })
+	@ResponseSchema(PasswordTooShortError, { statusCode: 406 })
 	@OpenAPI({ description: "Update the user whose id you provided. <br> To change the permissions directly granted to the user please use /api/permissions instead. <br> Please remember that ids can't be changed." })
 	async put(@Param('id') id: number, @Body({ validate: true }) updateUser: UpdateUser) {
 		let oldUser = await this.userRepository.findOne({ id: id });

src/errors/RunnerErrors.ts

@@ -46,6 +46,17 @@ export class RunnerEmailNeededError extends NotAcceptableError {
 	message = "Citizenrunners have to provide an email address for verification and contacting."
 }
 
+/**
+ * Error to throw when a runner already requested a new selfservice link in the last 24hrs.
+ */
+export class RunnerSelfserviceTimeoutError extends NotAcceptableError {
+	@IsString()
+	name = "RunnerSelfserviceTimeoutError"
+
+	@IsString()
+	message = "You can only reqest a new token every 24hrs."
+}
+
 /**
 * Error to throw when a runner still has distance donations associated.
 */

src/errors/UserErrors.ts

@@ -72,3 +72,32 @@ export class UserDeletionNotConfirmedError extends NotAcceptableError {
 	@IsString()
 	message = "You are trying to delete a user! \n If you're sure about doing this: provide the ?force=true query param."
 }
+
+export class PasswordMustContainUppercaseLetterError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordMustContainUppercaseLetterError"
+
+	@IsString()
+	message = "Passwords must contain at least one uppercase letter."
+}
+export class PasswordMustContainLowercaseLetterError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordMustContainLowercaseLetterError"
+
+	@IsString()
+	message = "Passwords must contain at least one lowercase letter."
+}
+export class PasswordMustContainNumberError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordMustContainNumberError"
+
+	@IsString()
+	message = "Passwords must contain at least one number."
+}
+export class PasswordTooShortError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordTooShortError"
+
+	@IsString()
+	message = "Passwords must be at least ten characters long."
+}

src/mailer.ts

@@ -9,6 +9,7 @@ import { MailSendingError } from './errors/MailErrors';
 export class Mailer {
     public static base: string = config.mailer_url;
     public static key: string = config.mailer_key;
+    public static testing: boolean = config.testing;
 
     /**
      * Function for sending a password reset mail.
@@ -22,6 +23,41 @@ export class Mailer {
                 resetKey: token
             });
         } catch (error) {
+            if (Mailer.testing) { return true; }
+            throw new MailSendingError();
+        }
+    }
+
+    /**
+     * Function for sending a runner selfservice welcome mail.
+     * @param to_address The address the mail will be sent to. Should always get pulled from a runner object.
+     * @param token The requested selfservice token - will be combined with the app_url to generate a selfservice profile link.
+     */
+    public static async sendSelfserviceWelcomeMail(to_address: string, token: string, locale: string = "en") {
+        try {
+            await axios.post(`${Mailer.base}/registration?locale=${locale}&key=${Mailer.key}`, {
+                address: to_address,
+                selfserviceToken: token
+            });
+        } catch (error) {
+            if (Mailer.testing) { return true; }
+            throw new MailSendingError();
+        }
+    }
+
+    /**
+     * Function for sending a runner selfservice link forgotten mail.
+     * @param to_address The address the mail will be sent to. Should always get pulled from a runner object.
+     * @param token The requested selfservice token - will be combined with the app_url to generate a selfservice profile link.
+     */
+    public static async sendSelfserviceForgottenMail(to_address: string, token: string, locale: string = "en") {
+        try {
+            await axios.post(`${Mailer.base}/registration_forgot?locale=${locale}&key=${Mailer.key}`, {
+                address: to_address,
+                selfserviceToken: token
+            });
+        } catch (error) {
+            if (Mailer.testing) { return true; }
             throw new MailSendingError();
         }
     }

src/middlewares/ScanAuth.ts

@@ -15,14 +15,14 @@ import authchecker from './authchecker';
 const ScanAuth = async (req: Request, res: Response, next: () => void) => {
     let provided_token: string = req.headers["authorization"];
     if (provided_token == "" || provided_token === undefined || provided_token === null) {
-        res.status(401).send("No api token provided.");
+        res.status(401).send({ http_code: 401, short: "no_token", message: "No api token provided." });
         return;
     }
 
     try {
         provided_token = provided_token.replace("Bearer ", "");
     } catch (error) {
-        res.status(401).send("No valid jwt or api token provided.");
+        res.status(401).send({ http_code: 401, short: "no_token", message: "No valid jwt or api token provided." });
         return;
     }
 
@@ -32,7 +32,7 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => {
     }
     finally {
         if (prefix == "" || prefix == undefined || prefix == null) {
-            res.status(401).send("Api token non-existent or invalid syntax.");
+            res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." });
             return;
         }
     }
@@ -46,7 +46,7 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => {
         }
         finally {
             if (user_authorized == false) {
-                res.status(401).send("Api token non-existent or invalid syntax.");
+                res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." });
                 return;
             }
             else {
@@ -56,13 +56,13 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => {
     }
     else {
         if (station.enabled == false) {
-            res.status(401).send("Station disabled.");
+            res.status(401).send({ http_code: 401, short: "station_disabled", message: "Station is disabled." });
         }
         if (!(await argon2.verify(station.key, provided_token))) {
-            res.status(401).send("Api token invalid.");
+            res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." });
             return;
         }
-
+        req.headers["station_id"] = station.id.toString();
         next();
     }
 }

src/models/actions/create/CreateTrackScan.ts

@@ -1,4 +1,5 @@
-import { IsInt, IsPositive } from 'class-validator';
+import { IsInt, IsOptional, IsPositive } from 'class-validator';
+import { BadRequestError } from 'routing-controllers';
 import { getConnection } from 'typeorm';
 import { RunnerCardNotFoundError } from '../../../errors/RunnerCardErrors';
 import { RunnerNotFoundError } from '../../../errors/RunnerErrors';
@@ -22,10 +23,12 @@ export class CreateTrackScan {
     /**
      * The scanning station's id that created the scan.
      * Mainly used for logging and traceing back scans (or errors).
+     * You don't have to provide the station if you're authenticateing via a scanstation token (The server takes care of it for you).
      */
     @IsInt()
     @IsPositive()
-    station: number;
+    @IsOptional()
+    station?: number;
 
     /**
      * Creates a new Track entity from this.
@@ -44,12 +47,15 @@ export class CreateTrackScan {
         }
 
         newScan.timestamp = Math.round(new Date().getTime() / 1000);
-        newScan.lapTime = await this.getLaptime(newScan)
-        newScan.valid = await this.validateScan(newScan);
+        newScan = await this.validateScan(newScan);
 
         return newScan;
     }
 
+    /**
+     * Get's a runnerCard entity via the provided id.
+     * @returns The runnerCard whom's id you provided.
+     */
     public async getCard(): Promise<RunnerCard> {
         const track = await getConnection().getRepository(RunnerCard).findOne({ id: this.card }, { relations: ["runner"] });
         if (!track) {
@@ -58,7 +64,14 @@ export class CreateTrackScan {
         return track;
     }
 
+    /**
+     * Get's a scanstation entity via the provided id.
+     * @returns The scanstation whom's id you provided.
+     */
     public async getStation(): Promise<ScanStation> {
+        if (!this.station) {
+            throw new BadRequestError("You are missing the station's id!")
+        }
         const station = await getConnection().getRepository(ScanStation).findOne({ id: this.station }, { relations: ["track"] });
         if (!station) {
             throw new ScanStationNotFoundError();
@@ -66,15 +79,22 @@ export class CreateTrackScan {
         return station;
     }
 
-    public validateScan(scan: TrackScan): boolean {
-        return (scan.lapTime > scan.track.minimumLapTime);
-    }
-
-    public async getLaptime(scan: TrackScan): Promise<number> {
+    /**
+     * Validates the scan and sets it's lap time;
+     * @param scan The scan you want to validate
+     * @returns The validated scan with it's laptime set.
+     */
+    public async validateScan(scan: TrackScan): Promise<TrackScan> {
         const scans = await getConnection().getRepository(TrackScan).find({ where: { runner: scan.runner, valid: true }, relations: ["track"] });
-        if (scans.length == 0) { return 0; }
-
+        if (scans.length == 0) {
+            scan.lapTime = 0;
+            scan.valid = true;
+        }
+        else {
             const newestScan = scans[scans.length - 1];
-        return (scan.timestamp - newestScan.timestamp);
+            scan.lapTime = scan.timestamp - newestScan.timestamp;
+            scan.valid = (scan.lapTime > scan.track.minimumLapTime);
+        }
+        return scan;
     }
 }

src/models/actions/create/CreateUser.ts

@@ -1,9 +1,10 @@
 import * as argon2 from "argon2";
+import { passwordStrength } from "check-password-strength";
 import { IsBoolean, IsEmail, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator';
 import { getConnectionManager } from 'typeorm';
 import * as uuid from 'uuid';
 import { config } from '../../../config';
-import { UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
 import { UserGroupNotFoundError } from '../../../errors/UserGroupErrors';
 import { User } from '../../entities/User';
 import { UserGroup } from '../../entities/UserGroup';
@@ -94,7 +95,13 @@ export class CreateUser {
         if (!this.email) {
             throw new UserEmailNeededError();
         }
-        if (this.username.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
+        if (this.username?.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
+
+        let password_strength = passwordStrength(this.password);
+        if (!password_strength.contains.includes("uppercase")) { throw new PasswordMustContainUppercaseLetterError(); }
+        if (!password_strength.contains.includes("lowercase")) { throw new PasswordMustContainLowercaseLetterError(); }
+        if (!password_strength.contains.includes("number")) { throw new PasswordMustContainNumberError(); }
+        if (!(password_strength.length > 9)) { throw new PasswordTooShortError(); }
 
         newUser.email = this.email
         newUser.username = this.username

src/models/actions/update/UpdateTrackScan.ts

@@ -1,9 +1,9 @@
 import { IsBoolean, IsInt, IsOptional, IsPositive } from 'class-validator';
 import { getConnection } from 'typeorm';
 import { RunnerNotFoundError } from '../../../errors/RunnerErrors';
-import { ScanStationNotFoundError } from '../../../errors/ScanStationErrors';
+import { TrackNotFoundError } from '../../../errors/TrackErrors';
 import { Runner } from '../../entities/Runner';
-import { ScanStation } from '../../entities/ScanStation';
+import { Track } from '../../entities/Track';
 import { TrackScan } from '../../entities/TrackScan';
 
 /**
@@ -38,7 +38,7 @@ export abstract class UpdateTrackScan {
      */
     @IsInt()
     @IsPositive()
-    public station: number;
+    public track: number;
 
     /**
      * Update a TrackScan entity based on this.
@@ -47,8 +47,7 @@ export abstract class UpdateTrackScan {
     public async update(scan: TrackScan): Promise<TrackScan> {
         scan.valid = this.valid;
         scan.runner = await this.getRunner();
-        scan.station = await this.getStation();
-        scan.track = scan.station.track;
+        scan.track = await this.getTrack();
 
         return scan;
     }
@@ -67,11 +66,11 @@ export abstract class UpdateTrackScan {
     /**
      * Gets a runner based on the runner id provided via this.runner.
      */
-    public async getStation(): Promise<ScanStation> {
-        const station = await getConnection().getRepository(ScanStation).findOne({ id: this.station }, { relations: ['track'] });
-        if (!station) {
-            throw new ScanStationNotFoundError();
+    public async getTrack(): Promise<Track> {
+        const track = await getConnection().getRepository(Track).findOne({ id: this.track });
+        if (!track) {
+            throw new TrackNotFoundError();
         }
-        return station;
+        return track;
     }
 }

src/models/actions/update/UpdateUser.ts

@@ -1,12 +1,14 @@
 import * as argon2 from "argon2";
+import { passwordStrength } from "check-password-strength";
 import { IsBoolean, IsEmail, IsInt, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator';
 import { getConnectionManager } from 'typeorm';
 import { config } from '../../../config';
-import { UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
 import { UserGroupNotFoundError } from '../../../errors/UserGroupErrors';
 import { User } from '../../entities/User';
 import { UserGroup } from '../../entities/UserGroup';
 
+
 /**
  * This class is used to update a User entity (via put request).
  */
@@ -104,6 +106,11 @@ export class UpdateUser {
         if (this.username.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
 
         if (this.password) {
+            let password_strength = passwordStrength(this.password);
+            if (!password_strength.contains.includes("uppercase")) { throw new PasswordMustContainUppercaseLetterError(); }
+            if (!password_strength.contains.includes("lowercase")) { throw new PasswordMustContainLowercaseLetterError(); }
+            if (!password_strength.contains.includes("number")) { throw new PasswordMustContainNumberError(); }
+            if (!(password_strength.length > 9)) { throw new PasswordTooShortError(); }
             user.password = await argon2.hash(this.password + user.uuid);
             user.refreshTokenCount = user.refreshTokenCount + 1;
         }

src/models/entities/Runner.ts

@@ -1,5 +1,5 @@
-import { IsInt, IsNotEmpty } from "class-validator";
-import { ChildEntity, ManyToOne, OneToMany } from "typeorm";
+import { IsInt, IsNotEmpty, IsOptional, IsString } from "class-validator";
+import { ChildEntity, Column, ManyToOne, OneToMany } from "typeorm";
 import { ResponseRunner } from '../responses/ResponseRunner';
 import { DistanceDonation } from "./DistanceDonation";
 import { Participant } from "./Participant";
@@ -43,6 +43,15 @@ export class Runner extends Participant {
   @OneToMany(() => Scan, scan => scan.runner, { nullable: true })
   scans: Scan[];
 
+  /**
+  * The last time the runner requested a selfservice link.
+  * Used to prevent spamming of the selfservice link forgotten route.
+  */
+  @Column({ nullable: true, unique: false })
+  @IsString()
+  @IsOptional()
+  resetRequestedTimestamp?: number;
+
   /**
    * Returns all valid scans associated with this runner.
    * This is implemented here to avoid duplicate code in other files.

src/models/enums/ResponseObjectType.ts

@@ -35,4 +35,5 @@ export enum ResponseObjectType {
     USER = 'USER',
     USERGROUP = 'USERGROUP',
     USERPERMISSIONS = 'USERPERMISSIONS',
+    SELFSERVICEDONOR = 'SELFSERVICEDONOR'
 }

src/models/responses/ResponseSelfServiceDonation.ts

@@ -2,6 +2,7 @@ import { IsInt, IsNotEmpty, IsPositive } from 'class-validator';
 import { DistanceDonation } from '../entities/DistanceDonation';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
+import { ResponseSelfServiceDonor } from './ResponseSelfServiceDonor';
 
 /**
  * Defines the runner selfservice donation response.
@@ -18,7 +19,7 @@ export class ResponseSelfServiceDonation implements IResponse {
      * The donation's donor.
      */
     @IsNotEmpty()
-    donor: string;
+    donor: ResponseSelfServiceDonor;
 
     /**
      * The donation's amount in the smalles unit of your currency (default: euro cent).
@@ -35,9 +36,7 @@ export class ResponseSelfServiceDonation implements IResponse {
     amountPerDistance: number;
 
     public constructor(donation: DistanceDonation) {
-        if (!donation.donor.middlename) { this.donor = donation.donor.firstname + " " + donation.donor.lastname; }
-        else { this.donor = donation.donor.firstname + " " + donation.donor.middlename + " " + donation.donor.lastname; }
-
+        this.donor = new ResponseSelfServiceDonor(donation.donor);
         this.amountPerDistance = donation.amountPerDistance;
         this.amount = donation.amount;
     }

src/models/responses/ResponseSelfServiceDonor.ts

@@ -0,0 +1,51 @@
+import { IsInt, IsString } from "class-validator";
+import { Donor } from '../entities/Donor';
+import { ResponseObjectType } from '../enums/ResponseObjectType';
+import { IResponse } from './IResponse';
+
+/**
+ * Defines the donor selfservice response.
+ * Why? B/C runner's are not allowed to view all information available to admin users.
+*/
+export class ResponseSelfServiceDonor implements IResponse {
+    /**
+    * The responseType.
+    * This contains the type of class/entity this response contains.
+    */
+    responseType: ResponseObjectType = ResponseObjectType.SELFSERVICEDONOR;
+
+    /**
+     * The participant's id.
+     */
+    @IsInt()
+    id: number;
+
+    /**
+     * The participant's first name.
+     */
+    @IsString()
+    firstname: string;
+
+    /**
+     * The participant's middle name.
+     */
+    @IsString()
+    middlename?: string;
+
+    /**
+     * The participant's last name.
+     */
+    @IsString()
+    lastname: string;
+
+    /**
+     * Creates a ResponseSelfServiceDonor object from a runner.
+     * @param donor The donor the response shall be build for.
+     */
+    public constructor(donor: Donor) {
+        this.id = donor.id;
+        this.firstname = donor.firstname;
+        this.middlename = donor.middlename;
+        this.lastname = donor.lastname;
+    }
+}

src/models/responses/ResponseSelfServiceRunner.ts

@@ -38,10 +38,10 @@ export class ResponseSelfServiceRunner extends ResponseParticipant implements IR
     group: string;
 
     /**
-     * The runner's associated donations.
+     * The runner's associated distance donations.
      */
     @IsString()
-    donations: ResponseSelfServiceDonation[]
+    distanceDonations: ResponseSelfServiceDonation[]
 
     /**
      * The runner's self-service jwt for auth.
@@ -60,7 +60,7 @@ export class ResponseSelfServiceRunner extends ResponseParticipant implements IR
         this.distance = runner.distance;
         this.donationAmount = runner.distanceDonationAmount;
         this.group = this.getTeamString(runner.group);
-        this.donations = this.getDonations(runner.distanceDonations);
+        this.distanceDonations = this.getDonations(runner.distanceDonations);
     }
 
     /**

src/seeds/SeedUsers.ts

@@ -1,14 +1,14 @@
+import * as argon2 from "argon2";
 import { Connection } from 'typeorm';
 import { Factory, Seeder } from 'typeorm-seeding';
+import * as uuid from 'uuid';
 import { CreatePermission } from '../models/actions/create/CreatePermission';
-import { CreateUser } from '../models/actions/create/CreateUser';
 import { CreateUserGroup } from '../models/actions/create/CreateUserGroup';
 import { Permission } from '../models/entities/Permission';
 import { User } from '../models/entities/User';
 import { UserGroup } from '../models/entities/UserGroup';
 import { PermissionAction } from '../models/enums/PermissionAction';
 import { PermissionTarget } from '../models/enums/PermissionTargets';
-
 /**
  * Seeds a admin group with a demo user into the database for initial setup and auto recovery.
  * We know that the nameing isn't perfectly fitting. Feel free to change it.
@@ -16,7 +16,7 @@ import { PermissionTarget } from '../models/enums/PermissionTargets';
 export default class SeedUsers implements Seeder {
     public async run(factory: Factory, connection: Connection): Promise<any> {
         let adminGroup: UserGroup = await this.createAdminGroup(connection);
-        await this.createUser(connection, adminGroup.id);
+        await this.createUser(connection, adminGroup);
         await this.createPermissions(connection, adminGroup.id);
     }
 
@@ -27,15 +27,16 @@ export default class SeedUsers implements Seeder {
         return await connection.getRepository(UserGroup).save(await adminGroup.toEntity());
     }
 
-    public async createUser(connection: Connection, group: number) {
-        let initialUser = new CreateUser();
+    public async createUser(connection: Connection, group: UserGroup) {
+        let initialUser = new User();
         initialUser.firstname = "demo";
         initialUser.lastname = "demo";
         initialUser.username = "demo";
-        initialUser.password = "demo";
+        initialUser.uuid = uuid.v4();
+        initialUser.password = await argon2.hash("demo" + initialUser.uuid);
         initialUser.email = "demo@dev.lauf-fuer-kaya.de"
-        initialUser.groups = group;
-        return await connection.getRepository(User).save(await initialUser.toEntity());
+        initialUser.groups = [group];
+        return await connection.getRepository(User).save(initialUser);
     }
 
     public async createPermissions(connection: Connection, principal: number) {

src/tests/auth/auth_login.spec.ts

@@ -5,6 +5,7 @@ const base = "http://localhost:" + config.internal_port
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     axios_config = {
         validateStatus: undefined
     };

src/tests/auth/auth_logout.spec.ts

@@ -8,14 +8,15 @@ const axios_config = {
 };;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res_login = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_logout",
-        "middlename": "demo_logout",
-        "lastname": "demo_logout",
-        "username": "demo_logout",
-        "password": "demo_logout",
-        "email": "demo_logout@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_logoutASD123",
+        "middlename": "demo_logoutASD123",
+        "lastname": "demo_logoutASD123",
+        "username": "demo_logoutASD123",
+        "password": "demo_logoutASD123",
+        "email": "demo_logoutASD123@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
@@ -25,7 +26,7 @@ beforeAll(async () => {
 describe('POST /api/auth/logout valid', () => {
     let refresh_coookie;
     it('valid logout with token in cookie should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logout", password: "demo_logout" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logoutASD123", password: "demo_logoutASD123" });
         refresh_coookie = res_login.headers["set-cookie"];
         const res = await axios.post(base + '/api/auth/logout', null, {
             headers: { "Cookie": refresh_coookie },
@@ -34,7 +35,7 @@ describe('POST /api/auth/logout valid', () => {
         expect(res.status).toEqual(200);
     });
     it('valid logout with token in body should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logout", password: "demo_logout" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logoutASD123", password: "demo_logoutASD123" });
         const res = await axios.post(base + '/api/auth/logout', { token: res_login.data["refresh_token"] }, axios_config);
         expect(res.status).toEqual(200);
     });

src/tests/auth/auth_refresh.spec.ts

@@ -8,14 +8,15 @@ const axios_config = {
 };;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res_login = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_refresh",
-        "middlename": "demo_refresh",
-        "lastname": "demo_refresh",
-        "username": "demo_refresh",
-        "password": "demo_refresh",
-        "email": "demo_refresh@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_refreshASD312",
+        "middlename": "demo_refreshASD312",
+        "lastname": "demo_refreshASD312",
+        "username": "demo_refreshASD312",
+        "password": "demo_refreshASD312",
+        "email": "demo_refreshASD312@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
@@ -24,7 +25,7 @@ beforeAll(async () => {
 
 describe('POST /api/auth/refresh valid', () => {
     it('valid refresh with token in cookie should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refresh", password: "demo_refresh" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refreshASD312", password: "demo_refreshASD312" });
         const res = await axios.post(base + '/api/auth/refresh', null, {
             headers: { "Cookie": res_login.headers["set-cookie"] },
             validateStatus: undefined
@@ -32,7 +33,7 @@ describe('POST /api/auth/refresh valid', () => {
         expect(res.status).toEqual(200);
     });
     it('valid refresh with token in body should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refresh", password: "demo_refresh" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refreshASD312", password: "demo_refreshASD312" });
         const res = await axios.post(base + '/api/auth/refresh', { token: res_login.data["refresh_token"] }, axios_config);
         expect(res.status).toEqual(200);
     });

src/tests/auth/auth_reset.spec.ts

@@ -8,25 +8,26 @@ const axios_config = {
 };;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res_login = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_reset",
-        "middlename": "demo_reset",
-        "lastname": "demo_reset",
-        "username": "demo_reset",
-        "password": "demo_reset",
-        "email": "demo_reset1@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_resetASD312",
+        "middlename": "demo_resetASD312",
+        "lastname": "demo_resetASD312",
+        "username": "demo_resetASD312",
+        "password": "demo_resetASD312",
+        "email": "demo_resetASD3121@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
     });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_reset2",
-        "middlename": "demo_reset2",
-        "lastname": "demo_reset2",
-        "username": "demo_reset2",
-        "password": "demo_reset2",
-        "email": "demo_reset2@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_resetASD3122",
+        "middlename": "demo_resetASD3122",
+        "lastname": "demo_resetASD3122",
+        "username": "demo_resetASD3122",
+        "password": "demo_resetASD3122",
+        "email": "demo_resetASD3122@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
@@ -36,16 +37,16 @@ beforeAll(async () => {
 describe('POST /api/auth/reset valid', () => {
     let reset_token;
     it('valid reset token request should return 200 (500 w/o correct auth)', async () => {
-        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_reset1@dev.lauf-fuer-kaya.de" }, axios_config);
+        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_resetASD3121@dev.lauf-fuer-kaya.de" }, axios_config);
         reset_token = res1.data.resetToken;
-        expect(res1.status).toEqual(500);
+        expect(res1.status).toEqual(200);
     });
 });
 // ---------------
 describe('POST /api/auth/reset invalid requests', () => {
     it('request another password reset before the timeout should return 406', async () => {
-        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_reset2@dev.lauf-fuer-kaya.de" }, axios_config);
-        const res2 = await axios.post(base + '/api/auth/reset', { email: "demo_reset2@dev.lauf-fuer-kaya.de" }, axios_config);
+        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_resetASD3122@dev.lauf-fuer-kaya.de" }, axios_config);
+        const res2 = await axios.post(base + '/api/auth/reset', { email: "demo_resetASD3122@dev.lauf-fuer-kaya.de" }, axios_config);
         expect(res2.status).toEqual(406);
     });
 });

src/tests/cards/cards_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {
@@ -85,7 +86,6 @@ describe('POST /api/cards successfully (with runner)', () => {
 			"lastname": "last",
 			"group": added_org.id
 		}, axios_config);
-		delete res2.data.group;
 		added_runner = res2.data;
 		expect(res2.status).toEqual(200);
 		expect(res2.headers['content-type']).toContain("application/json")
@@ -149,3 +149,38 @@ describe('POST /api/cards successfully (with runner)', () => {
 		});
 	});
 });
+// ---------------
+describe('POST /api/cards/bulk successfully', () => {
+	it('creating a single new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=1', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
+	it('creating a single new bulk card and letting the system return it should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=1&returnCards=true', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data[0].id).toBeDefined();
+	});
+	it('creating 50 new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=50', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
+	it('creating 50 new bulk cards and letting the system return it should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=50&returnCards=true', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data.length).toEqual(50);
+	});
+	it('creating 250 new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=250', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
+	it('creating 2000 new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=2000', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
+});

src/tests/cards/cards_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/cards/cards_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/cards/cards_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {
@@ -63,7 +64,6 @@ describe('adding + updating card.runner successfully', () => {
 			"lastname": "last",
 			"group": added_org.id
 		}, axios_config);
-		delete res2.data.group;
 		added_runner = res2.data;
 		expect(res2.status).toEqual(200);
 		expect(res2.headers['content-type']).toContain("application/json")
@@ -74,7 +74,6 @@ describe('adding + updating card.runner successfully', () => {
 			"lastname": "last",
 			"group": added_org.id
 		}, axios_config);
-		delete res2.data.group;
 		added_runner2 = res2.data;
 		expect(res2.status).toEqual(200);
 		expect(res2.headers['content-type']).toContain("application/json")

src/tests/contacts/contact_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/contacts/contact_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/contacts/contact_get.spec.ts

@@ -5,6 +5,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/contacts/contact_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/donations/donations_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/donations/donations_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/donations/donations_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/donations/donations_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/donors/donor_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/donors/donor_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/donors/donor_get.spec.ts

@@ -5,6 +5,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/donors/donor_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerOrgs/org_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerOrgs/org_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {
@@ -15,7 +16,7 @@ beforeAll(async () => {
 });
 
 // ---------------
-describe('adding + deletion (non-existant)', () => {
+describe('deletion (non-existant)', () => {
     it('delete', async () => {
         const res2 = await axios.delete(base + '/api/organizations/0', axios_config);
         expect(res2.status).toEqual(204);

src/tests/runnerOrgs/org_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerOrgs/org_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerTeams/team_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerTeams/team_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerTeams/team_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerTeams/team_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runners/runner_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runners/runner_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runners/runner_get.spec.ts

@@ -5,6 +5,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runners/runner_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/scans/scans_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/scans/scans_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/scans/scans_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/scans/scans_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/scanstations/scanstations_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/scanstations/scanstations_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/scanstations/scanstations_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {
@@ -57,3 +58,33 @@ describe('adding + getting stations', () => {
 		expect(res.headers['content-type']).toContain("application/json");
 	});
 });
+// ---------------
+describe('adding + getting via me endpoint', () => {
+	let added_track;
+	let added_station;
+	it('creating a track should return 200', async () => {
+		const res1 = await axios.post(base + '/api/tracks', {
+			"name": "test123",
+			"distance": 123
+		}, axios_config);
+		added_track = res1.data
+		expect(res1.status).toEqual(200);
+		expect(res1.headers['content-type']).toContain("application/json")
+	});
+	it('correct description and track input for station creation return 200', async () => {
+		const res = await axios.post(base + '/api/stations', {
+			"track": added_track.id,
+			"description": "I am but a simple test."
+		}, axios_config);
+		added_station = res.data;
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json")
+	});
+	it('correct description and track input for station creation return 200', async () => {
+		const res = await axios.get(base + '/api/stations/me', { headers: { "authorization": "Bearer " + added_station.key } });
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json")
+		added_station.key = "Only visible on creation.";
+		expect(res.data).toEqual(added_station);
+	});
+});

src/tests/scanstations/scanstations_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/selfservice/selfservice_delete.spec.ts

@@ -0,0 +1,66 @@
+import axios from 'axios';
+import { config } from '../../config';
+const base = "http://localhost:" + config.internal_port
+
+let access_token;
+let axios_config;
+
+beforeAll(async () => {
+    jest.setTimeout(20000);
+    const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
+    access_token = res.data["access_token"];
+    axios_config = {
+        headers: { "authorization": "Bearer " + access_token },
+        validateStatus: undefined
+    };
+});
+// ---------------
+describe('delete selfservice runner invalid', () => {
+    let added_runner;
+    it('registering as citizen with minimal params should return 200', async () => {
+        const res = await axios.post(base + '/api/runners/register', {
+            "firstname": "string",
+            "lastname": "string",
+            "email": "user@example.com"
+        }, axios_config);
+        added_runner = res.data;
+        expect(res.status).toEqual(200);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+    it('delete with valid jwt should return 200', async () => {
+        const res = await axios.delete(base + '/api/runners/me/' + added_runner.token, axios_config);
+        expect(res.status).toEqual(200);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+    it('delete with valid jwt but non-existant runner should return 200', async () => {
+        const res = await axios.delete(base + '/api/runners/me/' + added_runner.token, axios_config);
+        expect(res.status).toEqual(404);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+    it('delete with invalid jwt should return 401', async () => {
+        const res = await axios.delete(base + '/api/runners/me/123.123', axios_config);
+        expect(res.status).toEqual(401);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+});
+// ---------------
+describe('delete selfservice runner valid', () => {
+    let added_runner;
+    it('registering as citizen with minimal params should return 200', async () => {
+        const res = await axios.post(base + '/api/runners/register', {
+            "firstname": "string",
+            "lastname": "string",
+            "email": "user@example.com"
+        }, axios_config);
+        added_runner = res.data;
+        expect(res.status).toEqual(200);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+    it('delete with valid jwt should return 200', async () => {
+        const res = await axios.delete(base + '/api/runners/me/' + added_runner.token, axios_config);
+        expect(res.status).toEqual(200);
+        expect(res.headers['content-type']).toContain("application/json");
+        delete added_runner.token;
+        expect(res.data).toEqual(added_runner);
+    });
+});

src/tests/selfservice/selfservice_forgotten.spec.ts

@@ -0,0 +1,82 @@
+import axios from 'axios';
+import { config } from '../../config';
+const base = "http://localhost:" + config.internal_port
+
+let access_token;
+let axios_config;
+
+beforeAll(async () => {
+    jest.setTimeout(20000);
+    const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
+    access_token = res.data["access_token"];
+    axios_config = {
+        headers: { "authorization": "Bearer " + access_token },
+        validateStatus: undefined
+    };
+});
+
+describe('POST /api/runners/me/forgot invalid syntax/mail should fail', () => {
+    it('get without mail return 404', async () => {
+        const res = await axios.post(base + '/api/runners/forgot', null, axios_config);
+        expect(res.status).toEqual(404);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+    it('get without bs mail return 404', async () => {
+        const res = await axios.post(base + '/api/runners/forgot?mail=asdasdasdasdasd@tester.test.dev.lauf-fuer-kaya.de', null, axios_config);
+        expect(res.status).toEqual(404);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+});
+// ---------------
+describe('POST /api/runners/me/forgot 2 times within timeout should fail', () => {
+    let added_runner;
+    it('registering as citizen should return 200', async () => {
+        const res = await axios.post(base + '/api/runners/register', {
+            "firstname": "string",
+            "middlename": "string",
+            "lastname": "string",
+            "email": "citizen420@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(200);
+        expect(res.headers['content-type']).toContain("application/json");
+        added_runner = res.data;
+    });
+    it('post with valid mail should return 200', async () => {
+        const res = await axios.post(base + '/api/runners/forgot?mail=' + added_runner.email, null, axios_config);
+        expect(res.status).toEqual(200);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+    it('2nd post with valid mail should return 406', async () => {
+        const res = await axios.post(base + '/api/runners/forgot?mail=' + added_runner.email, null, axios_config);
+        expect(res.status).toEqual(406);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+});
+
+// ---------------
+describe('POST /api/runners/me/forgot valid should return 200', () => {
+    let added_runner;
+    let new_token;
+    it('registering as citizen should return 200', async () => {
+        const res = await axios.post(base + '/api/runners/register', {
+            "firstname": "string",
+            "middlename": "string",
+            "lastname": "string",
+            "email": "citizen69@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(200);
+        expect(res.headers['content-type']).toContain("application/json");
+        added_runner = res.data;
+    });
+    it('post with valid mail should return 200', async () => {
+        const res = await axios.post(base + '/api/runners/forgot?mail=' + added_runner.email, null, axios_config);
+        expect(res.status).toEqual(200);
+        expect(res.headers['content-type']).toContain("application/json");
+        new_token = res.data.token;
+    });
+    it('get infos with valid jwt should return 200', async () => {
+        const res = await axios.get(base + '/api/runners/me/' + new_token, axios_config);
+        expect(res.status).toEqual(200);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+});

src/tests/selfservice/selfservice_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/selfservice/selfservice_org.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {
@@ -49,6 +50,6 @@ describe('get valid org w/teams', () => {
         expect(res.status).toEqual(200);
         expect(res.headers['content-type']).toContain("application/json");
         expect(res.data.name).toEqual(added_org.name);
-        expect(res.data.teams[0]).toEqual({ name: added_team.name, id: added_team.id });
+        expect(res.data.teams[0]).toEqual({ name: added_team.name, id: added_team.id, responseType: "SELFSERVICETEAM" });
     });
 });

src/tests/selfservice/selfservice_register.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/tracks/track_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/tracks/track_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/tracks/track_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/tracks/tracks_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/trackscans/trackscans_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/trackscans/trackscans_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/trackscans/trackscans_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/trackscans/trackscans_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {
@@ -86,7 +87,7 @@ describe('adding + updating illegally', () => {
 	it('updating with wrong id should return 406', async () => {
 		const res2 = await axios.put(base + '/api/scans/trackscans/' + added_scan.id, {
 			"id": added_scan.id + 1,
-			"station": added_station.id,
+			"track": added_track.id,
 			"runner": added_runner.id
 		}, axios_config);
 		expect(res2.status).toEqual(406);
@@ -95,7 +96,7 @@ describe('adding + updating illegally', () => {
 	it('updating with invalid station should return 404', async () => {
 		const res2 = await axios.put(base + '/api/scans/trackscans/' + added_scan.id, {
 			"id": added_scan.id,
-			"station": 9999999999999999,
+			"track": 9999999999999999,
 			"runner": added_runner.id
 		}, axios_config);
 		expect(res2.status).toEqual(404);
@@ -104,7 +105,7 @@ describe('adding + updating illegally', () => {
 	it('updating with invalid runner should return 404', async () => {
 		const res2 = await axios.put(base + '/api/scans/trackscans/' + added_scan.id, {
 			"id": added_scan.id,
-			"station": added_station.id,
+			"track": added_station.id,
 			"runner": 9999999999999999999
 		}, axios_config);
 		expect(res2.status).toEqual(404);
@@ -211,7 +212,7 @@ describe('adding + updating successfilly', () => {
 	it('updating with new runner should return 200', async () => {
 		const res2 = await axios.put(base + '/api/scans/trackscans/' + added_scan.id, {
 			"id": added_scan.id,
-			"station": added_station.id,
+			"track": added_track.id,
 			"runner": added_runner2.id
 		}, axios_config);
 		expect(res2.status).toEqual(200);
@@ -220,7 +221,7 @@ describe('adding + updating successfilly', () => {
 	it('updating with new station should return 200', async () => {
 		const res2 = await axios.put(base + '/api/scans/trackscans/' + added_scan.id, {
 			"id": added_scan.id,
-			"station": added_station2.id,
+			"track": added_track2.id,
 			"runner": added_runner.id
 		}, axios_config);
 		expect(res2.status).toEqual(200);
@@ -229,7 +230,7 @@ describe('adding + updating successfilly', () => {
 	it('updating with valid=false should return 200', async () => {
 		const res2 = await axios.put(base + '/api/scans/trackscans/' + added_scan.id, {
 			"id": added_scan.id,
-			"station": added_station2.id,
+			"track": added_track2.id,
 			"runner": added_runner.id,
 			"valid": false
 		}, axios_config);

src/tests/users/user_delete.spec.ts

@@ -0,0 +1,51 @@
+import axios from 'axios';
+import { config } from '../../config';
+const base = "http://localhost:" + config.internal_port
+
+let access_token;
+let axios_config;
+
+beforeAll(async () => {
+    jest.setTimeout(20000);
+    const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
+    access_token = res.data["access_token"];
+    axios_config = {
+        headers: { "authorization": "Bearer " + access_token },
+        validateStatus: undefined
+    };
+});
+
+// ---------------
+describe('adding + deletion (non-existant)', () => {
+    it('delete', async () => {
+        const res2 = await axios.delete(base + '/api/users/0?force=true', axios_config);
+        expect(res2.status).toEqual(204);
+    });
+});
+// ---------------
+describe('adding + deletion (successfull)', () => {
+    let added_user
+    it('valid user creation with minimal parameters should return 200', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "firstname": "string",
+            "middlename": "string",
+            "lastname": "string",
+            "email": "demo_123_123_123asdASD@example.com",
+            "password": "demo_123_123_123asdASD",
+            "enabled": true
+        }
+            , axios_config);
+        added_user = res.data;
+        expect(res.status).toEqual(200);
+    });
+    it('delete', async () => {
+        const res2 = await axios.delete(base + '/api/users/' + added_user.id + "?force=true", axios_config);
+        expect(res2.status).toEqual(200);
+        expect(res2.headers['content-type']).toContain("application/json")
+    });
+    it('check if user really was deleted', async () => {
+        const res3 = await axios.get(base + '/api/users/' + added_user.id, axios_config);
+        expect(res3.status).toEqual(404);
+        expect(res3.headers['content-type']).toContain("application/json")
+    });
+});

src/tests/users/user_post.spec.ts

@@ -0,0 +1,113 @@
+import axios from 'axios';
+import { config } from '../../config';
+
+const base = "http://localhost:" + config.internal_port
+
+let axios_config = {};
+
+beforeAll(async () => {
+    jest.setTimeout(20000);
+    const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
+    let access_token = res.data["access_token"];
+    axios_config = {
+        headers: { "authorization": "Bearer " + access_token },
+        validateStatus: undefined
+    };
+});
+
+describe('POST /api/users valid', () => {
+    it('valid user creation with minimal parameters should return 200', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "firstname": "demo_createASD123",
+            "lastname": "demo_createASD123",
+            "password": "demo_createASD123",
+            "email": "demo_createASD123@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(200);
+    });
+    it('valid user creation with all parameters should return 200', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "firstname": "demo_createASD123_2",
+            "middlename": "demo_createASD123_2",
+            "lastname": "demo_createASD123_2",
+            "username": "demo_createASD123_2",
+            "password": "demo_createASD123_2",
+            "email": "demo_createASD123_2@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(200);
+    });
+});
+// ---------------
+describe('POST /api/users invalid -> 400', () => {
+    it('user creation w/o firstname should return 400', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "lastname": "demo_createASD123_3",
+            "password": "demo_createASD123_3",
+            "email": "demo_createASD123_3@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(400);
+    });
+    it('user creation w/o lastname should return 400', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "firstname": "demo_createASD123_3",
+            "password": "demo_createASD123_3",
+            "email": "demo_createASD123_3@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(400);
+    });
+    it('user creation w/o password should return 400', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "firstname": "demo_createASD123_3",
+            "lastname": "demo_createASD123_3",
+            "email": "demo_createASD123_3@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(400);
+    });
+    it('user creation w/o email should return 400', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "firstname": "demo_createASD123_3",
+            "lastname": "demo_createASD123_3",
+            "password": "demo_createASD123_3"
+        }, axios_config);
+        expect(res.status).toEqual(400);
+    });
+});
+// ---------------
+describe('POST /api/users invalid -> Password errors', () => {
+    it('user creation w/ invalid password -> No numbers should return 406', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "firstname": "demo_createASD123_4",
+            "lastname": "demo_createASD123_4",
+            "password": "demo_createASD",
+            "email": "demo_createASD123_4@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(406);
+    });
+    it('user creation w/ invalid password -> No uppercase should return 406', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "firstname": "demo_createASD123_4",
+            "lastname": "demo_createASD123_4",
+            "password": "demo_create_4",
+            "email": "demo_createASD123_4@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(406);
+    });
+    it('user creation w/ invalid password -> No lowercase should return 406', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "firstname": "demo_createASD123_4",
+            "lastname": "demo_createASD123_4",
+            "password": "DEMO123123ASD",
+            "email": "demo_createASD123_4@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(406);
+    });
+    it('user creation w/ invalid password -> Too short should return 406', async () => {
+        const res = await axios.post(base + '/api/users', {
+            "firstname": "demo_createASD123_4",
+            "lastname": "demo_createASD123_4",
+            "password": "1Aa_",
+            "email": "demo_createASD123_4@dev.lauf-fuer-kaya.de"
+        }, axios_config);
+        expect(res.status).toEqual(406);
+    });
+});