backend/src/tests/auth/auth_reset.spec.ts

import axios from 'axios';
import { config } from '../../config';

const base = "http://localhost:" + config.internal_port

const axios_config = {
    validateStatus: undefined
};;

beforeAll(async () => {
    const res_login = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
    await axios.post(base + '/api/users', {
        "firstname": "demo_reset",
        "middlename": "demo_reset",
        "lastname": "demo_reset",
        "username": "demo_reset",
        "password": "demo_reset",
        "email": "demo_reset@dev.lauf-fuer-kaya.de"
    }, {
        headers: { "authorization": "Bearer " + res_login.data["access_token"] },
        validateStatus: undefined
    });
    await axios.post(base + '/api/users', {
        "firstname": "demo_reset2",
        "middlename": "demo_reset2",
        "lastname": "demo_reset2",
        "username": "demo_reset2",
        "password": "demo_reset2",
        "email": "demo_reset1@dev.lauf-fuer-kaya.de"
    }, {
        headers: { "authorization": "Bearer " + res_login.data["access_token"] },
        validateStatus: undefined
    });
});

describe('POST /api/auth/reset valid', () => {
    let reset_token;
    it('valid reset token request should return 200', async () => {
        const res1 = await axios.post(base + '/api/auth/reset', { username: "demo_reset" });
        reset_token = res1.data.resetToken;
        expect(res1.status).toEqual(200);
    });
    it('valid password reset should return 200', async () => {
        const res2 = await axios.post(base + '/api/auth/reset/' + reset_token, { password: "demo" }, axios_config);
        expect(res2.status).toEqual(200);
    });
    it('valid login after reset should return 200', async () => {
        const res = await axios.post(base + '/api/auth/login', { username: "demo_reset", password: "demo" });
        expect(res.status).toEqual(200);
    });
});
// ---------------
describe('POST /api/auth/reset invalid requests', () => {
    it('request another password reset before the timeout should return 406', async () => {
        const res1 = await axios.post(base + '/api/auth/reset', { username: "demo_reset2" }, axios_config);
        const res2 = await axios.post(base + '/api/auth/reset', { username: "demo_reset2" }, axios_config);
        expect(res2.status).toEqual(406);
    });
});
// ---------------
describe('POST /api/auth/reset invalid token', () => {
    it('providing a invalid reset token should return 401', async () => {
        const res2 = await axios.post(base + '/api/auth/reset/' + "123123", { password: "demo" }, axios_config);
        expect(res2.status).toEqual(401);
    });
    it('providing no reset token should return 404', async () => {
        const res2 = await axios.post(base + '/api/auth/reset/' + "", { password: "demo" }, axios_config);
        expect(res2.status).toEqual(404);
    });
});
// ---------------
describe('POST /api/auth/reset invalid body', () => {
    it('providing no password should return 400', async () => {
        const res2 = await axios.post(base + '/api/auth/reset/' + "123123", null, axios_config);
        expect(res2.status).toEqual(400);
    });
});