verdaccio/test/unit/modules/auth/profile.spec.ts

import request from 'supertest';
import _ from 'lodash';
import path from 'path';
import rimraf from 'rimraf';

import endPointAPI from '../../../../src/api';
import {mockServer} from '../../__helper/mock';
import {parseConfigFile} from '../../../../src/lib/utils';
import {parseConfigurationFile} from '../../__helper';
import {getNewToken, getProfile, postProfile} from '../../__helper/api';
import {setup} from '../../../../src/lib/logger';
import {API_ERROR, HTTP_STATUS, SUPPORT_ERRORS} from '../../../../src/lib/constants';

setup([]);

const parseConfigurationProfile = () => {
  return parseConfigurationFile(`profile/profile`);
};

describe('endpoint user profile', () => {
  let app;
  let mockRegistry;
  jest.setTimeout(20000);

  beforeAll(function(done) {
    const store = path.join(__dirname, '../../partials/store/test-profile-storage');
    const mockServerPort = 55544;
    rimraf(store, async () => {
      const parsedConfig = parseConfigFile(parseConfigurationProfile());
      const configForTest = _.assign({}, _.cloneDeep(parsedConfig), {
        storage: store,
        auth: {
          htpasswd: {
            file: './test-profile-storage/.htpasswd-auth-profile'
          }
        },
        self_path: store
      });
      app = await endPointAPI(configForTest);
      mockRegistry = await mockServer(mockServerPort).init();
      done();
    });
  });

  afterAll(function(done) {
    mockRegistry[0].stop();
    done();
  });

  test('should fetch a profile of logged user', async (done) => {
    const credentials = { name: 'JotaJWT', password: 'secretPass' };
    const token = await getNewToken(request(app), credentials);
    const [err1, res1] = await getProfile(request(app), token);

    expect(err1).toBeNull();
    expect(res1.body.name).toBe(credentials.name);
    done();
  });

  describe('change password', () => {
    test('should change password successfully', async (done) => {
      const credentials = { name: 'userTest2000', password: 'secretPass000' };
      const body = {
        password: {
          new: '12345678',
          old: credentials.password,
        }
      };
      const token = await getNewToken(request(app), credentials);
      const [err1, res1] = await postProfile(request(app), body, token);

      expect(err1).toBeNull();
      expect(res1.body.name).toBe(credentials.name);
      done();
    });

    test('should change password is too short', async (done) => {
      const credentials = { name: 'userTest2001', password: 'secretPass001' };
      const body = {
        password: {
          new: 'p1',
          old: credentials.password,
        }
      };
      const token = await getNewToken(request(app), credentials);
      const [, resp] = await postProfile(request(app), body, token, HTTP_STATUS.UNAUTHORIZED);

      expect(resp.error).not.toBeNull();
      expect(resp.error.text).toMatch(API_ERROR.PASSWORD_SHORT());
      done();
    });
  });

  describe('change tfa', () => {
    test('should report TFA is disabled', async (done) => {
      const credentials = { name: 'userTest2002', password: 'secretPass002' };
      const body = {
        tfa: {}
      };
      const token = await getNewToken(request(app), credentials);
      const [, resp] = await postProfile(request(app), body, token, HTTP_STATUS.SERVICE_UNAVAILABLE);

      expect(resp.error).not.toBeNull();
      expect(resp.error.text).toMatch(SUPPORT_ERRORS.TFA_DISABLED);
      done();
    });
  });

  describe('error handling', () => {
    test('should forbid to fetch a profile with invalid token', async (done) => {
      const [, resp] = await getProfile(request(app), `fakeToken`, HTTP_STATUS.UNAUTHORIZED);

      expect(resp.error).not.toBeNull();
      expect(resp.error.text).toMatch(API_ERROR.MUST_BE_LOGGED);
      done();
    });

    test('should forbid to update a profile with invalid token', async (done) => {
      const [, resp] = await postProfile(request(app), {}, `fakeToken`, HTTP_STATUS.UNAUTHORIZED);

      expect(resp.error).not.toBeNull();
      expect(resp.error.text).toMatch(API_ERROR.MUST_BE_LOGGED);
      done();
    });
  });
});
feat: add support for profile cli command #392 (change password) (#1034) * feat: add support for profile cli command #392 - it allows to update password npm profile set password - display current profile npm profile get https://docs.npmjs.com/cli/profile * chore: update @verdaccio/types@4.0.0 * feat: add min password length on npm by defaul is min 7 characters, this might be configurable in the future. * chore: update verdaccio-htpasswd@1.0.1 * refactor: update unit test * refactor: provide friendly error for tfa request * test: api profile unit test * chore: fix eslint comment * test: update profile test * chore: set mim as 3 characters 2018-10-12 11:07:55 +02:00			`import request from 'supertest';`
			`import _ from 'lodash';`
			`import path from 'path';`
			`import rimraf from 'rimraf';`

test: relocate spec test 2019-05-19 22:23:12 +02:00			`import endPointAPI from '../../../../src/api';`
			`import {mockServer} from '../../__helper/mock';`
			`import {parseConfigFile} from '../../../../src/lib/utils';`
			`import {parseConfigurationFile} from '../../__helper';`
			`import {getNewToken, getProfile, postProfile} from '../../__helper/api';`
			`import {setup} from '../../../../src/lib/logger';`
			`import {API_ERROR, HTTP_STATUS, SUPPORT_ERRORS} from '../../../../src/lib/constants';`
feat: add support for profile cli command #392 (change password) (#1034) * feat: add support for profile cli command #392 - it allows to update password npm profile set password - display current profile npm profile get https://docs.npmjs.com/cli/profile * chore: update @verdaccio/types@4.0.0 * feat: add min password length on npm by defaul is min 7 characters, this might be configurable in the future. * chore: update verdaccio-htpasswd@1.0.1 * refactor: update unit test * refactor: provide friendly error for tfa request * test: api profile unit test * chore: fix eslint comment * test: update profile test * chore: set mim as 3 characters 2018-10-12 11:07:55 +02:00
			`setup([]);`

			`const parseConfigurationProfile = () => {`
			return parseConfigurationFile(`profile/profile`);
			`};`

			`describe('endpoint user profile', () => {`
			`let app;`
			`let mockRegistry;`
chore: add extra timeout for some heavy test 2019-07-27 07:20:30 +02:00			`jest.setTimeout(20000);`
feat: add support for profile cli command #392 (change password) (#1034) * feat: add support for profile cli command #392 - it allows to update password npm profile set password - display current profile npm profile get https://docs.npmjs.com/cli/profile * chore: update @verdaccio/types@4.0.0 * feat: add min password length on npm by defaul is min 7 characters, this might be configurable in the future. * chore: update verdaccio-htpasswd@1.0.1 * refactor: update unit test * refactor: provide friendly error for tfa request * test: api profile unit test * chore: fix eslint comment * test: update profile test * chore: set mim as 3 characters 2018-10-12 11:07:55 +02:00
			`beforeAll(function(done) {`
test: relocate spec test 2019-05-19 22:23:12 +02:00			`const store = path.join(__dirname, '../../partials/store/test-profile-storage');`
feat: add support for profile cli command #392 (change password) (#1034) * feat: add support for profile cli command #392 - it allows to update password npm profile set password - display current profile npm profile get https://docs.npmjs.com/cli/profile * chore: update @verdaccio/types@4.0.0 * feat: add min password length on npm by defaul is min 7 characters, this might be configurable in the future. * chore: update verdaccio-htpasswd@1.0.1 * refactor: update unit test * refactor: provide friendly error for tfa request * test: api profile unit test * chore: fix eslint comment * test: update profile test * chore: set mim as 3 characters 2018-10-12 11:07:55 +02:00			`const mockServerPort = 55544;`
			`rimraf(store, async () => {`
			`const parsedConfig = parseConfigFile(parseConfigurationProfile());`
chore: fix unpublish issues, fix unit test 2019-02-24 23:20:25 +01:00			`const configForTest = _.assign({}, _.cloneDeep(parsedConfig), {`
			`storage: store,`
			`auth: {`
			`htpasswd: {`
test: relocate spec test 2019-05-19 22:23:12 +02:00			`file: './test-profile-storage/.htpasswd-auth-profile'`
chore: fix unpublish issues, fix unit test 2019-02-24 23:20:25 +01:00			`}`
			`},`
			`self_path: store`
			`});`
			`app = await endPointAPI(configForTest);`
feat: add support for profile cli command #392 (change password) (#1034) * feat: add support for profile cli command #392 - it allows to update password npm profile set password - display current profile npm profile get https://docs.npmjs.com/cli/profile * chore: update @verdaccio/types@4.0.0 * feat: add min password length on npm by defaul is min 7 characters, this might be configurable in the future. * chore: update verdaccio-htpasswd@1.0.1 * refactor: update unit test * refactor: provide friendly error for tfa request * test: api profile unit test * chore: fix eslint comment * test: update profile test * chore: set mim as 3 characters 2018-10-12 11:07:55 +02:00			`mockRegistry = await mockServer(mockServerPort).init();`
			`done();`
			`});`
			`});`

			`afterAll(function(done) {`
			`mockRegistry[0].stop();`
			`done();`
			`});`

			`test('should fetch a profile of logged user', async (done) => {`
			`const credentials = { name: 'JotaJWT', password: 'secretPass' };`
			`const token = await getNewToken(request(app), credentials);`
			`const [err1, res1] = await getProfile(request(app), token);`

			`expect(err1).toBeNull();`
			`expect(res1.body.name).toBe(credentials.name);`
			`done();`
			`});`

			`describe('change password', () => {`
			`test('should change password successfully', async (done) => {`
			`const credentials = { name: 'userTest2000', password: 'secretPass000' };`
			`const body = {`
			`password: {`
			`new: '12345678',`
			`old: credentials.password,`
			`}`
			`};`
			`const token = await getNewToken(request(app), credentials);`
			`const [err1, res1] = await postProfile(request(app), body, token);`

			`expect(err1).toBeNull();`
			`expect(res1.body.name).toBe(credentials.name);`
			`done();`
			`});`

			`test('should change password is too short', async (done) => {`
			`const credentials = { name: 'userTest2001', password: 'secretPass001' };`
			`const body = {`
			`password: {`
			`new: 'p1',`
			`old: credentials.password,`
			`}`
			`};`
			`const token = await getNewToken(request(app), credentials);`
			`const [, resp] = await postProfile(request(app), body, token, HTTP_STATUS.UNAUTHORIZED);`

			`expect(resp.error).not.toBeNull();`
			`expect(resp.error.text).toMatch(API_ERROR.PASSWORD_SHORT());`
			`done();`
			`});`
			`});`

			`describe('change tfa', () => {`
			`test('should report TFA is disabled', async (done) => {`
			`const credentials = { name: 'userTest2002', password: 'secretPass002' };`
			`const body = {`
			`tfa: {}`
			`};`
			`const token = await getNewToken(request(app), credentials);`
			`const [, resp] = await postProfile(request(app), body, token, HTTP_STATUS.SERVICE_UNAVAILABLE);`

			`expect(resp.error).not.toBeNull();`
			`expect(resp.error.text).toMatch(SUPPORT_ERRORS.TFA_DISABLED);`
			`done();`
			`});`
			`});`

			`describe('error handling', () => {`
			`test('should forbid to fetch a profile with invalid token', async (done) => {`
			const [, resp] = await getProfile(request(app), `fakeToken`, HTTP_STATUS.UNAUTHORIZED);

			`expect(resp.error).not.toBeNull();`
			`expect(resp.error.text).toMatch(API_ERROR.MUST_BE_LOGGED);`
			`done();`
			`});`

			`test('should forbid to update a profile with invalid token', async (done) => {`
			const [, resp] = await postProfile(request(app), {}, `fakeToken`, HTTP_STATUS.UNAUTHORIZED);

			`expect(resp.error).not.toBeNull();`
			`expect(resp.error.text).toMatch(API_ERROR.MUST_BE_LOGGED);`
			`done();`
			`});`
			`});`
			`});`