Add more tests

Author: SpaceK33z

packages/graphql-authentication/src/__tests__/mutations.ts

@@ -1,4 +1,4 @@
-import { client, startServer } from './setup';
+import { client, clientWithAuth, startServer, FakeAdapter } from './setup';
 
 test('signup - a new user', async () => {
   const req = client(await startServer());
@@ -25,6 +25,7 @@ test('signup - a new user', async () => {
 
 test('signup - with existent user', async () => {
   const req = client(await startServer());
+  expect.assertions(1);
 
   try {
     await req.request(`mutation {
@@ -39,6 +40,7 @@ test('signup - with existent user', async () => {
 
 test('signup - with weak password', async () => {
   const req = client(await startServer());
+  expect.assertions(1);
 
   try {
     await req.request(`mutation {
@@ -76,6 +78,7 @@ test('login - correct', async () => {
 
 test('login - non-existent user', async () => {
   const req = client(await startServer());
+  expect.assertions(1);
 
   try {
     await req.request(`mutation {
@@ -90,6 +93,7 @@ test('login - non-existent user', async () => {
 
 test('login - wrong password', async () => {
   const req = client(await startServer());
+  expect.assertions(1);
 
   try {
     await req.request(`mutation {
@@ -101,3 +105,118 @@ test('login - wrong password', async () => {
     expect(String(e)).toMatch(/No user found/);
   }
 });
+
+test('update current user data - correct', async () => {
+  const req = clientWithAuth(await startServer());
+
+  const result = await req.request(`mutation {
+    updateCurrentUser(data: {name: "Voldemort"}) {
+      id
+      name
+    }
+  }`);
+
+  expect((result as any).updateCurrentUser).toEqual({
+    id: '2',
+    name: 'Voldemort'
+  });
+});
+
+test('update current user data - wrong old passwd', async () => {
+  const req = clientWithAuth(await startServer());
+  expect.assertions(1);
+
+  try {
+    await req.request(`mutation {
+      changePassword(oldPassword: "testtest3", newPassword: "testtest4") {
+        id
+      }
+    }`);
+  } catch (e) {
+    expect(String(e)).toMatch(/Invalid old password/);
+  }
+});
+
+test('update user password', async () => {
+  const req = clientWithAuth(await startServer());
+
+  const result = await req.request(`mutation {
+    changePassword(oldPassword: "testtest2", newPassword: "testtest3") {
+      id
+    }
+  }`);
+
+  expect((result as any).changePassword).toEqual({
+    id: '2'
+  });
+
+  // Now verify the password has actually been changed correctly.
+  const result2 = await req.request(`mutation {
+    login(email: "[email protected]", password: "testtest3") {
+      user {
+        id
+      }
+    }
+  }`);
+
+  expect((result2 as any).login.user).toEqual({
+    id: '2'
+  });
+});
+
+test('trigger password reset - correct', async () => {
+  const req = clientWithAuth(await startServer());
+  expect.assertions(6);
+  const spy = jest.spyOn(FakeAdapter.prototype, 'updateUserResetToken');
+
+  const result = await req.request(`mutation {
+    triggerPasswordReset(email: "[email protected]") {
+      ok
+    }
+  }`);
+
+  expect(spy).toHaveBeenCalled();
+
+  expect((result as any).triggerPasswordReset).toEqual({
+    ok: true
+  });
+
+  const { resetToken } = await spy.mock.results[0].value;
+  // Verify the resetToken is a UUID
+  expect(resetToken.length).toBe(36);
+
+  const result2 = await req.request(`mutation {
+    passwordReset(email: "[email protected]", password: "testtest4", resetToken: "${resetToken}") {
+      id
+    }
+  }`);
+
+  expect((result2 as any).passwordReset).toEqual({
+    id: '2'
+  });
+
+  const result3 = await req.request(`mutation {
+    login(email: "[email protected]", password: "testtest4") {
+      user {
+        id
+      }
+    }
+  }`);
+
+  expect((result3 as any).login.user).toEqual({
+    id: '2'
+  });
+
+  // Now verify that the resetToken is now invalid
+  try {
+    await req.request(`mutation {
+      passwordReset(email: "[email protected]", password: "badbadbad", resetToken: "${resetToken}") {
+        id
+      }
+    }`);
+  } catch (e) {
+    expect(String(e)).toMatch(/No user found/);
+  }
+
+  spy.mockRestore();
+});

packages/graphql-authentication/src/__tests__/setup.ts

@@ -45,6 +45,21 @@ export class FakeAdapter implements GraphqlAuthenticationAdapter {
     Object.assign(user, data); // iel
     return Promise.resolve(user);
   }
+  async updateUserInfo(ctx: any, userId: string, data: any) {
+    const user = await this.findUserById(ctx, userId);
+    Object.assign(user, data); // iel
+    return Promise.resolve(user);
+  }
+  async updateUserPassword(ctx: any, userId: string, data: any) {
+    const user = await this.findUserById(ctx, userId);
+    user!.password = data.password;
+    return Promise.resolve(user);
+  }
+  async updateUserResetToken(ctx: any, userId: string, data: any) {
+    const user = await this.findUserById(ctx, userId);
+    Object.assign(user, data); // iel
+    return Promise.resolve(user);
+  }
 }
 
 // In nodejs run `require('jsonwebtoken').sign({ userId: '2' }, 'wherearemyshoes')`
@@ -56,6 +71,7 @@ export async function startServer() {
   if (http) {
     await http.close();
   }
+  const adapter = new FakeAdapter() as any;
   const server = new GraphQLServer({
     typeDefs: './schema.graphql',
     resolvers: {
@@ -70,7 +86,7 @@ export async function startServer() {
       ...req,
       graphqlAuthentication: graphqlAuthenticationConfig({
         secret: 'wherearemyshoes',
-        adapter: new FakeAdapter() as any
+        adapter
       })
     })
   });

packages/graphql-authentication/src/mutations.ts

@@ -215,7 +215,7 @@ export const mutations = {
   ) {
     const user = await getUser(ctx);
 
-    const valid = await bcrypt.compare(user.password, oldPassword);
+    const valid = await bcrypt.compare(oldPassword, user.password);
     if (!valid) {
       throw new InvalidOldPasswordError();
     }