Add test for checking recovery with token

deepjyoti30-st · deepjyoti30-st · commit d81b68513ee3 · 2025-02-10T15:32:32.000+05:30
diff --git a/test/end-to-end/webauthn.helpers.js b/test/end-to-end/webauthn.helpers.js
@@ -63,11 +63,18 @@ export async function signUpAndSendRecoveryEmail(page, email) {
     await openRecoveryAccountPage(page, email, true);
 }
 
-export async function getTokenFromEmail(page, email) {
+export async function getTokenFromEmail(email) {
     // Make an API call to get the token from the email
     // Since the email can contain special characters, we need to encode it
     const encodedEmail = encodeURIComponent(email);
     const response = await fetch(`${TEST_SERVER_BASE_URL}/test/webauthn/get-token?email=${encodedEmail}`);
     const data = await response.json();
     return data.token;
 }
+
+export async function openRecoveryWithToken(page, token) {
+    await Promise.all([
+        page.goto(`${TEST_CLIENT_BASE_URL}/auth/webauthn/recover?token=${token}`),
+        page.waitForNavigation({ waitUntil: "networkidle0" }),
+    ]);
+}
diff --git a/test/end-to-end/webauthn.recover_account.test.js b/test/end-to-end/webauthn.recover_account.test.js
@@ -0,0 +1,108 @@
+import fetch from "isomorphic-fetch";
+import { TEST_SERVER_BASE_URL } from "../constants";
+import {
+    backendBeforeEach,
+    setupBrowser,
+    screenshotOnFailure,
+    clearBrowserCookiesWithoutAffectingConsole,
+    getTestEmail,
+    waitForSTElement,
+} from "../helpers";
+import { openRecoveryWithToken, signUpAndSendRecoveryEmail, getTokenFromEmail } from "./webauthn.helpers";
+import assert from "assert";
+
+describe("SuperTokens Webauthn Recover Account", () => {
+    let browser;
+    let page;
+    let consoleLogs = [];
+    let email;
+
+    before(async function () {
+        await backendBeforeEach();
+
+        await fetch(`${TEST_SERVER_BASE_URL}/startst`, {
+            method: "POST",
+        }).catch(console.error);
+
+        browser = await setupBrowser();
+        page = await browser.newPage();
+        page.on("console", (consoleObj) => {
+            const log = consoleObj.text();
+            if (log.startsWith("ST_LOGS")) {
+                consoleLogs.push(log);
+            }
+        });
+    });
+
+    after(async function () {
+        await browser.close();
+        await fetch(`${TEST_SERVER_BASE_URL}/after`, {
+            method: "POST",
+        }).catch(console.error);
+
+        await fetch(`${TEST_SERVER_BASE_URL}/stopst`, {
+            method: "POST",
+        }).catch(console.error);
+    });
+
+    afterEach(function () {
+        return screenshotOnFailure(this, browser);
+    });
+
+    beforeEach(async function () {
+        consoleLogs = [];
+        consoleLogs = await clearBrowserCookiesWithoutAffectingConsole(page, consoleLogs);
+
+        // Signup and send the recovery email
+        email = await getTestEmail();
+        await signUpAndSendRecoveryEmail(page, email);
+        await new Promise((res) => setTimeout(res, 1000));
+    });
+
+    describe("Recover Account Test", () => {
+        it("should show the recovery token page", async () => {
+            // Get the token from the email
+            const token = await getTokenFromEmail(email);
+            assert.ok(token);
+            assert.strictEqual(token.length, 128);
+
+            // Use the token to recover the account
+            await openRecoveryWithToken(page, token);
+
+            const continueWithPasskeyContainer = await waitForSTElement(page, "[data-supertokens~='headerTitle']");
+            const headerText = await continueWithPasskeyContainer.evaluate((el) => el.textContent);
+
+            // Assert the text contains "Create a passkey"
+            assert.deepStrictEqual(headerText, "Create a passkey");
+
+            assert.deepStrictEqual(consoleLogs, [
+                "ST_LOGS SESSION OVERRIDE ADD_FETCH_INTERCEPTORS_AND_RETURN_MODIFIED_FETCH",
+                "ST_LOGS SESSION OVERRIDE ADD_AXIOS_INTERCEPTORS",
+                "ST_LOGS WEBAUTHN OVERRIDE GET REGISTER OPTIONS WITH SIGN UP",
+                "ST_LOGS WEBAUTHN OVERRIDE GET REGISTER OPTIONS",
+                "ST_LOGS WEBAUTHN PRE_API_HOOKS REGISTER_OPTIONS",
+                "ST_LOGS WEBAUTHN OVERRIDE REGISTER CREDENTIAL",
+                "ST_LOGS WEBAUTHN OVERRIDE SIGN UP",
+                "ST_LOGS WEBAUTHN PRE_API_HOOKS SIGN_UP",
+                "ST_LOGS SESSION ON_HANDLE_EVENT SESSION_CREATED",
+                "ST_LOGS SESSION OVERRIDE GET_USER_ID",
+                "ST_LOGS SUPERTOKENS GET_REDIRECTION_URL SUCCESS undefined",
+                "ST_LOGS SESSION OVERRIDE GET_USER_ID",
+                "ST_LOGS SESSION OVERRIDE SIGN_OUT",
+                "ST_LOGS SESSION PRE_API_HOOKS SIGN_OUT",
+                "ST_LOGS SESSION ON_HANDLE_EVENT SIGN_OUT",
+                "ST_LOGS SESSION OVERRIDE ADD_FETCH_INTERCEPTORS_AND_RETURN_MODIFIED_FETCH",
+                "ST_LOGS SESSION OVERRIDE ADD_AXIOS_INTERCEPTORS",
+                "ST_LOGS WEBAUTHN GET_REDIRECTION_URL SEND_RECOVERY_EMAIL",
+                "ST_LOGS WEBAUTHN OVERRIDE GENERATE RECOVER ACCOUNT TOKEN",
+                "ST_LOGS WEBAUTHN PRE_API_HOOKS GENERATE_RECOVER_ACCOUNT_TOKEN",
+                "ST_LOGS SESSION OVERRIDE ADD_FETCH_INTERCEPTORS_AND_RETURN_MODIFIED_FETCH",
+                "ST_LOGS SESSION OVERRIDE ADD_AXIOS_INTERCEPTORS",
+                "ST_LOGS WEBAUTHN OVERRIDE GET REGISTER OPTIONS",
+                "ST_LOGS WEBAUTHN OVERRIDE GET REGISTER OPTIONS",
+                "ST_LOGS WEBAUTHN PRE_API_HOOKS REGISTER_OPTIONS",
+                "ST_LOGS WEBAUTHN PRE_API_HOOKS REGISTER_OPTIONS",
+            ]);
+        });
+    });
+});
