jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

auth: add logs when auth fails or succeeds

Browse Source
This commit is contained in:
Girish Ramakrishnan
2025-07-11 17:59:00 +02:00
parent a470b2cd4e
commit 22e23e1e65
8 changed files with 70 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/test/apppasswords-test.js
View File

@@ -54,25 +54,25 @@ describe('App passwords', function () {
});
it('can verify app password', async function () {
const result = await users.verify(admin.id, password, 'appid', {});
const result = await users.verifyWithId(admin.id, password, 'appid', {});
expect(result).to.be.ok();
expect(result.appPassword).to.be(true);
});
it('can verify non-app password', async function () {
const result = await users.verify(admin.id, admin.password, 'appid', {});
const result = await users.verifyWithId(admin.id, admin.password, 'appid', {});
expect(result).to.be.ok();
expect(result.appPassword).to.be(undefined);
});
it('cannot verify bad password', async function () {
const [error, result] = await safe(users.verify(admin.id, 'bad', 'appid', {}));
const [error, result] = await safe(users.verifyWithId(admin.id, 'bad', 'appid', {}));
expect(result).to.not.be.ok();
expect(error.reason).to.be(BoxError.INVALID_CREDENTIALS);
});
it('cannot verify password for another app', async function () {
const [error, result] = await safe(users.verify(admin.id, password, 'appid2', {}));
const [error, result] = await safe(users.verifyWithId(admin.id, password, 'appid2', {}));
expect(result).to.not.be.ok();
expect(error.reason).to.be(BoxError.INVALID_CREDENTIALS);
});
@@ -82,7 +82,7 @@ describe('App passwords', function () {
});
it('cannot verify deleted app password', async function () {
const [error] = await safe(users.verify(admin.id, password, 'appid', {}));
const [error] = await safe(users.verifyWithId(admin.id, password, 'appid', {}));
expect(error.reason).to.be(BoxError.INVALID_CREDENTIALS);
});

24
src/test/users-test.js
View File

@@ -245,43 +245,43 @@ describe('User', function () {
before(createOwner);
it('fails due to non existing user', async function () {
const [error] = await safe(users.verify('somerandomid', 'somepassword', users.AP_WEBADMIN, {}));
const [error] = await safe(users.verifyWithId('somerandomid', 'somepassword', users.AP_WEBADMIN, {}));
expect(error.reason).to.equal(BoxError.NOT_FOUND);
});
it('fails due to empty password', async function () {
const [error] = await safe(users.verify(admin.id, '', users.AP_WEBADMIN, {}));
const [error] = await safe(users.verifyWithId(admin.id, '', users.AP_WEBADMIN, {}));
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
});
it('fails due to wrong password', async function () {
const [error] = await safe(users.verify(admin.id, admin.password+'x', users.AP_WEBADMIN, {}));
const [error] = await safe(users.verifyWithId(admin.id, admin.password+'x', users.AP_WEBADMIN, {}));
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
});
it('succeeds', async function () {
const result = await users.verify(admin.id, admin.password, users.AP_WEBADMIN, {});
const result = await users.verifyWithId(admin.id, admin.password, users.AP_WEBADMIN, {});
expect(result).to.be.ok();
expect(result.appPassword).to.not.be.ok();
expect(result.ghost).to.not.be.ok();
});
it('fails for ghost if not enabled', async function () {
const [error] = await safe(users.verify(admin.id, 'foobar', users.AP_WEBADMIN, {}));
const [error] = await safe(users.verifyWithId(admin.id, 'foobar', users.AP_WEBADMIN, {}));
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
});
it('fails for ghost with wrong password', async function () {
await users.setGhost(admin, 'testpassword', 0);
const [error] = await safe(users.verify(admin.id, 'foobar', users.AP_WEBADMIN, {}));
const [error] = await safe(users.verifyWithId(admin.id, 'foobar', users.AP_WEBADMIN, {}));
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
});
it('succeeds for ghost', async function () {
await users.setGhost(admin, 'testpassword', 0);
const result = await users.verify(admin.id, 'testpassword', users.AP_WEBADMIN, {});
const result = await users.verifyWithId(admin.id, 'testpassword', users.AP_WEBADMIN, {});
expect(result.id).to.equal(admin.id);
expect(result.ghost).to.be(true);
});
@@ -289,7 +289,7 @@ describe('User', function () {
it('succeeds for normal user password when ghost file exists', async function () {
await users.setGhost(admin, 'testpassword', 0);
const result = await users.verify(admin.id, admin.password, users.AP_WEBADMIN, {});
const result = await users.verifyWithId(admin.id, admin.password, users.AP_WEBADMIN, {});
expect(result.id).to.equal(admin.id);
expect(result.ghost).to.not.be.ok();
});
@@ -449,13 +449,13 @@ describe('User', function () {
it('verify fails for inactive user', async function () {
await users.update(admin, { active: false }, auditSource);
const [error] = await safe(users.verify(admin.id, admin.password, users.AP_WEBADMIN, {}));
const [error] = await safe(users.verifyWithId(admin.id, admin.password, users.AP_WEBADMIN, {}));
expect(error.reason).to.equal(BoxError.NOT_FOUND);
});
it('verify succeeds for inactive user', async function () {
await users.update(admin, { active: true }, auditSource);
await users.verify(admin.id, admin.password, users.AP_WEBADMIN, {});
await users.verifyWithId(admin.id, admin.password, users.AP_WEBADMIN, {});
});
});
@@ -517,12 +517,12 @@ describe('User', function () {
});
it('actually changed the password (unable to login with old pasword)', async function () {
const [error] = await safe(users.verify(admin.id, admin.password, users.AP_WEBADMIN, {}));
const [error] = await safe(users.verifyWithId(admin.id, admin.password, users.AP_WEBADMIN, {}));
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
});
it('actually changed the password (login with new password)', async function () {
await users.verify(admin.id, 'ThisIsNew1Password', users.AP_WEBADMIN, {});
await users.verifyWithId(admin.id, 'ThisIsNew1Password', users.AP_WEBADMIN, {});
});
});