Move login tests to cloudron route tests

2020-02-10 16:40:07 +01:00
parent d8e0639db4
commit 7f0ad2afa0
2 changed files with 214 additions and 249 deletions
--- a/src/routes/test/cloudron-test.js
+++ b/src/routes/test/cloudron-test.js
@@ -13,8 +13,9 @@ let async = require('async'),
    http = require('http'),
    nock = require('nock'),
    os = require('os'),
-    superagent = require('superagent'),
    server = require('../../server.js'),
+    speakeasy = require('speakeasy'),
+    superagent = require('superagent'),
    settings = require('../../settings.js'),
    tokendb = require('../../tokendb.js');

@@ -207,6 +208,218 @@ describe('Cloudron', function () {
        });
    });

+    describe('login', function () {
+        before(function (done) {
+            async.series([
+                setup,
+                function (callback) {
+                    superagent.post(SERVER_URL + '/api/v1/cloudron/activate')
+                        .query({ setupToken: 'somesetuptoken' })
+                        .send({ username: USERNAME, password: PASSWORD, email: EMAIL })
+                        .end(function (error, result) {
+                            expect(result).to.be.ok();
+
+                            callback();
+                        });
+                },
+            ], done);
+        });
+
+        after(cleanup);
+
+        it('fails without body', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(400);
+                    done();
+                });
+        });
+
+        it('fails without username', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ password: PASSWORD })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(400);
+                    done();
+                });
+        });
+
+        it('fails without password', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ username: USERNAME })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(400);
+                    done();
+                });
+        });
+
+        it('fails with empty username', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ username: '', password: PASSWORD })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(400);
+                    done();
+                });
+        });
+
+        it('fails with empty password', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ username: USERNAME, password: '' })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(400);
+                    done();
+                });
+        });
+
+        it('fails with unknown username', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ username: USERNAME + USERNAME, password: PASSWORD })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(401);
+                    done();
+                });
+        });
+
+        it('fails with unknown email', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ username: USERNAME + EMAIL, password: PASSWORD })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(401);
+                    done();
+                });
+        });
+
+        it('fails with wrong password', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ username: USERNAME, password: PASSWORD.toUpperCase() })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(401);
+                    done();
+                });
+        });
+
+        it('with username succeeds', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ username: USERNAME, password: PASSWORD })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(200);
+                    expect(new Date(result.body.expires).toString()).to.not.be('Invalid Date');
+                    expect(result.body.accessToken).to.be.a('string');
+                    done();
+                });
+        });
+
+        it('with uppercase username succeeds', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ username: USERNAME.toUpperCase(), password: PASSWORD })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(200);
+                    expect(new Date(result.body.expires).toString()).to.not.be('Invalid Date');
+                    expect(result.body.accessToken).to.be.a('string');
+                    done();
+                });
+        });
+
+        it('with email succeeds', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ username: EMAIL, password: PASSWORD })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(200);
+                    expect(new Date(result.body.expires).toString()).to.not.be('Invalid Date');
+                    expect(result.body.accessToken).to.be.a('string');
+                    done();
+                });
+        });
+
+        it('with uppercase email succeeds', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/login')
+                .send({ username: EMAIL.toUpperCase(), password: PASSWORD })
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(200);
+                    expect(new Date(result.body.expires).toString()).to.not.be('Invalid Date');
+                    expect(result.body.accessToken).to.be.a('string');
+                    done();
+                });
+        });
+    });
+
+    describe('2fa login', function () {
+        var secret, accessToken;
+
+        before(function (done) {
+            async.series([
+                setup,
+                function (callback) {
+                    superagent.post(`${SERVER_URL}/api/v1/cloudron/activate`).query({ setupToken: 'somesetuptoken' }).send({ username: USERNAME, password: PASSWORD, email: EMAIL }).end(function (error) {
+                        callback(error);
+                    });
+                },
+                function (callback) {
+                    superagent.post(`${SERVER_URL}/api/v1/cloudron/login`).send({ username: USERNAME, password: PASSWORD }).end(function (error, result) {
+                        accessToken = result.body.accessToken;
+                        callback(error);
+                    });
+                },
+                function (callback) {
+                    superagent.post(`${SERVER_URL}/api/v1/profile/twofactorauthentication`).query({ access_token: accessToken }).end(function (error, result) {
+                        secret = result.body.secret;
+                        callback(error);
+                    });
+                },
+                function (callback) {
+                    var totpToken = speakeasy.totp({
+                        secret: secret,
+                        encoding: 'base32'
+                    });
+
+                    superagent.post(`${SERVER_URL}/api/v1/profile/twofactorauthentication/enable`).query({ access_token: accessToken }).send({ totpToken: totpToken }).end(function (error) {
+                        callback(error);
+                    });
+                }
+            ], done);
+        });
+
+        after(function (done) {
+            async.series([
+                function (callback) {
+                    superagent.post(`${SERVER_URL}/api/v1/profile/twofactorauthentication/disable`).query({ access_token: accessToken }).send({ password: PASSWORD }).end(function (error) {
+                        callback(error);
+                    });
+                },
+                cleanup
+            ], done);
+        });
+
+        it('fails due to missing token', function (done) {
+            superagent.post(`${SERVER_URL}/api/v1/cloudron/login`).send({ username: USERNAME, password: PASSWORD }).end(function (error, result) {
+                expect(result.statusCode).to.equal(401);
+                done();
+            });
+        });
+
+        it('fails due to wrong token', function (done) {
+            superagent.post(`${SERVER_URL}/api/v1/cloudron/login`).send({ username: USERNAME, password: PASSWORD }).send({ totpToken: 'wrongtoken' }).end(function (error, result) {
+                expect(result.statusCode).to.equal(401);
+                done();
+            });
+        });
+
+        it('succeeds', function (done) {
+            var totpToken = speakeasy.totp({
+                secret: secret,
+                encoding: 'base32'
+            });
+
+            superagent.post(`${SERVER_URL}/api/v1/cloudron/login`).send({ username: USERNAME, password: PASSWORD }).send({ totpToken: totpToken }).end(function (error, result) {
+                expect(error).to.be(null);
+                expect(result.statusCode).to.equal(200);
+                expect(result.body).to.be.an(Object);
+                expect(result.body.accessToken).to.be.a('string');
+                done();
+            });
+        });
+    });
+
    describe('logs', function () {
        before(function (done) {
            async.series([