strapi/packages/strapi-admin/test/admin-auth.test.e2e.js

'use strict';

// Helpers.
const { registerAndLogin } = require('../../../test/helpers/auth');
const { createAuthRequest } = require('../../../test/helpers/request');

const edition = process.env.STRAPI_DISABLE_EE === 'true' ? 'CE' : 'EE';

let rq;

const createAuthRole = async () => {
  const res = await rq({
    url: '/admin/roles',
    method: 'POST',
    body: {
      name: 'auth_test_role',
      description: 'Only used for auth crud test (e2e)',
    },
  });

  return res && res.body && res.body.data;
};

let internals = {
  users: [],
  role: null,
};

describe('Admin Auth End to End', () => {
  const createUser = async data => {
    const res = await rq({
      url: '/admin/users',
      method: 'POST',
      body: {
        roles: [internals.role.id],
        ...data,
      },
    });

    internals.users.push(res.body.data);
    return res;
  };

  beforeAll(async () => {
    const token = await registerAndLogin();
    rq = createAuthRequest(token);

    if (edition === 'EE') {
      internals.role = await createAuthRole();
    } else {
      internals.role = (
        await rq({
          url: '/admin/roles',
          method: 'GET',
        })
      ).body.data[0];
    }
  }, 60000);

  afterAll(async () => {
    await Promise.all(
      internals.users.map(u =>
        rq({
          url: `/admin/users/${u.id}`,
          method: 'DELETE',
        })
      )
    );

    await rq({
      url: `/admin/roles/${internals.role.id}`,
      method: 'DELETE',
    });
  }, 60000);

  describe('Login', () => {
    test('Can connect successfully', async () => {
      const res = await rq({
        url: '/admin/login',
        method: 'POST',
        body: {
          email: 'admin@strapi.io',
          password: 'Password123',
        },
      });

      expect(res.statusCode).toBe(200);
      expect(res.body.data).toMatchObject({
        token: expect.any(String),
        user: {
          firstname: expect.stringOrNull(),
          lastname: expect.stringOrNull(),
          username: expect.stringOrNull(),
          email: expect.any(String),
          isActive: expect.any(Boolean),
        },
      });
    });

    test('Fails on invalid password', async () => {
      const res = await rq({
        url: '/admin/login',
        method: 'POST',
        body: {
          email: 'admin@strapi.io',
          password: 'wrongPassword',
        },
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'Invalid credentials',
      });
    });

    test('Fails on invalid email', async () => {
      const res = await rq({
        url: '/admin/login',
        method: 'POST',
        body: {
          email: 'non-existent-user@strapi.io',
          password: 'pcw123',
        },
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'Invalid credentials',
      });
    });

    test('Fails on missing credentials', async () => {
      const res = await rq({
        url: '/admin/login',
        method: 'POST',
        body: {
          email: 'non-existent-user@strapi.io',
        },
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'Missing credentials',
      });
    });
  });

  describe('Renew token', () => {
    test('Renew token', async () => {
      const authRes = await rq({
        url: '/admin/login',
        method: 'POST',
        body: {
          email: 'admin@strapi.io',
          password: 'Password123',
        },
      });

      expect(authRes.statusCode).toBe(200);
      const { token } = authRes.body.data;

      const res = await rq({
        url: '/admin/renew-token',
        method: 'POST',
        body: {
          token,
        },
      });

      expect(res.statusCode).toBe(200);
      expect(res.body.data).toEqual({
        token: expect.any(String),
      });
    });

    test('Fails on invalid token', async () => {
      const res = await rq({
        url: '/admin/renew-token',
        method: 'POST',
        body: {
          token: 'invalid-token',
        },
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'Invalid token',
      });
    });

    test('Fails on missing token', async () => {
      const res = await rq({
        url: '/admin/renew-token',
        method: 'POST',
        body: {},
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'Missing token',
      });
    });
  });

  describe('GET /registration-info', () => {
    test('Returns registration info', async () => {
      const user = {
        email: 'test@strapi.io',
        firstname: 'test',
        lastname: 'strapi',
      };
      const createRes = await createUser(user);

      const token = createRes.body.data.registrationToken;

      const res = await rq({
        url: `/admin/registration-info?registrationToken=${token}`,
        method: 'GET',
        body: {},
      });

      expect(res.statusCode).toBe(200);
      expect(res.body).toEqual({
        data: {
          email: user.email,
          firstname: user.firstname,
          lastname: user.lastname,
        },
      });
    });

    test('Fails on missing registration token', async () => {
      const res = await rq({
        url: '/admin/registration-info',
        method: 'GET',
        body: {},
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'QueryError',
        data: {
          registrationToken: ['registrationToken is a required field'],
        },
      });
    });

    test('Fails on invalid registration token. Without too much info', async () => {
      const res = await rq({
        url: '/admin/registration-info?registrationToken=ABCD',
        method: 'GET',
        body: {},
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'Invalid registrationToken',
      });
    });
  });

  describe('GET /register', () => {
    test('Fails on missing payload', async () => {
      const res = await rq({
        url: '/admin/register',
        method: 'POST',
        body: {
          userInfo: {},
        },
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'ValidationError',
        data: {
          registrationToken: ['registrationToken is a required field'],

          'userInfo.firstname': ['userInfo.firstname is a required field'],
          'userInfo.lastname': ['userInfo.lastname is a required field'],
          'userInfo.password': ['userInfo.password is a required field'],
        },
      });
    });

    test('Fails on invalid password', async () => {
      const user = {
        email: 'test1@strapi.io', // FIXME: Have to increment emails until we can delete the users after each test
        firstname: 'test',
        lastname: 'strapi',
      };
      const createRes = await createUser(user);

      const registrationToken = createRes.body.data.registrationToken;

      const res = await rq({
        url: '/admin/register',
        method: 'POST',
        body: {
          registrationToken,
          userInfo: {
            firstname: 'test',
            lastname: 'Strapi',
            password: '123',
          },
        },
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'ValidationError',
        data: {
          'userInfo.password': ['userInfo.password must contain at least one uppercase character'],
        },
      });
    });

    test('Registers user correctly', async () => {
      const user = {
        email: 'test2@strapi.io', // FIXME: Have to increment emails until we can delete the users after each test
        firstname: 'test',
        lastname: 'strapi',
      };
      const createRes = await createUser(user);

      const registrationToken = createRes.body.data.registrationToken;

      const userInfo = {
        firstname: 'test',
        lastname: 'Strapi',
        password: '1Test2azda3',
      };

      const res = await rq({
        url: '/admin/register',
        method: 'POST',
        body: {
          registrationToken,
          userInfo,
        },
      });

      expect(res.statusCode).toBe(200);
      expect(res.body.data).toMatchObject({
        token: expect.any(String),
        user: {
          email: user.email,
          firstname: 'test',
          lastname: 'Strapi',
        },
      });

      expect(res.body.data.user.password === userInfo.password).toBe(false);
    });
  });

  describe('GET /register-admin', () => {
    test('Fails on missing payload', async () => {
      const res = await rq({
        url: '/admin/register-admin',
        method: 'POST',
        body: {},
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'ValidationError',
        data: {
          email: ['email is a required field'],
          firstname: ['firstname is a required field'],
          lastname: ['lastname is a required field'],
          password: ['password is a required field'],
        },
      });
    });

    test('Fails on invalid password', async () => {
      const res = await rq({
        url: '/admin/register-admin',
        method: 'POST',
        body: {
          email: 'test@strapi.io',
          firstname: 'test',
          lastname: 'Strapi',
          password: '123',
        },
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'ValidationError',
        data: {
          password: ['password must contain at least one uppercase character'],
        },
      });
    });

    test('Fails if already a user', async () => {
      const userInfo = {
        email: 'test-admin@strapi.io',
        firstname: 'test',
        lastname: 'Strapi',
        password: '1Test2azda3',
      };

      const res = await rq({
        url: '/admin/register-admin',
        method: 'POST',
        body: userInfo,
      });

      expect(res.statusCode).toBe(400);
      expect(res.body).toEqual({
        statusCode: 400,
        error: 'Bad Request',
        message: 'You cannot register a new super admin',
      });
    });
  });

  describe('POST /forgot-password', () => {
    test('Always returns en empty response', async () => {
      const res = await rq({
        url: '/admin/forgot-password',
        method: 'POST',
        body: {
          email: 'admin@strapi.io',
        },
      });

      expect(res.statusCode).toBe(204);
      expect(res.body).toEqual();

      const nonExistentRes = await rq({
        url: '/admin/forgot-password',
        method: 'POST',
        body: {
          email: 'email-do-not-exist@strapi.io',
        },
      });

      expect(nonExistentRes.statusCode).toBe(204);
      expect(nonExistentRes.body).toEqual();
    });
  });
});
add use strict Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-06-09 11:48:49 +02:00			`'use strict';`

Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 20:46:48 +02:00			`// Helpers.`
			`const { registerAndLogin } = require('../../../test/helpers/auth');`
			`const { createAuthRequest } = require('../../../test/helpers/request');`

Fix CE tests for travis (#7218) * Fix CE tests for travis Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> * Start app in CE too Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> * Cleanup Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-29 13:24:27 +02:00			`const edition = process.env.STRAPI_DISABLE_EE === 'true' ? 'CE' : 'EE';`

Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 20:46:48 +02:00			`let rq;`

Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00			`const createAuthRole = async () => {`
			`const res = await rq({`
			`url: '/admin/roles',`
Add registration info route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 16:07:37 +02:00			`method: 'POST',`
			`body: {`
Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00			`name: 'auth_test_role',`
			`description: 'Only used for auth crud test (e2e)',`
Add registration info route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 16:07:37 +02:00			`},`
			`});`
Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00
			`return res && res.body && res.body.data;`
Add registration info route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 16:07:37 +02:00			`};`

Fix test Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-22 15:17:23 +02:00			`let internals = {`
			`users: [],`
			`role: null,`
			`};`
Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00
Fix test Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-22 15:17:23 +02:00			`describe('Admin Auth End to End', () => {`
			`const createUser = async data => {`
			`const res = await rq({`
Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00			`url: '/admin/users',`
			`method: 'POST',`
			`body: {`
Fix test Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-22 15:17:23 +02:00			`roles: [internals.role.id],`
Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00			`...data,`
			`},`
			`});`
Fix test Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-22 15:17:23 +02:00
			`internals.users.push(res.body.data);`
			`return res;`
Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00			`};`

Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 20:46:48 +02:00			`beforeAll(async () => {`
			`const token = await registerAndLogin();`
			`rq = createAuthRequest(token);`
Fix CE tests for travis (#7218) * Fix CE tests for travis Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> * Start app in CE too Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> * Cleanup Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-29 13:24:27 +02:00
			`if (edition === 'EE') {`
			`internals.role = await createAuthRole();`
			`} else {`
			`internals.role = (`
			`await rq({`
			`url: '/admin/roles',`
			`method: 'GET',`
			`})`
			`).body.data[0];`
			`}`
Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00			`}, 60000);`

			`afterAll(async () => {`
Fix test Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-22 15:17:23 +02:00			`await Promise.all(`
			`internals.users.map(u =>`
			`rq({`
			url: `/admin/users/${u.id}`,
			`method: 'DELETE',`
			`})`
			`)`
			`);`

Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00			`await rq({`
Fix test Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-07-22 15:17:23 +02:00			url: `/admin/roles/${internals.role.id}`,
Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00			`method: 'DELETE',`
			`});`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 20:46:48 +02:00			`}, 60000);`

			`describe('Login', () => {`
Fix PR: Refactor user e2e tests, fix domain logic, add user::deleteOne route 2020-06-04 10:25:02 +02:00			`test('Can connect successfully', async () => {`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 20:46:48 +02:00			`const res = await rq({`
			`url: '/admin/login',`
			`method: 'POST',`
			`body: {`
			`email: 'admin@strapi.io',`
Add admin registeration API Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-22 11:15:06 +02:00			`password: 'Password123',`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 20:46:48 +02:00			`},`
			`});`

			`expect(res.statusCode).toBe(200);`
			`expect(res.body.data).toMatchObject({`
			`token: expect.any(String),`
			`user: {`
			`firstname: expect.stringOrNull(),`
			`lastname: expect.stringOrNull(),`
			`username: expect.stringOrNull(),`
			`email: expect.any(String),`
			`isActive: expect.any(Boolean),`
			`},`
			`});`
			`});`

			`test('Fails on invalid password', async () => {`
			`const res = await rq({`
			`url: '/admin/login',`
			`method: 'POST',`
			`body: {`
			`email: 'admin@strapi.io',`
			`password: 'wrongPassword',`
			`},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'Invalid credentials',`
			`});`
			`});`

			`test('Fails on invalid email', async () => {`
			`const res = await rq({`
			`url: '/admin/login',`
			`method: 'POST',`
			`body: {`
			`email: 'non-existent-user@strapi.io',`
			`password: 'pcw123',`
			`},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'Invalid credentials',`
			`});`
			`});`

			`test('Fails on missing credentials', async () => {`
			`const res = await rq({`
			`url: '/admin/login',`
			`method: 'POST',`
			`body: {`
			`email: 'non-existent-user@strapi.io',`
			`},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'Missing credentials',`
			`});`
			`});`
			`});`

			`describe('Renew token', () => {`
			`test('Renew token', async () => {`
			`const authRes = await rq({`
			`url: '/admin/login',`
			`method: 'POST',`
			`body: {`
			`email: 'admin@strapi.io',`
Add admin registeration API Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-22 11:15:06 +02:00			`password: 'Password123',`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 20:46:48 +02:00			`},`
			`});`

			`expect(authRes.statusCode).toBe(200);`
			`const { token } = authRes.body.data;`

			`const res = await rq({`
			`url: '/admin/renew-token',`
			`method: 'POST',`
			`body: {`
			`token,`
			`},`
			`});`

			`expect(res.statusCode).toBe(200);`
			`expect(res.body.data).toEqual({`
			`token: expect.any(String),`
			`});`
			`});`

			`test('Fails on invalid token', async () => {`
			`const res = await rq({`
			`url: '/admin/renew-token',`
			`method: 'POST',`
			`body: {`
			`token: 'invalid-token',`
			`},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'Invalid token',`
			`});`
			`});`

			`test('Fails on missing token', async () => {`
			`const res = await rq({`
			`url: '/admin/renew-token',`
			`method: 'POST',`
			`body: {},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'Missing token',`
			`});`
			`});`
			`});`
Add registration info route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 16:07:37 +02:00
			`describe('GET /registration-info', () => {`
			`test('Returns registration info', async () => {`
			`const user = {`
			`email: 'test@strapi.io',`
			`firstname: 'test',`
			`lastname: 'strapi',`
			`};`
			`const createRes = await createUser(user);`

			`const token = createRes.body.data.registrationToken;`

			`const res = await rq({`
			url: `/admin/registration-info?registrationToken=${token}`,
			`method: 'GET',`
			`body: {},`
			`});`

			`expect(res.statusCode).toBe(200);`
			`expect(res.body).toEqual({`
			`data: {`
			`email: user.email,`
			`firstname: user.firstname,`
			`lastname: user.lastname,`
			`},`
			`});`
			`});`

			`test('Fails on missing registration token', async () => {`
			`const res = await rq({`
			`url: '/admin/registration-info',`
			`method: 'GET',`
			`body: {},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
Add QueryError and remove useless code Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 20:08:03 +02:00			`message: 'QueryError',`
			`data: {`
			`registrationToken: ['registrationToken is a required field'],`
			`},`
Add registration info route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 16:07:37 +02:00			`});`
			`});`

			`test('Fails on invalid registration token. Without too much info', async () => {`
			`const res = await rq({`
			`url: '/admin/registration-info?registrationToken=ABCD',`
			`method: 'GET',`
			`body: {},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'Invalid registrationToken',`
			`});`
			`});`
			`});`
Add register route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 17:16:49 +02:00
			`describe('GET /register', () => {`
			`test('Fails on missing payload', async () => {`
			`const res = await rq({`
			`url: '/admin/register',`
			`method: 'POST',`
			`body: {`
			`userInfo: {},`
			`},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'ValidationError',`
			`data: {`
			`registrationToken: ['registrationToken is a required field'],`

			`'userInfo.firstname': ['userInfo.firstname is a required field'],`
			`'userInfo.lastname': ['userInfo.lastname is a required field'],`
			`'userInfo.password': ['userInfo.password is a required field'],`
			`},`
			`});`
			`});`

			`test('Fails on invalid password', async () => {`
			`const user = {`
			`email: 'test1@strapi.io', // FIXME: Have to increment emails until we can delete the users after each test`
			`firstname: 'test',`
			`lastname: 'strapi',`
			`};`
			`const createRes = await createUser(user);`

			`const registrationToken = createRes.body.data.registrationToken;`

			`const res = await rq({`
			`url: '/admin/register',`
			`method: 'POST',`
			`body: {`
			`registrationToken,`
			`userInfo: {`
			`firstname: 'test',`
			`lastname: 'Strapi',`
			`password: '123',`
			`},`
			`},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'ValidationError',`
			`data: {`
			`'userInfo.password': ['userInfo.password must contain at least one uppercase character'],`
			`},`
			`});`
			`});`

			`test('Registers user correctly', async () => {`
			`const user = {`
			`email: 'test2@strapi.io', // FIXME: Have to increment emails until we can delete the users after each test`
			`firstname: 'test',`
			`lastname: 'strapi',`
			`};`
			`const createRes = await createUser(user);`

			`const registrationToken = createRes.body.data.registrationToken;`

			`const userInfo = {`
			`firstname: 'test',`
			`lastname: 'Strapi',`
			`password: '1Test2azda3',`
			`};`

			`const res = await rq({`
			`url: '/admin/register',`
			`method: 'POST',`
			`body: {`
			`registrationToken,`
			`userInfo,`
			`},`
			`});`

			`expect(res.statusCode).toBe(200);`
Add QueryError and remove useless code Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 20:08:03 +02:00			`expect(res.body.data).toMatchObject({`
Add register route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 17:16:49 +02:00			`token: expect.any(String),`
			`user: {`
			`email: user.email,`
Add QueryError and remove useless code Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 20:08:03 +02:00			`firstname: 'test',`
			`lastname: 'Strapi',`
Add register route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 17:16:49 +02:00			`},`
			`});`

			`expect(res.body.data.user.password === userInfo.password).toBe(false);`
			`});`
			`});`
Add admin registeration API Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-22 11:15:06 +02:00
			`describe('GET /register-admin', () => {`
			`test('Fails on missing payload', async () => {`
			`const res = await rq({`
			`url: '/admin/register-admin',`
			`method: 'POST',`
			`body: {},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'ValidationError',`
			`data: {`
			`email: ['email is a required field'],`
			`firstname: ['firstname is a required field'],`
			`lastname: ['lastname is a required field'],`
			`password: ['password is a required field'],`
			`},`
			`});`
			`});`

			`test('Fails on invalid password', async () => {`
			`const res = await rq({`
			`url: '/admin/register-admin',`
			`method: 'POST',`
			`body: {`
			`email: 'test@strapi.io',`
			`firstname: 'test',`
			`lastname: 'Strapi',`
			`password: '123',`
			`},`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'ValidationError',`
			`data: {`
			`password: ['password must contain at least one uppercase character'],`
			`},`
			`});`
			`});`

			`test('Fails if already a user', async () => {`
			`const userInfo = {`
			`email: 'test-admin@strapi.io',`
			`firstname: 'test',`
			`lastname: 'Strapi',`
			`password: '1Test2azda3',`
			`};`

			`const res = await rq({`
			`url: '/admin/register-admin',`
			`method: 'POST',`
			`body: userInfo,`
			`});`

			`expect(res.statusCode).toBe(400);`
			`expect(res.body).toEqual({`
			`statusCode: 400,`
			`error: 'Bad Request',`
			`message: 'You cannot register a new super admin',`
			`});`
			`});`
			`});`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-22 16:01:34 +02:00
			`describe('POST /forgot-password', () => {`
			`test('Always returns en empty response', async () => {`
			`const res = await rq({`
			`url: '/admin/forgot-password',`
			`method: 'POST',`
			`body: {`
			`email: 'admin@strapi.io',`
			`},`
			`});`

			`expect(res.statusCode).toBe(204);`
			`expect(res.body).toEqual();`

			`const nonExistentRes = await rq({`
			`url: '/admin/forgot-password',`
			`method: 'POST',`
			`body: {`
			`email: 'email-do-not-exist@strapi.io',`
			`},`
			`});`

			`expect(nonExistentRes.statusCode).toBe(204);`
			`expect(nonExistentRes.body).toEqual();`
			`});`
			`});`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-12 20:46:48 +02:00			`});`