Add tests

Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com>
2025-11-03 03:17:11 +00:00 · 2020-05-12 20:46:48 +02:00 · 2020-05-12 20:46:48 +02:00 · ddfb306b44
commit ddfb306b44
parent a4f294f1c4
6 changed files with 182 additions and 13 deletions
--- a/packages/strapi-admin/controllers/Auth.js
+++ b/packages/strapi-admin/controllers/Auth.js
@ -91,7 +91,10 @@ module.exports = {
    }

    try {
-      const admin = await strapi.query('user', 'admin').create(params);
+      const admin = await strapi.query('user', 'admin').create({
+        ...params,
+        isActive: true,
+      });

      admin.isAdmin = true;

--- a/packages/strapi-admin/controllers/authentication.js
+++ b/packages/strapi-admin/controllers/authentication.js
@ -35,13 +35,13 @@ module.exports = {
    const { token } = ctx.request.body;

    if (token === undefined) {
-      return ctx.badRequest('Token is required.');
+      return ctx.badRequest('Missing token');
    }

    const { isValid, payload } = strapi.admin.services.auth.decodeToken(token);

    if (!isValid) {
-      return ctx.badRequest('Invalid token.');
+      return ctx.badRequest('Invalid token');
    }

    ctx.body = {
--- a/packages/strapi-admin/middlewares/auth/index.js
+++ b/packages/strapi-admin/middlewares/auth/index.js
@ -36,11 +36,9 @@ module.exports = strapi => ({

        if (isValid) {
          // request is made by an admin
-          const admin = await strapi
-            .query('administrator', 'admin')
-            .findOne({ id: payload.id }, []);
+          const admin = await strapi.query('user', 'admin').findOne({ id: payload.id }, []);

-          if (!admin || admin.blocked === true) {
+          if (!admin || !(admin.isActive === true)) {
            return ctx.forbidden('Invalid credentials');
          }

--- a/packages/strapi-admin/services/auth.js
+++ b/packages/strapi-admin/services/auth.js
@ -58,24 +58,24 @@ const validatePassword = (password, hash) => bcrypt.compare(password, hash);
 * @param {string} options.password
 */
 const checkCredentials = async ({ email, password }) => {
-  const user = await strapi.query('administrator', 'admin').findOne({ email });
+  const admin = await strapi.query('user', 'admin').findOne({ email });

-  if (!user) {
+  if (!admin) {
    return [null, false, { message: 'Invalid credentials' }];
  }

-  const isValid = await strapi.admin.services.auth.validatePassword(password, user.password);
+  const isValid = await strapi.admin.services.auth.validatePassword(password, admin.password);

  if (!isValid) {
    return [null, false, { message: 'Invalid credentials' }];
  }

  // TODO: change to isActive
-  if (user.blocked === true) {
+  if (!(admin.isActive === true)) {
    return [null, false, { message: 'User not active' }];
  }

-  return [null, user];
+  return [null, admin];
 };

 const decodeToken = token => {
--- a/packages/strapi-admin/test/admin-auth.test.e2e.js
+++ b/packages/strapi-admin/test/admin-auth.test.e2e.js
@ -0,0 +1,168 @@
+// Helpers.
+const { registerAndLogin } = require('../../../test/helpers/auth');
+const { createAuthRequest } = require('../../../test/helpers/request');
+
+let rq;
+
+expect.extend({
+  stringOrNull(received) {
+    const pass = typeof received === 'string' || received === null;
+    if (pass) {
+      return {
+        message: () => `expected ${received} not to be null or a string`,
+        pass: true,
+      };
+    } else {
+      return {
+        message: () => `expected ${received} to be null or a string`,
+        pass: false,
+      };
+    }
+  },
+});
+
+describe('Content Manager End to End', () => {
+  beforeAll(async () => {
+    const token = await registerAndLogin();
+    rq = createAuthRequest(token);
+  }, 60000);
+
+  describe('Login', () => {
+    test('Can connect successfuklly', async () => {
+      const res = await rq({
+        url: '/admin/login',
+        method: 'POST',
+        body: {
+          email: 'admin@strapi.io',
+          password: 'pcw123',
+        },
+      });
+
+      expect(res.statusCode).toBe(200);
+      expect(res.body.data).toMatchObject({
+        token: expect.any(String),
+        user: {
+          firstname: expect.stringOrNull(),
+          lastname: expect.stringOrNull(),
+          username: expect.stringOrNull(),
+          email: expect.any(String),
+          isActive: expect.any(Boolean),
+        },
+      });
+    });
+
+    test('Fails on invalid password', async () => {
+      const res = await rq({
+        url: '/admin/login',
+        method: 'POST',
+        body: {
+          email: 'admin@strapi.io',
+          password: 'wrongPassword',
+        },
+      });
+
+      expect(res.statusCode).toBe(400);
+      expect(res.body).toEqual({
+        statusCode: 400,
+        error: 'Bad Request',
+        message: 'Invalid credentials',
+      });
+    });
+
+    test('Fails on invalid email', async () => {
+      const res = await rq({
+        url: '/admin/login',
+        method: 'POST',
+        body: {
+          email: 'non-existent-user@strapi.io',
+          password: 'pcw123',
+        },
+      });
+
+      expect(res.statusCode).toBe(400);
+      expect(res.body).toEqual({
+        statusCode: 400,
+        error: 'Bad Request',
+        message: 'Invalid credentials',
+      });
+    });
+
+    test('Fails on missing credentials', async () => {
+      const res = await rq({
+        url: '/admin/login',
+        method: 'POST',
+        body: {
+          email: 'non-existent-user@strapi.io',
+        },
+      });
+
+      expect(res.statusCode).toBe(400);
+      expect(res.body).toEqual({
+        statusCode: 400,
+        error: 'Bad Request',
+        message: 'Missing credentials',
+      });
+    });
+  });
+
+  describe('Renew token', () => {
+    test('Renew token', async () => {
+      const authRes = await rq({
+        url: '/admin/login',
+        method: 'POST',
+        body: {
+          email: 'admin@strapi.io',
+          password: 'pcw123',
+        },
+      });
+
+      expect(authRes.statusCode).toBe(200);
+      const { token } = authRes.body.data;
+
+      const res = await rq({
+        url: '/admin/renew-token',
+        method: 'POST',
+        body: {
+          token,
+        },
+      });
+
+      expect(res.statusCode).toBe(200);
+      expect(res.body.data).toEqual({
+        token: expect.any(String),
+      });
+    });
+
+    test('Fails on invalid token', async () => {
+      const res = await rq({
+        url: '/admin/renew-token',
+        method: 'POST',
+        body: {
+          token: 'invalid-token',
+        },
+      });
+
+      expect(res.statusCode).toBe(400);
+      expect(res.body).toEqual({
+        statusCode: 400,
+        error: 'Bad Request',
+        message: 'Invalid token',
+      });
+    });
+
+    test('Fails on missing token', async () => {
+      const res = await rq({
+        url: '/admin/renew-token',
+        method: 'POST',
+        body: {},
+      });
+
+      expect(res.statusCode).toBe(400);
+      expect(res.body).toEqual({
+        statusCode: 400,
+        error: 'Bad Request',
+        message: 'Missing token',
+      });
+    });
+  });
+});
--- a/packages/strapi/lib/core/load-admin.js
+++ b/packages/strapi/lib/core/load-admin.js
@ -8,7 +8,7 @@ module.exports = async () => {
  const adminPath = findPackagePath('strapi-admin');

  const [files, config] = await Promise.all([
-    loadFiles(adminPath, '!(config|node_modules|scripts)/*.*(js|json)'),
+    loadFiles(adminPath, '!(config|node_modules|test|scripts)/*.*(js|json)'),
    loadConfig(adminPath),
  ]);