codecombat/test/server/functional/auth.spec.coffee

136 lines
3.8 KiB
CoffeeScript
Raw Normal View History

2014-02-03 15:55:09 -05:00
require '../common'
2014-02-02 18:02:47 -05:00
request = require 'request'
urlLogin = getURL('/auth/login')
urlReset = getURL('/auth/reset')
2014-01-03 13:32:13 -05:00
describe '/auth/whoami', ->
http = require 'http'
it 'returns 200', (done) ->
http.get(getURL('/auth/whoami'), (response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(200)
done()
)
describe '/auth/login', ->
it 'clears Users first', (done) ->
User.remove {}, (err) ->
throw err if err
done()
it 'finds no user', (done) ->
2014-02-02 18:02:47 -05:00
req = request.post(urlLogin, (error, response) ->
2014-01-03 13:32:13 -05:00
expect(response).toBeDefined()
expect(response.statusCode).toBe(401)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
form.append('password', 'nada')
it 'creates a user', (done) ->
req = request.post(getURL('/db/user'),
(error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(200)
done()
)
form = req.form()
form.append('email', 'scott@gmail.com')
form.append('password', 'nada')
it 'finds that created user', (done) ->
2014-02-02 18:02:47 -05:00
req = request.post(urlLogin, (error, response) ->
2014-01-03 13:32:13 -05:00
expect(response).toBeDefined()
expect(response.statusCode).toBe(200)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
form.append('password', 'nada')
it 'rejects wrong passwords', (done) ->
2014-02-02 18:02:47 -05:00
req = request.post(urlLogin, (error, response) ->
2014-01-03 13:32:13 -05:00
expect(response.statusCode).toBe(401)
expect(response.body.indexOf("wrong, wrong")).toBeGreaterThan(-1)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
form.append('password', 'blahblah')
it 'is completely case insensitive', (done) ->
2014-02-02 18:02:47 -05:00
req = request.post(urlLogin, (error, response) ->
2014-01-03 13:32:13 -05:00
expect(response.statusCode).toBe(200)
done()
)
form = req.form()
form.append('username', 'scoTT@gmaIL.com')
2014-02-02 18:02:47 -05:00
form.append('password', 'NaDa')
describe '/auth/reset', ->
passwordReset = ''
it 'emails require', (done) ->
req = request.post(urlReset, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(422)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
it 'can\'t reset an unknow user', (done) ->
req = request.post(urlReset, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(404)
done()
)
form = req.form()
form.append('email', 'unknow')
it 'reset user password', (done) ->
req = request.post(urlReset, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(200)
expect(response.body).toBeDefined()
passwordReset = response.body
done()
)
form = req.form()
form.append('email', 'scott@gmail.com')
it 'can login after resetting', (done) ->
req = request.post(urlLogin, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(200)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
form.append('password', passwordReset)
it 'resetting password is not permanent', (done) ->
req = request.post(urlLogin, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(401)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
form.append('password', passwordReset)
it 'can still login with old password', (done) ->
req = request.post(urlLogin, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(200)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
form.append('password', 'nada')