mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2025-05-13 14:44:43 -04:00
test(e2e): add tests for too weak passwords
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares
David Mehren
parent
3ba9f95f83
commit
188f206746
1 changed files with 53 additions and 0 deletions
|
|
@ -85,6 +85,20 @@ describe('Register and Login', () => {
|
||||||
.expect(409);
|
.expect(409);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
test('a user cannot create a local account with a weak password', async () => {
|
||||||
|
// register a new user
|
||||||
|
const registrationDto: RegisterDto = {
|
||||||
|
displayName: DISPLAYNAME,
|
||||||
|
password: 'test123',
|
||||||
|
username: USERNAME,
|
||||||
|
};
|
||||||
|
await request(testSetup.app.getHttpServer())
|
||||||
|
.post('/api/private/auth/local')
|
||||||
|
.set('Content-Type', 'application/json')
|
||||||
|
.send(JSON.stringify(registrationDto))
|
||||||
|
.expect(400);
|
||||||
|
});
|
||||||
|
|
||||||
test('a user can create a local account and change the password', async () => {
|
test('a user can create a local account and change the password', async () => {
|
||||||
// register a new user
|
// register a new user
|
||||||
const registrationDto: RegisterDto = {
|
const registrationDto: RegisterDto = {
|
||||||
|
|
@ -140,4 +154,43 @@ describe('Register and Login', () => {
|
||||||
// allowed to request profile now
|
// allowed to request profile now
|
||||||
await session.get('/api/private/me').expect(200);
|
await session.get('/api/private/me').expect(200);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
test('a user can create a local account and cannot change the password to a weak one', async () => {
|
||||||
|
// register a new user
|
||||||
|
const registrationDto: RegisterDto = {
|
||||||
|
displayName: DISPLAYNAME,
|
||||||
|
password: PASSWORD,
|
||||||
|
username: USERNAME,
|
||||||
|
};
|
||||||
|
await request(testSetup.app.getHttpServer())
|
||||||
|
.post('/api/private/auth/local')
|
||||||
|
.set('Content-Type', 'application/json')
|
||||||
|
.send(JSON.stringify(registrationDto))
|
||||||
|
.expect(201);
|
||||||
|
|
||||||
|
// log in with the new user and create a session
|
||||||
|
const loginDto: LoginDto = {
|
||||||
|
password: PASSWORD,
|
||||||
|
username: USERNAME,
|
||||||
|
};
|
||||||
|
const newPassword = 'pasword1';
|
||||||
|
const session = request.agent(testSetup.app.getHttpServer());
|
||||||
|
await session
|
||||||
|
.post('/api/private/auth/local/login')
|
||||||
|
.set('Content-Type', 'application/json')
|
||||||
|
.send(JSON.stringify(loginDto))
|
||||||
|
.expect(201);
|
||||||
|
|
||||||
|
// change the password
|
||||||
|
await session
|
||||||
|
.put('/api/private/auth/local')
|
||||||
|
.set('Content-Type', 'application/json')
|
||||||
|
.send(
|
||||||
|
JSON.stringify({
|
||||||
|
currentPassword: PASSWORD,
|
||||||
|
newPassword: newPassword,
|
||||||
|
}),
|
||||||
|
)
|
||||||
|
.expect(400);
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue