Fix user service making use of env.SECRET instead of env.APP_SECRET (#…

…1108)

backend/core/src/seed.ts

@@ -53,7 +53,7 @@ async function bootstrap() {
       middleName: "Mid",
       lastName: "Last",
       dob: new Date(),
-      password: "Abcdef1!",
+      password: "abcdef",
       passwordConfirmation: "Abcdef1!",
     })
   )
@@ -67,7 +67,7 @@ async function bootstrap() {
       middleName: "Mid",
       lastName: "Last",
       dob: new Date(),
-      password: "Ghijkl1!",
+      password: "ghijkl",
       passwordConfirmation: "Ghijkl1!",
     })
   )
@@ -81,7 +81,7 @@ async function bootstrap() {
       middleName: "Mid",
       lastName: "Last",
       dob: new Date(),
-      password: "Abcdef1!",
+      password: "abcdef",
       passwordConfirmation: "Abcdef1!",
     })
   )

backend/core/src/seeds/listings.ts

@@ -357,7 +357,7 @@ export const listingSeed1: ListingSeed = {
       middleName: "Middle",
       email: "leasing-agent-1@example.com",
       emailConfirmation: "leasing-agent-1@example.com",
-      password: "Abcdef1!",
+      password: "abcdef",
       passwordConfirmation: "Abcdef1",
       dob: new Date(),
     },

backend/core/src/user/user.service.spec.ts

@@ -16,7 +16,7 @@ describe("UserService", () => {
   let service: UserService
 
   beforeEach(async () => {
-    process.env.SECRET = "SECRET"
+    process.env.APP_SECRET = "SECRET"
     const module: TestingModule = await Test.createTestingModule({
       providers: [
         UserService,

backend/core/src/user/user.service.ts

@@ -88,7 +88,7 @@ export class UserService {
     if (!user) {
       throw new HttpException(USER_ERRORS.TOKEN_MISSING.message, USER_ERRORS.TOKEN_MISSING.status)
     }
-    const payload = decode(dto.token, process.env.SECRET)
+    const payload = decode(dto.token, process.env.APP_SECRET)
     if (moment(payload.expiresAt) < moment()) {
       throw new HttpException(USER_ERRORS.TOKEN_EXPIRED.message, USER_ERRORS.TOKEN_EXPIRED.status)
     }
@@ -115,7 +115,7 @@ export class UserService {
       )
     } else {
       const payload = { id: user.id, expiresAt: moment().add(24, "hours") }
-      const token = encode(payload, process.env.SECRET)
+      const token = encode(payload, process.env.APP_SECRET)
       user.confirmationToken = token
       try {
         await this.repo.save(user)
@@ -139,7 +139,7 @@ export class UserService {
     user.dob = dto.dob
     user.email = dto.email
     const payload = { id: user.id, expiresAt: moment().add(24, "hours") }
-    const token = encode(payload, process.env.SECRET)
+    const token = encode(payload, process.env.APP_SECRET)
     user.confirmationToken = token
     try {
       user.passwordHash = await passwordToHash(password)
@@ -158,7 +158,7 @@ export class UserService {
 
     // Token expires in 24 hours
     const payload = { id: user.id, expiresAt: moment().add(1, "hour") }
-    const token = encode(payload, process.env.SECRET)
+    const token = encode(payload, process.env.APP_SECRET)
     user.resetToken = token
     await this.repo.save(user)
 
@@ -170,7 +170,7 @@ export class UserService {
     if (!user) {
       throw new HttpException(USER_ERRORS.TOKEN_MISSING.message, USER_ERRORS.TOKEN_MISSING.status)
     }
-    const payload = decode(user.resetToken, process.env.SECRET)
+    const payload = decode(user.resetToken, process.env.APP_SECRET)
     if (moment(payload.expiresAt) < moment()) {
       throw new HttpException(USER_ERRORS.TOKEN_EXPIRED.message, USER_ERRORS.TOKEN_EXPIRED.status)
     }

backend/core/test/applications/applications.e2e-spec.ts

@@ -171,22 +171,22 @@ describe("Applications", () => {
       getRepositoryToken(HouseholdMember)
     )
 
-    user1AccessToken = await getUserAccessToken(app, "test@example.com", "Abcdef1!")
+    user1AccessToken = await getUserAccessToken(app, "test@example.com", "abcdef")
 
-    user2AccessToken = await getUserAccessToken(app, "test2@example.com", "Ghijkl1!")
+    user2AccessToken = await getUserAccessToken(app, "test2@example.com", "ghijkl")
 
-    adminAccessToken = await getUserAccessToken(app, "admin@example.com", "Abcdef1!")
+    adminAccessToken = await getUserAccessToken(app, "admin@example.com", "abcdef")
 
     leasingAgent1AccessToken = await getUserAccessToken(
       app,
       "leasing-agent-1@example.com",
-      "Abcdef1!"
+      "abcdef"
     )
 
     leasingAgent2AccessToken = await getUserAccessToken(
       app,
       "leasing-agent-2@example.com",
-      "Abcdef1!"
+      "abcdef"
     )
 
     leasingAgent1Profile = (

backend/core/test/authz/authz.e2e-spec.ts

@@ -26,7 +26,7 @@ describe("Authz", () => {
     app = moduleRef.createNestApplication()
     app = applicationSetup(app)
     await app.init()
-    userAccessToken = await getUserAccessToken(app, "test@example.com", "Abcdef1!")
+    userAccessToken = await getUserAccessToken(app, "test@example.com", "abcdef")
   })
 
   describe("admin endpoints", () => {

backend/core/test/properties/properties.e2e-spec.ts

@@ -34,7 +34,7 @@ describe("Properties", () => {
     app = moduleRef.createNestApplication()
     app = applicationSetup(app)
     await app.init()
-    adminAccesstoken = await getUserAccessToken(app, "admin@example.com", "Abcdef1!")
+    adminAccesstoken = await getUserAccessToken(app, "admin@example.com", "abcdef")
   })
 
   it(`/GET `, async () => {

backend/core/test/user/user.e2e-spec.ts

@@ -45,8 +45,8 @@ describe("Applications", () => {
     app = applicationSetup(app)
     await app.init()
 
-    user1AccessToken = await getUserAccessToken(app, "test@example.com", "Abcdef1!")
-    user2AccessToken = await getUserAccessToken(app, "test2@example.com", "Ghijkl1!")
+    user1AccessToken = await getUserAccessToken(app, "test@example.com", "abcdef")
+    user2AccessToken = await getUserAccessToken(app, "test2@example.com", "ghijkl")
 
     user1Profile = (
       await supertest(app.getHttpServer())