Merge pull request #29 from jhotmann/card-support

Update device config links on password change
jhotmann · Oct 19, 2021 · a3d53e0 · a3d53e0
2 parents 5c7fec3 + 351576a
commit a3d53e0
Show file tree

Hide file tree

Showing 6 changed files with 155 additions and 3 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -2,6 +2,8 @@ FROM node:16
 
 ENV BEHIND_PROXY=true
 ENV NODE_ENV=production
+ENV ADMIN_PASSWORD=pinpointadmin
+ENV JWT_SECRET=pleasechangeme
 
 EXPOSE 8000
 EXPOSE 8888

diff --git a/src/routes/group.test.js b/src/routes/group.test.js
@@ -0,0 +1,60 @@
+const request = require('supertest');
+const app = require('../app');
+const { User } = require('../models/User');
+const { Group } = require('../models/Group');
+
+// Create agents to save cookies
+const jesterAgent = request.agent(app);
+const friendAgent = request.agent(app);
+
+let jester;
+let friend;
+let group;
+
+beforeAll(async () => {
+  // Create test users
+  jester = await User.create('jester-group', 'jester');
+  friend = await User.create('jester-friend', 'jester');
+
+  // Login
+  await jesterAgent.post('/login')
+    .type('form')
+    .send({ username: 'jester-group' })
+    .send({ password: 'jester' });
+
+  await friendAgent.post('/login')
+    .type('form')
+    .send({ username: 'jester-friend' })
+    .send({ password: 'jester' });
+});
+
+afterAll(async () => {
+  // Delete all test groups
+  await Group.remove({ adminId: jester._id }, { multi: true });
+
+  // Delete test users
+  if (jester) await jester.remove();
+  if (friend) await friend.remove();
+});
+
+describe('Create a group', () => {
+  test('A user can create a group that they administer', async () => {
+    const response = await jesterAgent.post('/group/create')
+      .type('form')
+      .send({ groupName: 'Court Jesters' });
+    expect(response.text).toBe('Add Successful');
+    group = await Group.findOne({ name: 'Court Jesters', adminId: jester._id });
+    expect(group).toBeTruthy();
+  });
+});
+
+describe('Invite to group', () => {
+  test('A user can inite user to their groups', async () => {
+    const response = await jesterAgent.post(`/group/${group._id}/invite`)
+      .type('form')
+      .send({ members: friend._id });
+    expect(response.text).toBe('Done');
+    group = await Group.findOne({ name: 'Court Jesters', adminId: jester._id });
+    expect(group.members.length).toBe(2);
+  });
+});
diff --git a/src/routes/logout.test.js b/src/routes/logout.test.js
@@ -0,0 +1,30 @@
+const request = require('supertest');
+const app = require('../app');
+const { User } = require('../models/User');
+
+let jester;
+const jesterAgent = request.agent(app);
+
+beforeAll(async () => {
+  jester = await User.create('jester-logout', 'jester');
+  await jesterAgent.post('/login')
+    .type('form')
+    .send({ username: 'jester-logout' })
+    .send({ password: 'jester' });
+});
+
+afterAll(async () => {
+  if (jester) await jester.remove();
+});
+
+describe('Logout', () => {
+  test('The user should be redirected to the home page', async () => {
+    const response = await jesterAgent.get('/logout');
+    expect(response.statusCode).toBe(302);
+  });
+
+  test('The logged out user should be redirected from the user page', async () => {
+    const response = await jesterAgent.get('/user');
+    expect(response.statusCode).toBe(302);
+  });
+});
diff --git a/src/routes/register.test.js b/src/routes/register.test.js
@@ -0,0 +1,56 @@
+const request = require('supertest');
+const app = require('../app');
+const { User } = require('../models/User');
+const { Registration } = require('../models/Registration');
+
+const registrations = [];
+
+beforeAll(async () => {
+  // Create registration entries
+  registrations.push(await Registration.create());
+  registrations.push(await Registration.create());
+});
+
+afterAll(async () => {
+  // Delete registration entries
+  await Registration.remove({ guid: { $in: registrations } }, { multi: true });
+
+  // Delete new users
+  await User.remove({ username: 'jester-register' });
+});
+
+describe('Get /register page', () => {
+  test('With valid id', async () => {
+    const response = await request(app).get(`/register/${registrations[0]}`);
+    expect(response.statusCode).toBe(200);
+    expect(response.text).toMatch('Pinpoint Registration');
+  });
+
+
+  test('With invalid id', async () => {
+    const response = await request(app).get('/register/abc123');
+    expect(response.text).toBe('Registration Used, please request a new link.');
+  });
+});
+
+describe('Use registration code', () => {
+  test('With valid id', async () => {
+    const response = await request(app).post(`/register/${registrations[0]}`)
+      .type('form')
+      .send({ username: 'jester-register' })
+      .send({ password: 'jester' });
+    expect(response.statusCode).toBe(200);
+    expect(response.text).toBe('Register Successful');
+    expect((await User.find({ username: 'jester-register' })).length).toBe(1);
+  });
+
+
+  test('With invalid id', async () => {
+    const response = await request(app).post(`/register/abc123`)
+      .type('form')
+      .send({ username: 'jester-register2' })
+      .send({ password: 'jester' });
+    expect(response.statusCode).toBe(200);
+    expect(response.text).toBe('Registration Used, please request a new link.');
+  });
+});
diff --git a/src/routes/user.js b/src/routes/user.js
@@ -110,8 +110,12 @@ router.post('/update-friends', userMw.one, devMw.user, async (req, res) => {
 router.post('/reset-password', userMw.one, async (req, res) => {
   const { password } = req.body;
   const hash = await bcrypt.hash(password, 15);
-  const result = await req.User.setPasswordHash(hash);
-  if (result) {
+  const updatedUser = await req.User.setPasswordHash(hash);
+  if (updatedUser) {
+    const devices = await req.User.getDevices();
+    await async.eachSeries(devices, async (device) => {
+      await device.update(device.name, device.initials, device.card, updatedUser);
+    });
     res.send('Reset Successful');
   } else {
     res.send('Error');

diff --git a/src/views/user.html b/src/views/user.html
@@ -173,7 +173,7 @@ <h5 class="modal-title" id="create-group-modal-label">Create Group</h5>
   <div class="modal-dialog">
     <div class="modal-content">
       <div class="modal-header">
-        <h5 class="modal-title" id="reset-password-modal-label">Create Group</h5>
+        <h5 class="modal-title" id="reset-password-modal-label">Change Password</h5>
         <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
       </div>
       <div class="modal-body">