-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
6 changed files
with
96 additions
and
38 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
import { PassportStrategy } from '@nestjs/passport'; | ||
import { Injectable, UnauthorizedException } from '@nestjs/common'; | ||
import { ExtractJwt, Strategy } from 'passport-jwt'; | ||
import { UsersService } from '@api/modules/users/users.service'; | ||
import { ApiConfigService } from '@api/modules/config/app-config.service'; | ||
import { TOKEN_TYPE_ENUM } from '@shared/schemas/auth/token-type.schema'; | ||
import { Request } from 'express'; | ||
|
||
export type JwtPayload = { id: string }; | ||
|
||
export const EmailConfirmation = 'email-confirmation'; | ||
|
||
@Injectable() | ||
export class EmailConfirmationJwtStrategy extends PassportStrategy( | ||
Strategy, | ||
EmailConfirmation, | ||
) { | ||
constructor( | ||
private readonly userService: UsersService, | ||
private readonly config: ApiConfigService, | ||
) { | ||
const { secret } = config.getJWTConfigByType( | ||
TOKEN_TYPE_ENUM.EMAIL_CONFIRMATION, | ||
); | ||
super({ | ||
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(), | ||
secretOrKey: secret, | ||
}); | ||
} | ||
|
||
async validate(req: Request, payload: JwtPayload) { | ||
const { id } = payload; | ||
const user = await this.userService.findOneBy(id); | ||
if (!user) { | ||
throw new UnauthorizedException(); | ||
} | ||
return user; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,14 +5,19 @@ import { usersContract } from '@shared/contracts/users.contract'; | |
import { ROLES } from '@shared/entities/users/roles.enum'; | ||
import { MockEmailService } from '../../utils/mocks/mock-email.service'; | ||
import { IEmailServiceToken } from '@api/modules/notifications/email/email-service.interface'; | ||
import { JwtManager } from '@api/modules/auth/services/jwt.manager'; | ||
import { User } from '@shared/entities/users/user.entity'; | ||
import { authContract } from '@shared/contracts/auth.contract'; | ||
|
||
describe('Users ME (e2e)', () => { | ||
let testManager: TestManager; | ||
let jwt: JwtManager; | ||
let emailService: MockEmailService; | ||
|
||
beforeAll(async () => { | ||
testManager = await TestManager.createTestManager(); | ||
emailService = testManager.getModule<MockEmailService>(IEmailServiceToken); | ||
jwt = testManager.getModule<JwtManager>(JwtManager); | ||
}); | ||
|
||
beforeEach(async () => { | ||
|
@@ -87,56 +92,37 @@ describe('Users ME (e2e)', () => { | |
.mocks() | ||
.createUser({ email: '[email protected]', role: ROLES.PARTNER }); | ||
|
||
const { jwtToken, password: oldPassword } = | ||
await testManager.logUserIn(user); | ||
const newPassword = 'newPassword'; | ||
const { emailUpdateToken } = await jwt.signEmailUpdateToken(user.id); | ||
const newEmail = '[email protected]'; | ||
const response = await testManager | ||
.request() | ||
.patch(usersContract.updatePassword.path) | ||
.send({ password: oldPassword, newPassword }) | ||
.set('Authorization', `Bearer ${jwtToken}`); | ||
.get(authContract.confirmEmail.path) | ||
.query({ newEmail }) | ||
.set('Authorization', `Bearer ${emailUpdateToken}`); | ||
|
||
expect(response.status).toBe(200); | ||
expect(response.body.data.id).toEqual(user.id); | ||
|
||
const { jwtToken: noToken } = await testManager.logUserIn({ | ||
...user, | ||
password: oldPassword, | ||
}); | ||
expect(noToken).toBeUndefined(); | ||
|
||
const { jwtToken: newToken } = await testManager.logUserIn({ | ||
...user, | ||
password: newPassword, | ||
}); | ||
|
||
expect(newToken).toBeDefined(); | ||
const userWithUpdatedEmail = await testManager | ||
.getDataSource() | ||
.getRepository(User) | ||
.findOneBy({ email: newEmail }); | ||
expect(userWithUpdatedEmail.id).toEqual(user.id); | ||
}); | ||
it('should fail if the email confirmation token is not authorized', async () => { | ||
it('should fail if the new email is already in use', async () => { | ||
const user = await createUser(testManager.getDataSource(), { | ||
email: '[email protected]', | ||
role: ROLES.PARTNER, | ||
}); | ||
|
||
const { jwtToken } = await testManager.logUserIn(user); | ||
const newName = 'newName'; | ||
const response = await testManager | ||
.request() | ||
.patch(usersContract.updateMe.path) | ||
.send({ name: newName }) | ||
.set('Authorization', `Bearer ${jwtToken}`); | ||
expect(response.status).toBe(201); | ||
expect(response.body.data.id).toEqual(user.id); | ||
expect(response.body.data.name).toEqual(newName); | ||
const { emailUpdateToken } = await jwt.signEmailUpdateToken(user.id); | ||
|
||
// Previous token should work after updating the user's email | ||
const userMeResponse = await testManager | ||
const response = await testManager | ||
.request() | ||
.get('/users/me') | ||
.set('Authorization', `Bearer ${jwtToken}`); | ||
.get(authContract.confirmEmail.path) | ||
.query({ newEmail: user.email }) | ||
.set('Authorization', `Bearer ${emailUpdateToken}`); | ||
|
||
expect(userMeResponse.status).toBe(200); | ||
expect(userMeResponse.body.data.name).toEqual(newName); | ||
expect(response.status).toBe(409); | ||
expect(response.body.errors[0].title).toBe('Email already in use'); | ||
}); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters