add changePassword mutation test

2025-12-13 07:45:56 +00:00 · 2019-03-09 14:47:12 +03:00 · 2019-03-09 14:47:12 +03:00 · 8fcefc63bc
commit 8fcefc63bc
parent 4350590697
1 changed files with 197 additions and 117 deletions
--- a/src/resolvers/user_management.spec.js
+++ b/src/resolvers/user_management.spec.js
@ -1,9 +1,9 @@
-import Factory from '../seed/factories'
-import { GraphQLClient, request } from 'graphql-request'
-import jwt from 'jsonwebtoken'
-import { host, login } from '../jest/helpers'
+import Factory from "../seed/factories";
+import { GraphQLClient, request } from "graphql-request";
+import jwt from "jsonwebtoken";
+import { host, login } from "../jest/helpers";

-const factory = Factory()
+const factory = Factory();

 // here is the decoded JWT token:
 // {
@ -21,59 +21,71 @@ const factory = Factory()
 //   iss: 'http://localhost:4000',
 //   sub: 'u3'
 // }
-const jennyRostocksHeaders = { authorization: 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoidXNlciIsImxvY2F0aW9uTmFtZSI6bnVsbCwibmFtZSI6Ikplbm55IFJvc3RvY2siLCJhYm91dCI6bnVsbCwiYXZhdGFyIjoiaHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL3VpZmFjZXMvZmFjZXMvdHdpdHRlci9zYXNoYV9zaGVzdGFrb3YvMTI4LmpwZyIsImlkIjoidTMiLCJlbWFpbCI6InVzZXJAZXhhbXBsZS5vcmciLCJzbHVnIjoiamVubnktcm9zdG9jayIsImlhdCI6MTU1MDg0NjY4MCwiZXhwIjoxNjM3MjQ2NjgwLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjQwMDAiLCJzdWIiOiJ1MyJ9.eZ_mVKas4Wzoc_JrQTEWXyRn7eY64cdIg4vqQ-F_7Jc' }
+const jennyRostocksHeaders = {
+  authorization:
+    "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoidXNlciIsImxvY2F0aW9uTmFtZSI6bnVsbCwibmFtZSI6Ikplbm55IFJvc3RvY2siLCJhYm91dCI6bnVsbCwiYXZhdGFyIjoiaHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL3VpZmFjZXMvZmFjZXMvdHdpdHRlci9zYXNoYV9zaGVzdGFrb3YvMTI4LmpwZyIsImlkIjoidTMiLCJlbWFpbCI6InVzZXJAZXhhbXBsZS5vcmciLCJzbHVnIjoiamVubnktcm9zdG9jayIsImlhdCI6MTU1MDg0NjY4MCwiZXhwIjoxNjM3MjQ2NjgwLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjQwMDAiLCJzdWIiOiJ1MyJ9.eZ_mVKas4Wzoc_JrQTEWXyRn7eY64cdIg4vqQ-F_7Jc"
+};

 beforeEach(async () => {
-  await factory.create('User', {
-    avatar: 'https://s3.amazonaws.com/uifaces/faces/twitter/seyedhossein1/128.jpg',
-    id: 'acb2d923-f3af-479e-9f00-61b12e864666',
-    name: 'Matilde Hermiston',
-    slug: 'matilde-hermiston',
-    role: 'user',
-    email: 'test@example.org',
-    password: '1234'
-  })
-})
+  await factory.create("User", {
+    avatar:
+      "https://s3.amazonaws.com/uifaces/faces/twitter/seyedhossein1/128.jpg",
+    id: "acb2d923-f3af-479e-9f00-61b12e864666",
+    name: "Matilde Hermiston",
+    slug: "matilde-hermiston",
+    role: "user",
+    email: "test@example.org",
+    password: "1234"
+  });
+});

 afterEach(async () => {
-  await factory.cleanDatabase()
-})
+  await factory.cleanDatabase();
+});

-describe('isLoggedIn', () => {
-  const query = '{ isLoggedIn }'
-  describe('unauthenticated', () => {
-    it('returns false', async () => {
-      await expect(request(host, query)).resolves.toEqual({ isLoggedIn: false })
-    })
-  })
+describe("isLoggedIn", () => {
+  const query = "{ isLoggedIn }";
+  describe("unauthenticated", () => {
+    it("returns false", async () => {
+      await expect(request(host, query)).resolves.toEqual({
+        isLoggedIn: false
+      });
+    });
+  });

-  describe('with malformed JWT Bearer token', () => {
-    const headers = { authorization: 'blah' }
-    const client = new GraphQLClient(host, { headers })
+  describe("with malformed JWT Bearer token", () => {
+    const headers = { authorization: "blah" };
+    const client = new GraphQLClient(host, { headers });

-    it('returns false', async () => {
-      await expect(client.request(query)).resolves.toEqual({ isLoggedIn: false })
-    })
-  })
+    it("returns false", async () => {
+      await expect(client.request(query)).resolves.toEqual({
+        isLoggedIn: false
+      });
+    });
+  });

-  describe('with valid JWT Bearer token', () => {
-    const client = new GraphQLClient(host, { headers: jennyRostocksHeaders })
+  describe("with valid JWT Bearer token", () => {
+    const client = new GraphQLClient(host, { headers: jennyRostocksHeaders });

-    it('returns false', async () => {
-      await expect(client.request(query)).resolves.toEqual({ isLoggedIn: false })
-    })
+    it("returns false", async () => {
+      await expect(client.request(query)).resolves.toEqual({
+        isLoggedIn: false
+      });
+    });

-    describe('and a corresponding user in the database', () => {
-      it('returns true', async () => {
+    describe("and a corresponding user in the database", () => {
+      it("returns true", async () => {
        // see the decoded token above
-        await factory.create('User', { id: 'u3' })
-        await expect(client.request(query)).resolves.toEqual({ isLoggedIn: true })
-      })
-    })
-  })
-})
+        await factory.create("User", { id: "u3" });
+        await expect(client.request(query)).resolves.toEqual({
+          isLoggedIn: true
+        });
+      });
+    });
+  });
+});

-describe('currentUser', () => {
+describe("currentUser", () => {
  const query = `{
    currentUser {
      id
@ -83,97 +95,165 @@ describe('currentUser', () => {
      email
      role
    }
-  }`
+  }`;

-  describe('unauthenticated', () => {
-    it('returns null', async () => {
-      const expected = { currentUser: null }
-      await expect(request(host, query)).resolves.toEqual(expected)
-    })
-  })
+  describe("unauthenticated", () => {
+    it("returns null", async () => {
+      const expected = { currentUser: null };
+      await expect(request(host, query)).resolves.toEqual(expected);
+    });
+  });

-  describe('with valid JWT Bearer Token', () => {
-    let client
-    let headers
+  describe("with valid JWT Bearer Token", () => {
+    let client;
+    let headers;

-    describe('but no corresponding user in the database', () => {
+    describe("but no corresponding user in the database", () => {
      beforeEach(async () => {
-        client = new GraphQLClient(host, { headers: jennyRostocksHeaders })
-      })
+        client = new GraphQLClient(host, { headers: jennyRostocksHeaders });
+      });

-      it('returns null', async () => {
-        const expected = { currentUser: null }
-        await expect(client.request(query)).resolves.toEqual(expected)
-      })
-    })
+      it("returns null", async () => {
+        const expected = { currentUser: null };
+        await expect(client.request(query)).resolves.toEqual(expected);
+      });
+    });

-    describe('and corresponding user in the database', () => {
+    describe("and corresponding user in the database", () => {
      beforeEach(async () => {
-        headers = await login({ email: 'test@example.org', password: '1234' })
-        client = new GraphQLClient(host, { headers })
-      })
+        headers = await login({ email: "test@example.org", password: "1234" });
+        client = new GraphQLClient(host, { headers });
+      });

-      it('returns the whole user object', async () => {
+      it("returns the whole user object", async () => {
        const expected = {
          currentUser: {
-            avatar: 'https://s3.amazonaws.com/uifaces/faces/twitter/seyedhossein1/128.jpg',
-            email: 'test@example.org',
-            id: 'acb2d923-f3af-479e-9f00-61b12e864666',
-            name: 'Matilde Hermiston',
-            slug: 'matilde-hermiston',
-            role: 'user'
+            avatar:
+              "https://s3.amazonaws.com/uifaces/faces/twitter/seyedhossein1/128.jpg",
+            email: "test@example.org",
+            id: "acb2d923-f3af-479e-9f00-61b12e864666",
+            name: "Matilde Hermiston",
+            slug: "matilde-hermiston",
+            role: "user"
          }
-        }
-        await expect(client.request(query)).resolves.toEqual(expected)
-      })
-    })
-  })
-})
+        };
+        await expect(client.request(query)).resolves.toEqual(expected);
+      });
+    });
+  });
+});

-describe('login', () => {
-  const mutation = (params) => {
-    const { email, password } = params
+describe("login", () => {
+  const mutation = params => {
+    const { email, password } = params;
    return `
      mutation {
        login(email:"${email}", password:"${password}")
-      }`
-  }
+      }`;
+  };

-  describe('ask for a `token`', () => {
-    describe('with valid email/password combination', () => {
-      it('responds with a JWT token', async () => {
-        const data = await request(host, mutation({
-          email: 'test@example.org',
-          password: '1234'
-        }))
-        const token = data.login
+  describe("ask for a `token`", () => {
+    describe("with valid email/password combination", () => {
+      it("responds with a JWT token", async () => {
+        const data = await request(
+          host,
+          mutation({
+            email: "test@example.org",
+            password: "1234"
+          })
+        );
+        const token = data.login;
        jwt.verify(token, process.env.JWT_SECRET, (err, data) => {
-          expect(data.email).toEqual('test@example.org')
-          expect(err).toBeNull()
-        })
-      })
-    })
+          expect(data.email).toEqual("test@example.org");
+          expect(err).toBeNull();
+        });
+      });
+    });

-    describe('with a valid email but incorrect password', () => {
+    describe("with a valid email but incorrect password", () => {
      it('responds with "Incorrect email address or password."', async () => {
        await expect(
-          request(host, mutation({
-            email: 'test@example.org',
-            password: 'wrong'
-          }))
-        ).rejects.toThrow('Incorrect email address or password.')
-      })
-    })
+          request(
+            host,
+            mutation({
+              email: "test@example.org",
+              password: "wrong"
+            })
+          )
+        ).rejects.toThrow("Incorrect email address or password.");
+      });
+    });

-    describe('with a non-existing email', () => {
+    describe("with a non-existing email", () => {
      it('responds with "Incorrect email address or password."', async () => {
        await expect(
-          request(host, mutation({
-            email: 'non-existent@example.org',
-            password: 'wrong'
-          }))
-        ).rejects.toThrow('Incorrect email address or password.')
-      })
-    })
-  })
-})
+          request(
+            host,
+            mutation({
+              email: "non-existent@example.org",
+              password: "wrong"
+            })
+          )
+        ).rejects.toThrow("Incorrect email address or password.");
+      });
+    });
+  });
+});
+
+describe("change password", () => {
+  let headers;
+  let client;
+
+  beforeEach(async () => {
+    headers = await login({ email: "test@example.org", password: "1234" });
+    client = new GraphQLClient(host, { headers });
+  });
+
+  const mutation = params => {
+    const { oldPassword, newPassword } = params;
+    return `
+      mutation {
+        changePassword(oldPassword:"${oldPassword}", newPassword:"${newPassword}")
+      }`;
+  };
+
+  describe("should be authenticated before changing password", () => {
+    it('should throw not "Not Authorised!', async () => {
+      await expect(
+        request(
+          host,
+          mutation({
+            oldPassword: "1234",
+            newPassword: "1234"
+          })
+        )
+      ).rejects.toThrow("Not Authorised!");
+    });
+  });
+
+  describe("old and new password should not match", () => {
+    it('responds with "Old password and New password should not be same"', async () => {
+      await expect(
+        client.request(
+          mutation({
+            oldPassword: "1234",
+            newPassword: "1234"
+          })
+        )
+      ).rejects.toThrow("Old password and New password should not be same");
+    });
+  });
+
+  describe("incorrect old password", () => {
+    it('responds with "Old password isn\'t valid"', async () => {
+      await expect(
+        client.request(
+          mutation({
+            oldPassword: "notOldPassword",
+            newPassword: "12345"
+          })
+        )
+      ).rejects.toThrow("Old password isn't valid");
+    });
+  });
+});