github.com/voedger/voedger@v0.0.0-20240520144910-273e84102129/pkg/sys/it/impl_changepassword_test.go (about)

     1  /*
     2   * Copyright (c) 2020-present unTill Pro, Ltd.
     3   * @author Denis Gribanov
     4   */
     5  
     6  package sys_it
     7  
     8  import (
     9  	"fmt"
    10  	"testing"
    11  	"time"
    12  
    13  	"github.com/voedger/voedger/pkg/istructs"
    14  	coreutils "github.com/voedger/voedger/pkg/utils"
    15  	it "github.com/voedger/voedger/pkg/vit"
    16  )
    17  
    18  func TestBasicUsage_ChangePassword(t *testing.T) {
    19  	vit := it.NewVIT(t, &it.SharedConfig_App1)
    20  	defer vit.TearDown()
    21  
    22  	loginName := vit.NextName()
    23  	login := vit.SignUp(loginName, "1", istructs.AppQName_test1_app1)
    24  
    25  	// change the password
    26  	// null auth
    27  	newPwd := "2"
    28  	body := fmt.Sprintf(`{"args":{"Login":"%s","AppName":"%s"},"unloggedArgs":{"OldPassword":"1","NewPassword":"%s"}}`, loginName, istructs.AppQName_test1_app1, newPwd)
    29  	vit.PostApp(istructs.AppQName_sys_registry, login.PseudoProfileWSID, "c.registry.ChangePassword", body)
    30  
    31  	// note: previous tokens are still valid after password change
    32  
    33  	// expect no errors on login with new password
    34  	login.Pwd = newPwd
    35  	vit.SignIn(login)
    36  }
    37  
    38  func TestChangePasswordErrors(t *testing.T) {
    39  	vit := it.NewVIT(t, &it.SharedConfig_App1)
    40  	defer vit.TearDown()
    41  
    42  	prn := vit.GetPrincipal(istructs.AppQName_test1_app1, "login") // from VIT config
    43  
    44  	t.Run("login not found", func(t *testing.T) {
    45  		unexistingLogin := vit.NextName()
    46  		body := fmt.Sprintf(`{"args":{"Login":"%s","AppName":"%s"},"unloggedArgs":{"OldPassword":"1","NewPassword":"2"}}`,
    47  			unexistingLogin, istructs.AppQName_test1_app1)
    48  		vit.PostApp(istructs.AppQName_sys_registry, prn.PseudoProfileWSID, "c.registry.ChangePassword", body, coreutils.Expect401())
    49  	})
    50  
    51  	t.Run("wrong password", func(t *testing.T) {
    52  		vit.TimeAdd(time.Minute) // proceed to the next minute to avoid 429 too many requests
    53  		body := fmt.Sprintf(`{"args":{"Login":"%s","AppName":"%s"},"unloggedArgs":{"OldPassword":"2","NewPassword":"3"}}`,
    54  			prn.Login.Name, istructs.AppQName_test1_app1)
    55  		vit.PostApp(istructs.AppQName_sys_registry, prn.PseudoProfileWSID, "c.registry.ChangePassword", body, coreutils.Expect401())
    56  	})
    57  
    58  	t.Run("rate limit exceed", func(t *testing.T) {
    59  		vit.TimeAdd(time.Minute) // proceed to the next minute to avoid 429 too many requests
    60  
    61  		body := fmt.Sprintf(`{"args":{"Login":"%s","AppName":"%s"},"unloggedArgs":{"OldPassword":"2","NewPassword":"3"}}`,
    62  			prn.Login.Name, istructs.AppQName_test1_app1)
    63  		vit.PostApp(istructs.AppQName_sys_registry, prn.PseudoProfileWSID, "c.registry.ChangePassword", body, coreutils.Expect401()) // not 429, wrong password
    64  
    65  		// >1 calls per minute -> 429
    66  		vit.PostApp(istructs.AppQName_sys_registry, prn.PseudoProfileWSID, "c.registry.ChangePassword", body, coreutils.Expect429())
    67  
    68  		// proceed to the next minute -> able to change the password again
    69  		vit.TimeAdd(time.Minute)
    70  		body = fmt.Sprintf(`{"args":{"Login":"%s","AppName":"%s"},"unloggedArgs":{"OldPassword":"2","NewPassword":"3"}}`,
    71  			prn.Login.Name, istructs.AppQName_test1_app1)
    72  		vit.PostApp(istructs.AppQName_sys_registry, prn.PseudoProfileWSID, "c.registry.ChangePassword", body, coreutils.Expect401()) // again not 429, wrong password
    73  	})
    74  }