n8n/packages/cli/test/unit/services/user.service.test.ts

import Container from 'typedi';
import jwt from 'jsonwebtoken';
import { Logger } from '@/Logger';
import config from '@/config';
import { User } from '@db/entities/User';
import { UserRepository } from '@db/repositories/user.repository';
import { UserService } from '@/services/user.service';
import { mockInstance } from '../../shared/mocking';
import { RoleService } from '@/services/role.service';

describe('UserService', () => {
	config.set('userManagement.jwtSecret', 'random-secret');

	mockInstance(Logger);
	const repository = mockInstance(UserRepository);
	mockInstance(RoleService);
	const service = Container.get(UserService);
	const testUser = Object.assign(new User(), {
		id: '1234',
		password: 'passwordHash',
		mfaEnabled: false,
	});

	beforeEach(() => {
		jest.resetAllMocks();
	});

	describe('generatePasswordResetToken', () => {
		it('should generate valid password-reset tokens', () => {
			const token = service.generatePasswordResetToken(testUser);
			const decoded = jwt.decode(token) as jwt.JwtPayload;
			expect(decoded.sub).toEqual(testUser.id);
			expect(decoded.exp! - decoded.iat!).toEqual(1200); // Expires in 20 minutes
			expect(decoded.passwordSha).toEqual(
				'31513c5a9e3c5afe5c06d5675ace74e8bc3fadd9744ab5d89c311f2a62ccbd39',
			);
		});
	});

	describe('resolvePasswordResetToken', () => {
		it('should not return a user if the token in invalid', async () => {
			const user = await service.resolvePasswordResetToken('invalid-token');
			expect(user).toBeUndefined();
		});

		it('should not return a user if the token in expired', async () => {
			const token = service.generatePasswordResetToken(testUser, '-1h');
			const user = await service.resolvePasswordResetToken(token);
			expect(user).toBeUndefined();
		});

		it('should not return a user if the user does not exist in the DB', async () => {
			repository.findOne.mockResolvedValueOnce(null);
			const token = service.generatePasswordResetToken(testUser);
			const user = await service.resolvePasswordResetToken(token);
			expect(user).toBeUndefined();
		});

		it('should not return a user if the password sha does not match', async () => {
			const token = service.generatePasswordResetToken(testUser);
			const updatedUser = Object.create(testUser);
			updatedUser.password = 'something-else';
			repository.findOne.mockResolvedValueOnce(updatedUser);
			const user = await service.resolvePasswordResetToken(token);
			expect(user).toBeUndefined();
		});

		it('should not return the user if all checks pass', async () => {
			const token = service.generatePasswordResetToken(testUser);
			repository.findOne.mockResolvedValueOnce(testUser);
			const user = await service.resolvePasswordResetToken(token);
			expect(user).toEqual(testUser);
		});
	});
});
fix(core): Make password-reset urls valid only for single-use (#7622) 2023-11-07 06:35:43 -08:00			`import Container from 'typedi';`
			`import jwt from 'jsonwebtoken';`
			`import { Logger } from '@/Logger';`
			`import config from '@/config';`
			`import { User } from '@db/entities/User';`
ci(core): Reduce memory usage in tests (part-2) (no-changelog) (#7671) This also gets rid of `Db.collection`, which was another source of circular dependencies. 2023-11-10 06:04:26 -08:00			`import { UserRepository } from '@db/repositories/user.repository';`
fix(core): Make password-reset urls valid only for single-use (#7622) 2023-11-07 06:35:43 -08:00			`import { UserService } from '@/services/user.service';`
ci(core): Reduce memory usage in tests (part-2) (no-changelog) (#7671) This also gets rid of `Db.collection`, which was another source of circular dependencies. 2023-11-10 06:04:26 -08:00			`import { mockInstance } from '../../shared/mocking';`
refactor: Extract Invitation routes to InvitationController (no-changelog) (#7726) This PR: - Creates `InvitationController` - Moves `POST /users` to `POST /invitations` and move related test to `invitations.api.tests` - Moves `POST /users/:id` to `POST /invitations/:id/accept` and move related test to `invitations.api.tests` - Adjusts FE to use new endpoints - Moves all the invitation logic to the `UserService` --------- Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in> 2023-11-16 09:39:43 -08:00			`import { RoleService } from '@/services/role.service';`
fix(core): Make password-reset urls valid only for single-use (#7622) 2023-11-07 06:35:43 -08:00
			`describe('UserService', () => {`
			`config.set('userManagement.jwtSecret', 'random-secret');`

			`mockInstance(Logger);`
			`const repository = mockInstance(UserRepository);`
refactor: Extract Invitation routes to InvitationController (no-changelog) (#7726) This PR: - Creates `InvitationController` - Moves `POST /users` to `POST /invitations` and move related test to `invitations.api.tests` - Moves `POST /users/:id` to `POST /invitations/:id/accept` and move related test to `invitations.api.tests` - Adjusts FE to use new endpoints - Moves all the invitation logic to the `UserService` --------- Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in> 2023-11-16 09:39:43 -08:00			`mockInstance(RoleService);`
fix(core): Make password-reset urls valid only for single-use (#7622) 2023-11-07 06:35:43 -08:00			`const service = Container.get(UserService);`
			`const testUser = Object.assign(new User(), {`
			`id: '1234',`
			`password: 'passwordHash',`
			`mfaEnabled: false,`
			`});`

			`beforeEach(() => {`
			`jest.resetAllMocks();`
			`});`

			`describe('generatePasswordResetToken', () => {`
			`it('should generate valid password-reset tokens', () => {`
			`const token = service.generatePasswordResetToken(testUser);`
			`const decoded = jwt.decode(token) as jwt.JwtPayload;`
			`expect(decoded.sub).toEqual(testUser.id);`
			`expect(decoded.exp! - decoded.iat!).toEqual(1200); // Expires in 20 minutes`
			`expect(decoded.passwordSha).toEqual(`
			`'31513c5a9e3c5afe5c06d5675ace74e8bc3fadd9744ab5d89c311f2a62ccbd39',`
			`);`
			`});`
			`});`

			`describe('resolvePasswordResetToken', () => {`
			`it('should not return a user if the token in invalid', async () => {`
			`const user = await service.resolvePasswordResetToken('invalid-token');`
			`expect(user).toBeUndefined();`
			`});`

			`it('should not return a user if the token in expired', async () => {`
			`const token = service.generatePasswordResetToken(testUser, '-1h');`
			`const user = await service.resolvePasswordResetToken(token);`
			`expect(user).toBeUndefined();`
			`});`

			`it('should not return a user if the user does not exist in the DB', async () => {`
			`repository.findOne.mockResolvedValueOnce(null);`
			`const token = service.generatePasswordResetToken(testUser);`
			`const user = await service.resolvePasswordResetToken(token);`
			`expect(user).toBeUndefined();`
			`});`

			`it('should not return a user if the password sha does not match', async () => {`
			`const token = service.generatePasswordResetToken(testUser);`
			`const updatedUser = Object.create(testUser);`
			`updatedUser.password = 'something-else';`
			`repository.findOne.mockResolvedValueOnce(updatedUser);`
			`const user = await service.resolvePasswordResetToken(token);`
			`expect(user).toBeUndefined();`
			`});`

			`it('should not return the user if all checks pass', async () => {`
			`const token = service.generatePasswordResetToken(testUser);`
			`repository.findOne.mockResolvedValueOnce(testUser);`
			`const user = await service.resolvePasswordResetToken(token);`
			`expect(user).toEqual(testUser);`
			`});`
			`});`
			`});`