lewis.moe / bspds-sandbox
this repo has no description
fork atom
bspds-sandbox / tests / change_password.rs
at 12bb2a0adeb4d89acdeb6901f0c2b2ed34e6414a 6.1 kB view raw
1mod common; 2mod helpers; 3use common::*; 4use helpers::*; 5use reqwest::StatusCode; 6use serde_json::{Value, json}; 7 8#[tokio::test] 9async fn test_change_password_success() { 10 let client = client(); 11 let ts = chrono::Utc::now().timestamp_millis(); 12 let handle = format!("change-pw-{}.test", ts); 13 let email = format!("change-pw-{}@test.com", ts); 14 let old_password = "Oldpass123!"; 15 let new_password = "Newpass456!"; 16 let create_payload = json!({ 17 "handle": handle, 18 "email": email, 19 "password": old_password 20 }); 21 let create_res = client 22 .post(format!( 23 "{}/xrpc/com.atproto.server.createAccount", 24 base_url().await 25 )) 26 .json(&create_payload) 27 .send() 28 .await 29 .expect("Failed to create account"); 30 assert_eq!(create_res.status(), StatusCode::OK); 31 let create_body: Value = create_res.json().await.unwrap(); 32 let did = create_body["did"].as_str().unwrap(); 33 let jwt = verify_new_account(&client, did).await; 34 let change_res = client 35 .post(format!( 36 "{}/xrpc/com.tranquil.account.changePassword", 37 base_url().await 38 )) 39 .bearer_auth(&jwt) 40 .json(&json!({ 41 "currentPassword": old_password, 42 "newPassword": new_password 43 })) 44 .send() 45 .await 46 .expect("Failed to change password"); 47 assert_eq!(change_res.status(), StatusCode::OK); 48 let login_old = client 49 .post(format!( 50 "{}/xrpc/com.atproto.server.createSession", 51 base_url().await 52 )) 53 .json(&json!({ 54 "identifier": handle, 55 "password": old_password 56 })) 57 .send() 58 .await 59 .expect("Failed to try old password"); 60 assert_eq!( 61 login_old.status(), 62 StatusCode::UNAUTHORIZED, 63 "Old password should not work" 64 ); 65 let login_new = client 66 .post(format!( 67 "{}/xrpc/com.atproto.server.createSession", 68 base_url().await 69 )) 70 .json(&json!({ 71 "identifier": handle, 72 "password": new_password 73 })) 74 .send() 75 .await 76 .expect("Failed to try new password"); 77 assert_eq!( 78 login_new.status(), 79 StatusCode::OK, 80 "New password should work" 81 ); 82} 83 84#[tokio::test] 85async fn test_change_password_wrong_current() { 86 let client = client(); 87 let (_, jwt) = setup_new_user("change-pw-wrong").await; 88 let res = client 89 .post(format!( 90 "{}/xrpc/com.tranquil.account.changePassword", 91 base_url().await 92 )) 93 .bearer_auth(&jwt) 94 .json(&json!({ 95 "currentPassword": "Wrongpass999!", 96 "newPassword": "Newpass123!" 97 })) 98 .send() 99 .await 100 .expect("Failed to send request"); 101 assert_eq!(res.status(), StatusCode::UNAUTHORIZED); 102 let body: Value = res.json().await.unwrap(); 103 assert_eq!(body["error"].as_str(), Some("InvalidPassword")); 104} 105 106#[tokio::test] 107async fn test_change_password_too_short() { 108 let client = client(); 109 let ts = chrono::Utc::now().timestamp_millis(); 110 let handle = format!("change-pw-short-{}.test", ts); 111 let email = format!("change-pw-short-{}@test.com", ts); 112 let password = "Correct123!"; 113 let create_payload = json!({ 114 "handle": handle, 115 "email": email, 116 "password": password 117 }); 118 let create_res = client 119 .post(format!( 120 "{}/xrpc/com.atproto.server.createAccount", 121 base_url().await 122 )) 123 .json(&create_payload) 124 .send() 125 .await 126 .expect("Failed to create account"); 127 assert_eq!(create_res.status(), StatusCode::OK); 128 let create_body: Value = create_res.json().await.unwrap(); 129 let did = create_body["did"].as_str().unwrap(); 130 let jwt = verify_new_account(&client, did).await; 131 let res = client 132 .post(format!( 133 "{}/xrpc/com.tranquil.account.changePassword", 134 base_url().await 135 )) 136 .bearer_auth(&jwt) 137 .json(&json!({ 138 "currentPassword": password, 139 "newPassword": "short" 140 })) 141 .send() 142 .await 143 .expect("Failed to send request"); 144 assert_eq!(res.status(), StatusCode::BAD_REQUEST); 145 let body: Value = res.json().await.unwrap(); 146 assert!(body["message"].as_str().unwrap().contains("8 characters")); 147} 148 149#[tokio::test] 150async fn test_change_password_empty_current() { 151 let client = client(); 152 let (_, jwt) = setup_new_user("change-pw-empty").await; 153 let res = client 154 .post(format!( 155 "{}/xrpc/com.tranquil.account.changePassword", 156 base_url().await 157 )) 158 .bearer_auth(&jwt) 159 .json(&json!({ 160 "currentPassword": "", 161 "newPassword": "Newpass123!" 162 })) 163 .send() 164 .await 165 .expect("Failed to send request"); 166 assert_eq!(res.status(), StatusCode::BAD_REQUEST); 167} 168 169#[tokio::test] 170async fn test_change_password_empty_new() { 171 let client = client(); 172 let (_, jwt) = setup_new_user("change-pw-emptynew").await; 173 let res = client 174 .post(format!( 175 "{}/xrpc/com.tranquil.account.changePassword", 176 base_url().await 177 )) 178 .bearer_auth(&jwt) 179 .json(&json!({ 180 "currentPassword": "E2epass123!", 181 "newPassword": "" 182 })) 183 .send() 184 .await 185 .expect("Failed to send request"); 186 assert_eq!(res.status(), StatusCode::BAD_REQUEST); 187} 188 189#[tokio::test] 190async fn test_change_password_requires_auth() { 191 let client = client(); 192 let res = client 193 .post(format!( 194 "{}/xrpc/com.tranquil.account.changePassword", 195 base_url().await 196 )) 197 .json(&json!({ 198 "currentPassword": "Oldpass123!", 199 "newPassword": "Newpass123!" 200 })) 201 .send() 202 .await 203 .expect("Failed to send request"); 204 assert_eq!(res.status(), StatusCode::UNAUTHORIZED); 205}