From cdca0d4942405bd01621109aa64fe7d2f8f63d4b Mon Sep 17 00:00:00 2001 From: Louis Auzuret Date: Mon, 20 Jun 2022 17:10:07 +0200 Subject: [PATCH] fix: auth robot test --- back/src/auth/auth.controller.ts | 12 ++++- back/src/auth/auth.service.ts | 2 +- back/test/robot/.gitignore | 4 ++ back/test/robot/auth/auth.robot | 83 +++++++++++++++++++++++++++++++ back/test/robot/rest.resource | 2 +- back/test/robot/users/users.robot | 14 ++++++ docker-compose.yml | 2 +- 7 files changed, 115 insertions(+), 4 deletions(-) create mode 100644 back/test/robot/.gitignore create mode 100644 back/test/robot/auth/auth.robot create mode 100644 back/test/robot/users/users.robot diff --git a/back/src/auth/auth.controller.ts b/back/src/auth/auth.controller.ts index ea7e3a0..59a4430 100644 --- a/back/src/auth/auth.controller.ts +++ b/back/src/auth/auth.controller.ts @@ -1,4 +1,4 @@ -import { Controller, Request, Post, Get, UseGuards, Res, Body } from '@nestjs/common'; +import { Controller, Request, Post, Get, UseGuards, Res, Body, Delete } from '@nestjs/common'; import { AuthService } from './auth.service'; import { JwtAuthGuard } from './jwt-auth.guard'; import { LocalAuthGuard } from './local-auth.guard'; @@ -40,4 +40,14 @@ export class AuthController { getProfile(@Request() req) { return req.user; } + + @UseGuards(JwtAuthGuard) + @ApiBearerAuth() + @ApiOkResponse({ description: 'Successfully deleted' }) + @ApiUnauthorizedResponse({ description: 'Invalid token' }) + @Delete('me') + deleteSelf(@Request() req) { + return this.usersService.deleteUser({"id": req.user.id}) + } + } diff --git a/back/src/auth/auth.service.ts b/back/src/auth/auth.service.ts index 44831f1..7cca4b1 100644 --- a/back/src/auth/auth.service.ts +++ b/back/src/auth/auth.service.ts @@ -12,7 +12,7 @@ export class AuthService { ) {} async validateUser(username: string, password: string): Promise { - const user = await this.userService.user({username}); + const user = await this.userService.user({username}); if (user && bcrypt.compareSync(password, user.password)) { return { username: user.username, diff --git a/back/test/robot/.gitignore b/back/test/robot/.gitignore new file mode 100644 index 0000000..73a37df --- /dev/null +++ b/back/test/robot/.gitignore @@ -0,0 +1,4 @@ +log.html +output.xml +report.html +env diff --git a/back/test/robot/auth/auth.robot b/back/test/robot/auth/auth.robot new file mode 100644 index 0000000..ccb9fb2 --- /dev/null +++ b/back/test/robot/auth/auth.robot @@ -0,0 +1,83 @@ +*** Settings *** +Documentation Tests of the /auth route. +... Ensures that the user can authenticate on kyoo. +Resource ../rest.resource + + +*** Keywords *** +Login + [Documentation] Shortcut to login with the given username for future requests + [Arguments] ${username} + &{res}= POST /auth/login {"username": "${username}", "password": "password-${username}"} + Output + Integer response status 201 + String response body access_token + Set Headers {"Authorization": "Bearer ${res.body.access_token}"} + +Register + [Documentation] Shortcut to register with the given username for future requests + [Arguments] ${username} + &{res}= POST + ... /auth/register + ... {"username": "${username}", "password": "password-${username}", "email": "${username}@chromacase.moe"} + Output + Integer response status 200 + +Logout + [Documentation] Logout the current user, only the local client is affected. + Set Headers {"Authorization": ""} + + +*** Test Cases *** +Me cant be accessed without an account + Get /auth/me + Output + Integer response status 401 + +Bad Account + [Documentation] Login fails if user does not exist + POST /auth/login {"username": "i-don-t-exist", "password": "pass"} + Output + Integer response status 401 + +RegisterAndLogin + [Documentation] Create a new user and login in it + Register user-1 + Login user-1 + [Teardown] DELETE /auth/me + +Register Duplicates + [Documentation] If two users tries to register with the same username, it fails + Register user-duplicate + # We can't use the `Register` keyword because it assert for success + POST /auth/register {"username": "user-duplicate", "password": "pass", "email": "mail@kyoo.moe"} + Output + Integer response status 400 + Login user-duplicate + [Teardown] DELETE /auth/me + +Delete Account + [Documentation] Check if a user can delete it's account + Register I-should-be-deleted + Login I-should-be-deleted + DELETE /auth/me + Output + Integer response status 200 + +Login + [Documentation] Create a new user and login in it + Register login-user + Login login-user + ${res}= GET /auth/me + Output + Integer response status 200 + String response body username login-user + + Logout + Login login-user + ${me}= Get /auth/me + Output + Output ${me} + Should Be Equal As Strings ${res["body"]} ${me["body"]} + + [Teardown] DELETE /auth/me diff --git a/back/test/robot/rest.resource b/back/test/robot/rest.resource index 41db3c9..42db9ed 100644 --- a/back/test/robot/rest.resource +++ b/back/test/robot/rest.resource @@ -1,4 +1,4 @@ *** Settings *** Documentation Common things to handle rest requests -Library REST http://localhost:3000/api +Library REST http://localhost:3000 diff --git a/back/test/robot/users/users.robot b/back/test/robot/users/users.robot new file mode 100644 index 0000000..45135e6 --- /dev/null +++ b/back/test/robot/users/users.robot @@ -0,0 +1,14 @@ +*** Settings *** +Documentation Tests of the /users route. +... Ensures that the users CRUD works corectly. +Resource ../rest.resource + + +*** Keywords *** +*** Test Cases *** +Create a user + [Documentation] Create a user + POST /users {"username": "i-don-t-exist", "password": "pass", "email": "wow@gmail.com"} + Output + Integer response status 201 + [Teardown] DELETE /users/1 \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index ea0af46..a80b7bf 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: back: - build: ./back + build: ./back ports: - "3000:3000" depends_on: