joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
36bee12c24facd02834026eaef9f7ea540e7cb2d
kami-parse-server/spec/PasswordPolicy.spec.js

1671 lines
51 KiB
JavaScript
Raw Normal View History

Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
'use strict';
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
const request = require('../lib/request');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
describe('Password Policy: ', () => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
it('should show the invalid link page if the user clicks on the password reset link after the token expires', done => {
const user = new Parse.User();
let sendEmailOptions;
const emailAdapter = {
sendVerificationEmail: () => Promise.resolve(),
sendPasswordResetEmail: options => {
sendEmailOptions = options;
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
sendMail: () => {},
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
};
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
reconfigureServer({
appName: 'passwordPolicy',
emailAdapter: emailAdapter,
passwordPolicy: {
resetTokenValidityDuration: 0.5, // 0.5 second
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
user.setUsername('testResetTokenValidity');
user.setPassword('original');
user.set('email', 'user@parse.com');
return user.signUp();
})
.then(() => {
Parse.User.requestPasswordReset('user@parse.com').catch(err => {
jfail(err);
fail('Reset password request should not fail');
done();
});
})
.then(() => {
// wait for a bit more than the validity duration set
setTimeout(() => {
expect(sendEmailOptions).not.toBeUndefined();
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
url: sendEmailOptions.link,
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
expect(response.text).toEqual(
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
'Found. Redirecting to http://localhost:8378/1/apps/invalid_link.html'
);
done();
})
.catch(error => {
fail(error);
});
}, 1000);
})
.catch(err => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
jfail(err);
done();
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
it('should show the reset password page if the user clicks on the password reset link before the token expires', done => {
const user = new Parse.User();
let sendEmailOptions;
const emailAdapter = {
sendVerificationEmail: () => Promise.resolve(),
sendPasswordResetEmail: options => {
sendEmailOptions = options;
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
sendMail: () => {},
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
};
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
reconfigureServer({
appName: 'passwordPolicy',
emailAdapter: emailAdapter,
passwordPolicy: {
resetTokenValidityDuration: 5, // 5 seconds
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
user.setUsername('testResetTokenValidity');
user.setPassword('original');
user.set('email', 'user@parse.com');
return user.signUp();
})
.then(() => {
Parse.User.requestPasswordReset('user@parse.com').catch(err => {
jfail(err);
fail('Reset password request should not fail');
done();
});
})
.then(() => {
// wait for a bit but less than the validity duration
setTimeout(() => {
expect(sendEmailOptions).not.toBeUndefined();
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
url: sendEmailOptions.link,
simple: false,
resolveWithFullResponse: true,
followRedirects: false,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=[a-zA-Z0-9]+\&id=test\&username=testResetTokenValidity/;
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.text.match(re)).not.toBe(null);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
done();
})
.catch(error => {
fail(error);
});
}, 1000);
})
.catch(err => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
jfail(err);
done();
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
it('should fail if passwordPolicy.resetTokenValidityDuration is not a number', done => {
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
resetTokenValidityDuration: 'not a number',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
fail(
'passwordPolicy.resetTokenValidityDuration "not a number" test failed'
);
done();
})
.catch(err => {
expect(err).toEqual(
'passwordPolicy.resetTokenValidityDuration must be a positive number'
);
done();
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
it('should fail if passwordPolicy.resetTokenValidityDuration is zero or a negative number', done => {
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
resetTokenValidityDuration: 0,
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
fail('resetTokenValidityDuration negative number test failed');
done();
})
.catch(err => {
expect(err).toEqual(
'passwordPolicy.resetTokenValidityDuration must be a positive number'
);
done();
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
it('should fail if passwordPolicy.validatorPattern setting is invalid type', done => {
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: 1234, // number is not a valid setting
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
fail('passwordPolicy.validatorPattern type test failed');
done();
})
.catch(err => {
expect(err).toEqual(
'passwordPolicy.validatorPattern must be a regex string or RegExp object.'
);
done();
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
it('should fail if passwordPolicy.validatorCallback setting is invalid type', done => {
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorCallback: 'abc', // string is not a valid setting
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
fail('passwordPolicy.validatorCallback type test failed');
done();
})
.catch(err => {
expect(err).toEqual(
'passwordPolicy.validatorCallback must be a function.'
);
done();
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should fail if password does not conform to the policy enforced using validatorPattern', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: /[0-9]+/, // password should contain at least one digit
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('nodigit');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
fail(
'Should have failed as password does not conform to the policy.'
);
done();
})
.catch(error => {
expect(error.code).toEqual(142);
done();
});
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should fail if password does not conform to the policy enforced using validatorPattern string', done => {
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: '^.{8,}', // password should contain at least 8 char
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('less');
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
fail(
'Should have failed as password does not conform to the policy.'
);
done();
})
.catch(error => {
expect(error.code).toEqual(142);
done();
});
});
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should fail if password is empty', done => {
allow flow through to passwordPolicy in case of empty ('') password (#3560)
2017-02-24 17:51:50 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: '^.{8,}', // password should contain at least 8 char
allow flow through to passwordPolicy in case of empty ('') password (#3560)
2017-02-24 17:51:50 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
allow flow through to passwordPolicy in case of empty ('') password (#3560)
2017-02-24 17:51:50 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('');
allow flow through to passwordPolicy in case of empty ('') password (#3560)
2017-02-24 17:51:50 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
fail(
'Should have failed as password does not conform to the policy.'
);
done();
})
.catch(error => {
expect(error.message).toEqual(
'Cannot sign up user with an empty password.'
);
done();
});
});
allow flow through to passwordPolicy in case of empty ('') password (#3560)
2017-02-24 17:51:50 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should succeed if password conforms to the policy enforced using validatorPattern', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: /[0-9]+/, // password should contain at least one digit
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('1digit');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
Parse.User.logOut()
.then(() => {
Parse.User.logIn('user1', '1digit')
.then(function() {
done();
})
.catch(err => {
jfail(err);
fail('Should be able to login');
done();
});
})
.catch(error => {
jfail(error);
fail('logout should have succeeded');
done();
});
})
.catch(error => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail(
'Signup should have succeeded as password conforms to the policy.'
);
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
done();
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should succeed if password conforms to the policy enforced using validatorPattern string', done => {
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: '[!@#$]+', // password should contain at least one special char
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('p@sswrod');
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
Parse.User.logOut()
.then(() => {
Parse.User.logIn('user1', 'p@sswrod')
.then(function() {
done();
})
.catch(err => {
jfail(err);
fail('Should be able to login');
done();
});
})
.catch(error => {
jfail(error);
fail('logout should have succeeded');
done();
});
})
.catch(error => {
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail(
'Signup should have succeeded as password conforms to the policy.'
);
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
done();
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
});
Add support for regex string for password policy validatorPattern setting (#3331)
2017-01-08 20:42:44 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should fail if password does not conform to the policy enforced using validatorCallback', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorCallback: () => false, // just fail
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('any');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
fail(
'Should have failed as password does not conform to the policy.'
);
done();
})
.catch(error => {
expect(error.code).toEqual(142);
done();
});
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should succeed if password conforms to the policy enforced using validatorCallback', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorCallback: () => true, // never fail
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('oneUpper');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
Parse.User.logOut()
.then(() => {
Parse.User.logIn('user1', 'oneUpper')
.then(function() {
done();
})
.catch(err => {
jfail(err);
fail('Should be able to login');
done();
});
})
.catch(error => {
jfail(error);
fail('Logout should have succeeded');
done();
});
})
.catch(error => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('Should have succeeded as password conforms to the policy.');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
done();
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should fail if password does not match validatorPattern but succeeds validatorCallback', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: /[A-Z]+/, // password should contain at least one UPPER case letter
validatorCallback: () => true,
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('all lower');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
fail(
'Should have failed as password does not conform to the policy.'
);
done();
})
.catch(error => {
expect(error.code).toEqual(142);
done();
});
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should fail if password matches validatorPattern but fails validatorCallback', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: /[A-Z]+/, // password should contain at least one UPPER case letter
validatorCallback: () => false,
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('oneUpper');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
fail(
'Should have failed as password does not conform to the policy.'
);
done();
})
.catch(error => {
expect(error.code).toEqual(142);
done();
});
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should succeed if password conforms to both validatorPattern and validatorCallback', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: /[A-Z]+/, // password should contain at least one digit
validatorCallback: () => true,
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('oneUpper');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
Parse.User.logOut()
.then(() => {
Parse.User.logIn('user1', 'oneUpper')
.then(function() {
done();
})
.catch(err => {
jfail(err);
fail('Should be able to login');
done();
});
})
.catch(error => {
jfail(error);
fail('logout should have succeeded');
done();
});
})
.catch(error => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('Should have succeeded as password conforms to the policy.');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
done();
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
it('should reset password if new password conforms to password policy', done => {
const user = new Parse.User();
const emailAdapter = {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
sendVerificationEmail: () => Promise.resolve(),
sendPasswordResetEmail: options => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
url: options.link,
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
const match = response.text.match(re);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
if (!match) {
fail('should have a token');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
done();
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
return;
}
const token = match[1];
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
method: 'POST',
url: 'http://localhost:8378/1/apps/test/request_password_reset',
body: `new_password=has2init&token=${token}&username=user1`,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
expect(response.text).toEqual(
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
);
Parse.User.logIn('user1', 'has2init')
.then(function() {
done();
})
.catch(err => {
jfail(err);
fail('should login with new password');
done();
});
})
.catch(error => {
jfail(error);
fail('Failed to POST request password reset');
done();
});
})
.catch(error => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('Failed to get the reset link');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
done();
});
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
sendMail: () => {},
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
};
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
reconfigureServer({
appName: 'passwordPolicy',
verifyUserEmails: false,
emailAdapter: emailAdapter,
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: /[0-9]+/, // password should contain at least one digit
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('has 1 digit');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
Parse.User.requestPasswordReset('user1@parse.com').catch(err => {
jfail(err);
fail('Reset password request should not fail');
done();
});
})
.catch(error => {
jfail(error);
fail('signUp should not fail');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
done();
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
});
});
it('should fail to reset password if the new password does not conform to password policy', done => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
const user = new Parse.User();
const emailAdapter = {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
sendVerificationEmail: () => Promise.resolve(),
sendPasswordResetEmail: options => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
url: options.link,
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
const match = response.text.match(re);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
if (!match) {
fail('should have a token');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
done();
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
return;
}
const token = match[1];
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
method: 'POST',
url: 'http://localhost:8378/1/apps/test/request_password_reset',
body: `new_password=hasnodigit&token=${token}&username=user1`,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
expect(response.text).toEqual(
Password requirement custom message (#5399) * Added validationError(custom message) for Password requirement fail * Changed validationError from valodationError in README.md
2019-02-28 16:17:31 -05:00
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=Password%20should%20contain%20at%20least%20one%20digit.&app=passwordPolicy`
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
);
Parse.User.logIn('user1', 'has 1 digit')
.then(function() {
done();
})
.catch(err => {
jfail(err);
fail('should login with old password');
done();
});
})
.catch(error => {
jfail(error);
fail('Failed to POST request password reset');
done();
});
})
.catch(error => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('Failed to get the reset link');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
done();
});
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
sendMail: () => {},
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
};
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
reconfigureServer({
appName: 'passwordPolicy',
verifyUserEmails: false,
emailAdapter: emailAdapter,
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: /[0-9]+/, // password should contain at least one digit
Password requirement custom message (#5399) * Added validationError(custom message) for Password requirement fail * Changed validationError from valodationError in README.md
2019-02-28 16:17:31 -05:00
validationError: 'Password should contain at least one digit.',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('has 1 digit');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
Parse.User.requestPasswordReset('user1@parse.com').catch(err => {
jfail(err);
fail('Reset password request should not fail');
done();
});
})
.catch(error => {
jfail(error);
fail('signUp should not fail');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
done();
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
});
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('should fail if passwordPolicy.doNotAllowUsername is not a boolean value', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
doNotAllowUsername: 'no',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
fail('passwordPolicy.doNotAllowUsername type test failed');
done();
})
.catch(err => {
expect(err).toEqual(
'passwordPolicy.doNotAllowUsername must be a boolean value.'
);
done();
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should fail if password contains the username and is not allowed by policy', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
validatorPattern: /[0-9]+/,
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
doNotAllowUsername: true,
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('@user11');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
fail('Should have failed as password contains username.');
done();
})
.catch(error => {
expect(error.code).toEqual(142);
Password requirement custom message (#5399) * Added validationError(custom message) for Password requirement fail * Changed validationError from valodationError in README.md
2019-02-28 16:17:31 -05:00
expect(error.message).toEqual(
'Password cannot contain your username.'
);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
done();
});
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should succeed if password does not contain the username and is not allowed by policy', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
doNotAllowUsername: true,
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('r@nd0m');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
done();
})
.catch(() => {
fail('Should have succeeded as password does not contain username.');
done();
});
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('signup should succeed if password contains the username and it is allowed by policy', done => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
validatorPattern: /[0-9]+/,
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('user1');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
done();
})
.catch(() => {
fail('Should have succeeded as policy allows username in password.');
done();
});
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
it('should fail to reset password if the new password contains username and not allowed by password policy', done => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
const user = new Parse.User();
const emailAdapter = {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
sendVerificationEmail: () => Promise.resolve(),
sendPasswordResetEmail: options => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
url: options.link,
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
const match = response.text.match(re);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
if (!match) {
fail('should have a token');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
done();
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
return;
}
const token = match[1];
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
method: 'POST',
url: 'http://localhost:8378/1/apps/test/request_password_reset',
body: `new_password=xuser12&token=${token}&username=user1`,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
expect(response.text).toEqual(
Password requirement custom message (#5399) * Added validationError(custom message) for Password requirement fail * Changed validationError from valodationError in README.md
2019-02-28 16:17:31 -05:00
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=Password%20cannot%20contain%20your%20username.&app=passwordPolicy`
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
);
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
Parse.User.logIn('user1', 'r@nd0m')
.then(function() {
done();
})
.catch(err => {
jfail(err);
fail('should login with old password');
done();
});
})
.catch(error => {
jfail(error);
fail('Failed to POST request password reset');
done();
});
})
.catch(error => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('Failed to get the reset link');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
done();
});
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
sendMail: () => {},
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
};
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
reconfigureServer({
appName: 'passwordPolicy',
verifyUserEmails: false,
emailAdapter: emailAdapter,
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
doNotAllowUsername: true,
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('r@nd0m');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
Parse.User.requestPasswordReset('user1@parse.com').catch(err => {
jfail(err);
fail('Reset password request should not fail');
done();
});
})
.catch(error => {
jfail(error);
fail('signUp should not fail');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
done();
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
});
});
Ajax password reset (#5332) * adapted public api route for use with ajax * Elegant error handling * Fixed error return * Public API error flow redone, tests * Fixed code to pre-build form * Public API change password return params * Reverted errors in resetPassword * Fixed querystring call * Success test on ajax password reset * Added few more routes to tests for coverage * More tests and redone error return slightly * Updated error text * Console logs removal, renamed test, added {} to if * Wrong error sent * Revert changes * Revert "Revert changes" This reverts commit 68ee2c44bf2411ca8b56b039a4d490a7e2f99ae9. * real revert of {} * nits and test fix * fix tests * throw proper error
2019-03-14 23:06:18 +02:00
it('Should return error when password violates Password Policy and reset through ajax', async done => {
const user = new Parse.User();
const emailAdapter = {
sendVerificationEmail: () => Promise.resolve(),
sendPasswordResetEmail: async options => {
const response = await request({
url: options.link,
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
});
expect(response.status).toEqual(302);
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
const match = response.text.match(re);
if (!match) {
fail('should have a token');
return;
}
const token = match[1];
try {
await request({
method: 'POST',
url: 'http://localhost:8378/1/apps/test/request_password_reset',
body: `new_password=xuser12&token=${token}&username=user1`,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'X-Requested-With': 'XMLHttpRequest',
},
followRedirects: false,
});
} catch (error) {
expect(error.status).not.toBe(302);
expect(error.text).toEqual(
'{"code":-1,"error":"Password cannot contain your username."}'
);
}
await Parse.User.logIn('user1', 'r@nd0m');
done();
},
sendMail: () => {},
};
await reconfigureServer({
appName: 'passwordPolicy',
verifyUserEmails: false,
emailAdapter: emailAdapter,
passwordPolicy: {
doNotAllowUsername: true,
},
publicServerURL: 'http://localhost:8378/1',
});
user.setUsername('user1');
user.setPassword('r@nd0m');
user.set('email', 'user1@parse.com');
await user.signUp();
await Parse.User.requestPasswordReset('user1@parse.com');
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
it('should reset password even if the new password contains user name while the policy allows', done => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
const user = new Parse.User();
const emailAdapter = {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
sendVerificationEmail: () => Promise.resolve(),
sendPasswordResetEmail: options => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
url: options.link,
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
const match = response.text.match(re);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
if (!match) {
fail('should have a token');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
done();
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
return;
}
const token = match[1];
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
method: 'POST',
url: 'http://localhost:8378/1/apps/test/request_password_reset',
body: `new_password=uuser11&token=${token}&username=user1`,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
expect(response.text).toEqual(
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
);
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
Parse.User.logIn('user1', 'uuser11')
.then(function() {
done();
})
.catch(err => {
jfail(err);
fail('should login with new password');
done();
});
})
.catch(error => {
jfail(error);
fail('Failed to POST request password reset');
});
})
.catch(error => {
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('Failed to get the reset link');
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
sendMail: () => {},
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
};
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
reconfigureServer({
appName: 'passwordPolicy',
verifyUserEmails: false,
emailAdapter: emailAdapter,
passwordPolicy: {
validatorPattern: /[0-9]+/,
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
doNotAllowUsername: false,
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
user.setUsername('user1');
user.setPassword('has 1 digit');
user.set('email', 'user1@parse.com');
user.signUp().then(() => {
Parse.User.requestPasswordReset('user1@parse.com').catch(err => {
jfail(err);
fail('Reset password request should not fail');
done();
});
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
})
.catch(error => {
jfail(error);
fail('signUp should not fail');
done();
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
});
});
it('should fail if passwordPolicy.maxPasswordAge is not a number', done => {
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordAge: 'not a number',
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
fail('passwordPolicy.maxPasswordAge "not a number" test failed');
done();
})
.catch(err => {
expect(err).toEqual(
'passwordPolicy.maxPasswordAge must be a positive number'
);
done();
});
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
});
it('should fail if passwordPolicy.maxPasswordAge is a negative number', done => {
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordAge: -100,
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
fail('passwordPolicy.maxPasswordAge negative number test failed');
done();
})
.catch(err => {
expect(err).toEqual(
'passwordPolicy.maxPasswordAge must be a positive number'
);
done();
});
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('should succeed if logged in before password expires', done => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordAge: 1, // 1 day
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('user1');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
Parse.User.logIn('user1', 'user1')
.then(() => {
done();
})
.catch(error => {
jfail(error);
fail('Login should have succeeded before password expiry.');
done();
});
})
.catch(error => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('Signup failed.');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
done();
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
});
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('should fail if logged in after password expires', done => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordAge: 0.5 / (24 * 60 * 60), // 0.5 sec
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('user1');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
// wait for a bit more than the validity duration set
setTimeout(() => {
Parse.User.logIn('user1', 'user1')
.then(() => {
fail('logIn should have failed');
done();
})
.catch(error => {
expect(error.code).toEqual(Parse.Error.OBJECT_NOT_FOUND);
expect(error.message).toEqual(
'Your password has expired. Please reset your password.'
);
done();
});
}, 1000);
})
.catch(error => {
jfail(error);
fail('Signup failed.');
done();
});
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
});
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
it('should apply password expiry policy to existing user upon first login after policy is enabled', done => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('user1');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
Parse.User.logOut()
.then(() => {
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
maxPasswordAge: 0.5 / (24 * 60 * 60), // 0.5 sec
},
publicServerURL: 'http://localhost:8378/1',
}).then(() => {
Parse.User.logIn('user1', 'user1')
.then(() => {
Parse.User.logOut()
.then(() => {
// wait for a bit more than the validity duration set
setTimeout(() => {
Parse.User.logIn('user1', 'user1')
.then(() => {
fail('logIn should have failed');
done();
})
.catch(error => {
expect(error.code).toEqual(
Parse.Error.OBJECT_NOT_FOUND
);
expect(error.message).toEqual(
'Your password has expired. Please reset your password.'
);
done();
});
}, 2000);
})
.catch(error => {
jfail(error);
fail('logout should have succeeded');
done();
});
})
.catch(error => {
jfail(error);
fail('Login failed.');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
done();
});
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
})
.catch(error => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('logout should have succeeded');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
done();
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
})
.catch(error => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('Signup failed.');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
done();
});
});
});
it('should reset password timestamp when password is reset', done => {
const user = new Parse.User();
const emailAdapter = {
sendVerificationEmail: () => Promise.resolve(),
sendPasswordResetEmail: options => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
url: options.link,
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
const match = response.text.match(re);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
if (!match) {
fail('should have a token');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
done();
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
return;
}
const token = match[1];
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
method: 'POST',
url: 'http://localhost:8378/1/apps/test/request_password_reset',
body: `new_password=uuser11&token=${token}&username=user1`,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
expect(response.text).toEqual(
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
);
Parse.User.logIn('user1', 'uuser11')
.then(function() {
done();
})
.catch(err => {
jfail(err);
fail('should login with new password');
done();
});
})
.catch(error => {
jfail(error);
fail('Failed to POST request password reset');
});
})
.catch(error => {
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
jfail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('Failed to get the reset link');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
});
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
sendMail: () => {},
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
};
reconfigureServer({
appName: 'passwordPolicy',
emailAdapter: emailAdapter,
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordAge: 0.5 / (24 * 60 * 60), // 0.5 sec
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('user1');
Adds password expiry support to password policy (#3068) * Adding support for password expiry policy * Renamed daysBeforeExpiry -> maxPasswordAge
2016-11-21 21:16:38 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
// wait for a bit more than the validity duration set
setTimeout(() => {
Parse.User.logIn('user1', 'user1')
.then(() => {
fail('logIn should have failed');
done();
})
.catch(error => {
expect(error.code).toEqual(Parse.Error.OBJECT_NOT_FOUND);
expect(error.message).toEqual(
'Your password has expired. Please reset your password.'
);
Parse.User.requestPasswordReset('user1@parse.com').catch(
err => {
jfail(err);
fail('Reset password request should not fail');
done();
}
);
});
}, 1000);
})
.catch(error => {
jfail(error);
fail('Signup failed.');
done();
});
Adding support for optional Password Policy (#3032) * adds resetTokenValidityDuration setting * adds a validator to validate password that can be used to enforce strong passwords * adds unit tests for passwordPolicy.validator * adds unit tests to to fail reset password function if password is not in a valid format * updates README.md for passwordPolicy * prevents duplicate check for password validator in updateUserPassword * adds optional setting to disallow username in password * updates test cases to use fdescribe instead of describe * updates test cases to use request-promise instead of request * adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator * expect username parameter in redirect to password_reset_success * adds support for _perishable_token_expires_at in postgres
2016-11-17 22:07:51 +05:30
});
});
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
it('should fail if passwordPolicy.maxPasswordHistory is not a number', done => {
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordHistory: 'not a number',
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
fail('passwordPolicy.maxPasswordHistory "not a number" test failed');
done();
})
.catch(err => {
expect(err).toEqual(
'passwordPolicy.maxPasswordHistory must be an integer ranging 0 - 20'
);
done();
});
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
});
it('should fail if passwordPolicy.maxPasswordHistory is a negative number', done => {
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordHistory: -10,
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
fail('passwordPolicy.maxPasswordHistory negative number test failed');
done();
})
.catch(err => {
expect(err).toEqual(
'passwordPolicy.maxPasswordHistory must be an integer ranging 0 - 20'
);
done();
});
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
});
it('should fail if passwordPolicy.maxPasswordHistory is greater than 20', done => {
reconfigureServer({
appName: 'passwordPolicy',
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordHistory: 21,
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
})
.then(() => {
fail('passwordPolicy.maxPasswordHistory negative number test failed');
done();
})
.catch(err => {
expect(err).toEqual(
'passwordPolicy.maxPasswordHistory must be an integer ranging 0 - 20'
);
done();
});
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
});
it('should fail to reset if the new password is same as the last password', done => {
const user = new Parse.User();
const emailAdapter = {
sendVerificationEmail: () => Promise.resolve(),
sendPasswordResetEmail: options => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
request({
url: options.link,
followRedirects: false,
})
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
.then(response => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
const match = response.text.match(re);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
if (!match) {
fail('should have a token');
return Promise.reject('Invalid password link');
}
return Promise.resolve(match[1]); // token
})
.then(token => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
return request({
method: 'POST',
url: 'http://localhost:8378/1/apps/test/request_password_reset',
body: `new_password=user1&token=${token}&username=user1`,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
followRedirects: false,
simple: false,
resolveWithFullResponse: true,
}).then(response => {
return [response, token];
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
})
.then(data => {
const response = data[0];
const token = data[1];
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
expect(response.status).toEqual(302);
expect(response.text).toEqual(
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=New%20password%20should%20not%20be%20the%20same%20as%20last%201%20passwords.&app=passwordPolicy`
);
done();
return Promise.resolve();
})
.catch(error => {
Remove request and request-promise from dev dependencies (#5077) * removes from emailverificationtoken spec * updates winston * Updates ValidationAndPasswordsReset * Use local request in schemas * Removes request in rest.spec * Removes request from PushRouter0 * removes request from public API * removes request from index.spec * Removes request form parse.push spec * removes request from ParseInstallation spec * Removes from ParseHooks * removes request from ParseGlobalConfig.spec * Removes request from ParseAPI.spec.js * removes request from LogsRouter * removes in features * Filters undefined headers instead of crashing * Removes request from ParseUser spec * Removes usage of request in ParseFile.spec.js * Removes request from AuthAdapters.js * removes request-promise from ParseGeoPoint.spec * Removes request-promise from ParseQuery spec * remove request-promise from UserPII * removes request-promise from EnableExpressErrorHandler * Updates RevocableSessionUpgrade spec * Update RestQuery * Removes read preferenceOptionM * ensure we forward auth from URL * use request in CloudCode.spec.js * Removes request-promise from JobSchedule.spec * Removes rp from VerifyUserPassword.spec.js * Removes rp from PasswordPolicy spec * Removes rp from ParsePolygon spec * Removes rp from fullTextSearch spec * Removes rp from PArseQuery.Aggregate * Ensure we properly forward errors * Removes request and request-promise
2018-09-24 17:07:51 -04:00
fail(error);
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
fail('Repeat password test failed');
done();
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
});
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
sendMail: () => {},
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
};
reconfigureServer({
appName: 'passwordPolicy',
verifyUserEmails: false,
emailAdapter: emailAdapter,
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordHistory: 1,
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('user1');
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
return Parse.User.logOut();
})
.then(() => {
return Parse.User.requestPasswordReset('user1@parse.com');
})
.catch(error => {
jfail(error);
fail('SignUp or reset request failed');
done();
});
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
});
});
it('should fail if the new password is same as the previous one', done => {
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
verifyUserEmails: false,
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordHistory: 5,
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('user1');
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
// try to set the same password as the previous one
user.setPassword('user1');
return user.save();
})
.then(() => {
fail(
'should have failed because the new password is same as the old'
);
done();
})
.catch(error => {
expect(error.message).toEqual(
'New password should not be the same as last 5 passwords.'
);
expect(error.code).toEqual(Parse.Error.VALIDATION_ERROR);
done();
});
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
});
});
it('should fail if the new password is same as the 5th oldest one and policy does not allow the previous 5', done => {
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
verifyUserEmails: false,
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordHistory: 5,
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('user1');
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
// build history
user.setPassword('user2');
return user.save();
})
.then(() => {
user.setPassword('user3');
return user.save();
})
.then(() => {
user.setPassword('user4');
return user.save();
})
.then(() => {
user.setPassword('user5');
return user.save();
})
.then(() => {
// set the same password as the initial one
user.setPassword('user1');
return user.save();
})
.then(() => {
fail(
'should have failed because the new password is same as the old'
);
done();
})
.catch(error => {
expect(error.message).toEqual(
'New password should not be the same as last 5 passwords.'
);
expect(error.code).toEqual(Parse.Error.VALIDATION_ERROR);
done();
});
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
});
});
it('should succeed if the new password is same as the 6th oldest one and policy does not allow only previous 5', done => {
const user = new Parse.User();
reconfigureServer({
appName: 'passwordPolicy',
verifyUserEmails: false,
passwordPolicy: {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
maxPasswordHistory: 5,
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
},
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
publicServerURL: 'http://localhost:8378/1',
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
}).then(() => {
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user.setUsername('user1');
user.setPassword('user1');
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
user.set('email', 'user1@parse.com');
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
user
.signUp()
.then(() => {
// build history
user.setPassword('user2');
return user.save();
})
.then(() => {
user.setPassword('user3');
return user.save();
})
.then(() => {
user.setPassword('user4');
return user.save();
})
.then(() => {
user.setPassword('user5');
return user.save();
})
.then(() => {
user.setPassword('user6'); // this pushes initial password out of history
return user.save();
})
.then(() => {
// set the same password as the initial one
user.setPassword('user1');
return user.save();
})
.then(() => {
done();
})
.catch(() => {
fail(
'should have succeeded because the new password is not in history'
);
done();
});
Adds password history support to passwordPolicy (#3102) * password history support in passwordPolicy * Refactor RestWrite.transformUser * fix eslint issues
2016-11-29 22:31:52 +05:30
});
});
Cannot change password when maxPasswordHistory is 1 (#5191) * Negitive to zero and positive to same value * add failing test
2019-04-10 22:57:09 +05:45
it('should not infinitely loop if maxPasswordHistory is 1 (#4918)', async () => {
const user = new Parse.User();
const query = new Parse.Query(Parse.User);
await reconfigureServer({
appName: 'passwordPolicy',
verifyUserEmails: false,
passwordPolicy: {
maxPasswordHistory: 1,
},
publicServerURL: 'http://localhost:8378/1',
});
user.setUsername('user1');
user.setPassword('user1');
user.set('email', 'user1@parse.com');
await user.signUp();
user.setPassword('user2');
await user.save();
const result1 = await query.get(user.id, { useMasterKey: true });
expect(result1.get('_password_history').length).toBe(1);
user.setPassword('user3');
await user.save();
const result2 = await query.get(user.id, { useMasterKey: true });
expect(result2.get('_password_history').length).toBe(1);
expect(result1.get('_password_history')).not.toEqual(
result2.get('_password_history')
);
});
Use Prettier JS (#5017) * Adds prettier * Run lint before tests
2018-09-01 13:58:06 -04:00
});
Reference in New Issue Copy Permalink