--amend

atlp-rwanda · May 9, 2024 · d8665a1 · d8665a1
1 parent 306c57c
commit d8665a1
Show file tree

Hide file tree

Showing 4 changed files with 201 additions and 190 deletions.
diff --git a/src/__test__/route.test.ts b/src/__test__/route.test.ts
@@ -2,16 +2,14 @@ import request from 'supertest';
 import { app, server } from '../index';
 import { createConnection, getConnection, getConnectionOptions, getRepository } from 'typeorm';
 import { User } from '../entities/User';
-import { response } from 'express';
 
 beforeAll(async () => {
  // Connect to the test database
  const connectionOptions = await getConnectionOptions();
 
  await createConnection({ ...connectionOptions, name: 'testConnection' });
-}, 10000);
+});
 
-jest.setTimeout(20000);
 afterAll(async () => {
  const connection = getConnection('testConnection');
  const userRepository = connection.getRepository(User);
@@ -25,25 +23,7 @@ afterAll(async () => {
  server.close();
 });
 
-describe('GET /', () => {
- it('This is a testing route that returns', done => {
- request(app)
- .get('/api/v1/status')
- .expect(200)
- .expect('Content-Type', /json/)
- .expect(
- {
- status: 'success',
- data: {
- code: 200,
- message: 'This is a testing route.',
- },
- },
- done
- );
- });
-});
-describe('POST /user/register', () => {
+describe('start2FAProcess', () => {
  it('should register a new user', async () => {
  // Arrange
  const newUser = {
@@ -59,6 +39,7 @@ describe('POST /user/register', () => {
  // Act
  const res = await request(app).post('/user/register').send(newUser);
  // Assert
+ expect(res.status).toBe(201);
  expect(res.body).toEqual({
  status: 'success',
  data: {
@@ -67,171 +48,193 @@ describe('POST /user/register', () => {
  },
  });
  });
-});
-describe('POST /user/verify/:id', () => {
- it('should verify a user', async () => {
- // Arrange
- const newUser = {
- firstName: 'John',
- lastName: 'Doe',
- email: 'john.doe1@example.com',
- password: 'password',
- gender: 'Male',
- phoneNumber: '123456789',
- userType: 'Buyer',
- photoUrl: 'https://example.com/photo.jpg',
- };
 
-  // Create a new user
- const res = await request(app).post('/user/register').send(newUser);
+ it('should return 400 if not sent email in body on enabling 2fa', async () => {
+ const data = {};
 
- const userRepository = getRepository(User);
- const user = await userRepository.findOne({ where: { email: newUser.email } });
+ const res = await request(app).post('/user/enable-2fa').send(data);
 
- if (user) {
- const verifyRes = await request(app).get(`/user/verify/${user.id}`);
+ expect(res.status).toBe(400);
+ expect(res.body).toEqual({ status: 'error', message: 'Please provide your email' });
+ });
 
- // Assert
- expect(verifyRes.status).toBe(200);
- expect(verifyRes.text).toEqual('<p>User verified successfully</p>');
+ it('should return 404 if user not exist on enabling 2fa', async () => {
+ const data = {
+ email: 'example@gmail.com',
+ };
 
- // Check that the user's verified field is now true
- const verifiedUser = await userRepository.findOne({ where: { email: newUser.email } });
- if (verifiedUser) {
- expect(verifiedUser.verified).toBe(true);
- }
- }
+ const res = await request(app).post('/user/enable-2fa').send(data);
+
+ expect(res.status).toBe(404);
+ expect(res.body).toEqual({ status: 'error', message: 'User not found' });
  });
-});
 
-describe('Send password reset link', () => {
- it('Attempt to send email with rate limiting', async () => {
- const email = 'elijahladdiedv@gmail.com';
+ it('should enable two-factor authentication', async () => {
+ const data = {
+ email: 'john.doe1@example.com',
+ };
 
- const requests = Array.from({ length: 5 }, async () => {
- return await request(app).post(`/user/password/reset/link?email=${email}`);
- });
+ const res = await request(app).post('/user/enable-2fa').send(data);
 
- const responses = await Promise.all(requests);
- const lastResponse = responses[responses.length - 1];
- expect(lastResponse.status).toBe(404);
- expect(lastResponse.body.message).toEqual('User not found');
- }, 20000);
+ expect(res.status).toBe(200);
+ expect(res.body).toEqual({ status: 'success', message: 'Two factor authentication enabled successfully' });
+ });
 
- it('Attempt to send email with invalid email template', async () => {
- const email = 'elijahladdiedv@gmail.com';
+ it('should return 400 if not sent email in body on disabling 2fa', async () => {
+ const data = {};
 
- const res = await request(app).post(`/user/password/reset/link?email=${email}`);
+ const res = await request(app).post('/user/disable-2fa').send(data);
 
- expect(res.status).toBe(404);
- expect(res.body.message).toEqual('User not found');
- }, 10000);
+ expect(res.status).toBe(400);
+ expect(res.body).toEqual({ status: 'error', message: 'Please provide your email' });
+ });
 
- it('Send email to a user with special characters in email address', async () => {
- const email = 'user+test@example.com';
+ it('should return 404 if user not exist on disabling 2fa', async () => {
+ const data = {
+ email: 'example@gmail.com',
+ };
 
- const res = await request(app).post(`/user/password/reset/link?email=${encodeURIComponent(email)}`);
+ const res = await request(app).post('/user/disable-2fa').send(data);
 
  expect(res.status).toBe(404);
- expect(res.body.message).toEqual('User not found');
- }, 10000);
-});
-describe('Password Reset Service', () => {
- it('Should reset password successfully', async () => {
+ expect(res.body).toEqual({ status: 'error', message: 'User not found' });
+ });
+
+ it('should disable two-factor authentication', async () => {
  const data = {
- newPassword: 'user',
- confirmPassword: 'user',
+ email: 'john.doe1@example.com',
  };
- const email = 'elijahladdiedv@gmail.com';
- const userRepository = getRepository(User);
- const user = await userRepository.findOne({ where: { email: email } });
+
+ const res = await request(app).post('/user/disable-2fa').send(data);
+
+ expect(res.status).toBe(200);
+ expect(res.body).toEqual({ status: 'success', message: 'Two factor authentication disabled successfully' });
+ });
+
+ it('should return 400 if not sent email and otp in body on verifying OTP', async () => {
+ const data = {};
+
+ const res = await request(app).post('/user/verify-otp').send(data);
+
+ expect(res.status).toBe(400);
+ expect(res.body).toEqual({ status: 'error', message: 'Please provide an email and OTP code' });
+ });
+
+ it('should return 403 if OTP is invalid', async () => {
+ const email = 'john.doe1@example.com';
+ const user = await getRepository(User).findOneBy({ email });
  if (user) {
- const res: any = await request(app).post(`/user/password/reset?userid=${user.id}&email=${email}`).send(data);
- // Assert
- expect(res.status).toBe(200);
- expect(res.data.message).toEqual('Password updated successful');
+ user.twoFactorEnabled = true;
+ user.twoFactorCode = '123456';
+ await getRepository(User).save(user);
  }
- });
 
- it('Should return 404 if user not found', async () => {
  const data = {
- newPassword: 'user',
- confirmPassword: 'user',
+ email: 'john.doe1@example.com',
+ otp: '123457',
  };
- const email = 'nonexistentemail@example.com';
- const userId = 'nonexistentuserid';
- const res: any = await request(app).post(`/user/password/reset?userid=${userId}&email=${email}`).send(data);
- // Asser
- expect(res).toBeTruthy;
+
+ const res = await request(app).post('/user/verify-otp').send(data);
+ expect(res.status).toBe(403);
+ expect(res.body).toEqual({ status: 'error', message: 'Invalid authentication code' });
  });
 
- it('Should return 204 if required fields are missing', async () => {
+ it('should return 403 if user not exist on verifying OTP', async () => {
  const data = {
- //
+ email: 'john.doe10@example.com',
+ otp: '123457',
  };
- const email = 'elijahladdiedv@gmail.com';
 
+ const res = await request(app).post('/user/verify-otp').send(data);
+ expect(res.status).toBe(403);
+ expect(res.body).toEqual({ status: 'error', message: 'User not found' });
+ });
+
+ it('should return 403 if OTP is expired', async () => {
+ const email = 'john.doe1@example.com';
  const userRepository = getRepository(User);
- const user = await userRepository.findOne({ where: { email: email } });
+ const user = await userRepository.findOneBy({ email });
  if (user) {
- const res: any = await request(app).post(`/user/password/reset?userid=${user.id}&email=${email}`).send(data);
- expect(res.status).toBe(204);
- expect(res.data.error).toEqual('Please provide all required fields');
+ user.twoFactorEnabled = true;
+ user.twoFactorCode = '123456';
+ user.twoFactorCodeExpiresAt = new Date(Date.now() - 10 * 60 * 1000);
+ await getRepository(User).save(user);
  }
- });
 
- it('Should return 204 if newPassword and confirmPassword do not match', async () => {
  const data = {
- newPassword: 'user123',
- confirmPassword: 'user456',
+ email: email,
+ otp: '123456',
  };
- const email = 'elijahladdiedv@gmail.com';
 
- const userRepository = getRepository(User);
- const user = await userRepository.findOne({ where: { email: email } });
+ const res = await request(app).post('/user/verify-otp').send(data);
+ expect(res.status).toBe(403);
+ expect(res.body).toEqual({ status: 'error', message: 'Authentication code expired' });
  if (user) {
- const res: any = await request(app).post(`/user/password/reset?userid=${user.id}&email=${email}`).send(data);
- expect(res.status).toBe(204);
- expect(res.data.error).toEqual('New password must match confirm password');
+ await userRepository.remove(user);
  }
  });
-});
-describe.only('PUT/user/update', () =>{
- it('should return 401 if user is not authenticated', async() =>{
+
+ it('should return 400 if not sent email in body on resending OTP', async () => {
+ const data = {};
+
+ const res = await request(app).post('/user/resend-otp').send(data);
+
+ expect(res.status).toBe(400);
+ expect(res.body).toEqual({ status: 'error', message: 'Please provide an email' });
+ });
+
+ it('should return 404 if user not exist on resending OTP', async () => {
+ const data = {
+ email: 'john.doe10@example.com',
+ };
+
+ const res = await request(app).post('/user/resend-otp').send(data);
+ expect(res.status).toBe(404);
+ expect(res.body).toEqual({ status: 'error', message: 'Incorrect email' });
+ });
+
+ it('should resend OTP', async () => {
  const newUser = {
  firstName: 'John',
  lastName: 'Doe',
- email: 'john.doe23@example.com',
+ email: 'john.doe187@example.com',
  password: 'password',
  gender: 'Male',
- phoneNumber: '12345678900',
+ phoneNumber: '0785044398',
  userType: 'Buyer',
- photoUrl: 'https://example.com/photo.jpg',
  };
 
- // Create a new user
- const res = await request(app).post('/user/register').send(newUser);
- const userRepository = getRepository(User);
- const updateUser = {
- firstName: "Biguseers2399",
- lastName: "1",
- email: "john.doe23@example.com",
- gender: "Male",
- phoneNumber: "0790easdas7dsdfd76175",
- photoUrl: "photo",
- }
- const user = await userRepository.findOne({ where: { email: updateUser.email } });
-
- if(user){
- const res = await request(app).put('/user/update').send(updateUser)
- expect(res.status).toBe(201);
- expect(res.body).toEqual({
- status: 'success',
- data: {
- code: 201,
- message: 'User Profile has successfully been updated',
- },
- });
+ // Act
+ const resp = await request(app).post('/user/register').send(newUser);
+ if (!resp) {
+ console.log('Error creating user in resend otp test case');
  }
- });
-});
+ const data = {
+ email: 'john.doe187@example.com',
+ };
+
+ const res = await request(app).post('/user/resend-otp').send(data);
+ expect(res.status).toBe(200);
+ expect(res.body).toEqual({ status: 'success', data: { message: 'OTP sent successfully' } });
+ }, 20000);
+
+ it('should return 400 if not sent email in body on login', async () => {
+ const data = {};
+
+ const res = await request(app).post('/user/login').send(data);
+
+ expect(res.status).toBe(400);
+ expect(res.body).toEqual({ status: 'error', message: 'Please provide an email and password' });
+ }, 1000);
+
+ it('should return 404 if user not exist on login', async () => {
+ const data = {
+ email: 'john.doe10@example.com',
+ password: 'password',
+ };
+
+ const res = await request(app).post('/user/login').send(data);
+ expect(res.status).toBe(404);
+ expect(res.body).toEqual({ status: 'error', message: 'Incorrect email or password' });
+ }, 10000);
+});
diff --git a/src/controllers/authController.ts b/src/controllers/authController.ts
@@ -13,6 +13,7 @@ import { userPasswordResetService } from '../services/userServices/userPasswordR
 import { sendPasswordResetLinkService } from '../services/userServices/sendResetPasswordLinkService';
 import { activateUserService } from '../services/updateUserStatus/activateUserService';
 import { deactivateUserService } from '../services/updateUserStatus/deactivateUserService';
+import { userProfileUpdateServices } from '../services/userServices/userProfileUpdateServices';
 
 export const userRegistration = async (req: Request, res: Response) => {
  await userRegistrationService(req, res);

diff --git a/src/routes/UserRoutes.ts b/src/routes/UserRoutes.ts
@@ -10,6 +10,7 @@ import {
  userVerification,
  verifyOTP,
  logout,
+ userProfileUpdate,
 } from '../controllers';
 
 import { activateUser, disactivateUser } from '../controllers/index';