PageRenderTime 58ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/tools/tests/registration.js

https://gitlab.com/tenstairs/meteor
JavaScript | 276 lines | 198 code | 37 blank | 41 comment | 15 complexity | 178d44b9a7381aaf2f87bde3994b6924 MD5 | raw file
  1. var _ = require('underscore');
  2. var selftest = require('../selftest.js');
  3. var testUtils = require('../test-utils.js');
  4. var utils = require('../utils.js');
  5. var Sandbox = selftest.Sandbox;
  6. var httpHelpers = require('../http-helpers.js');
  7. var config = require('../config.js');
  8. var expectInvalidToken = function (token) {
  9. // Same XXX as testUtils.registerWithToken: should be hardcoded to
  10. // https://www.meteor.com?
  11. var accountsConn = testUtils.ddpConnect(config.getAuthDDPUrl());
  12. var registrationTokenInfo = accountsConn.call('registrationTokenInfo',
  13. token);
  14. // We should not be able to get a registration code for an invalid
  15. // token.
  16. if (registrationTokenInfo.valid || registrationTokenInfo.code) {
  17. throw new Error('Expected invalid token is valid!');
  18. }
  19. accountsConn.close();
  20. };
  21. // Polls a guerrillamail.com inbox every 3 seconds looking for an email
  22. // that matches the given subject and body regexes. This could fail if
  23. // there is someone else polling this same inbox, so use a random email
  24. // address.
  25. //
  26. // If a matching email is found before the timeout elapses, this
  27. // function returns an object with keys:
  28. // - subject: the subject line of the matching email
  29. // - bodyPage: HTML (an entire rendered page) containing the body of
  30. // the email
  31. // Throws an exception if no matching email is found before the timeout
  32. // elapses.
  33. var waitForEmail = selftest.markStack(function (inbox, subjectRegExp,
  34. bodyRegExp, timeoutSecs) {
  35. if (timeoutSecs) {
  36. var timeout = setTimeout(function () {
  37. throw new Error('Waiting for email to ' + inbox +
  38. ' timed out.');
  39. }, timeoutSecs * 1000);
  40. }
  41. // Get a session cookie for this inbox.
  42. var setEmailUrl = 'https://www.guerrillamail.com/ajax.php?f=set_email_user';
  43. var setEmailData = {
  44. email_user: inbox.split('@')[0],
  45. domain: 'guerrillamail.com'
  46. };
  47. var setEmailResult = httpHelpers.request({
  48. method: 'POST',
  49. url: setEmailUrl,
  50. form: setEmailData
  51. });
  52. var sessionCookie = JSON.parse(setEmailResult.body).sid_token;
  53. var cookieHeader = "PHPSESSID=" + sessionCookie + ";";
  54. var match;
  55. while (! match) {
  56. var checkInboxUrl = 'https://www.guerrillamail.com/ajax.php?' +
  57. 'f=check_email&seq=1&domain=guerrillamail.com&_=' +
  58. (+ new Date());
  59. var checkInboxResult = httpHelpers.request({
  60. method: 'GET',
  61. url: checkInboxUrl,
  62. headers: { Cookie: cookieHeader }
  63. });
  64. var body = JSON.parse(checkInboxResult.body);
  65. _.each(body.list, function (email) {
  66. var emailId = email.mail_id;
  67. var subject = email.mail_subject;
  68. if (subjectRegExp.test(subject)) {
  69. // Subject matches, so now check the body.
  70. var bodyResult = httpHelpers.request({
  71. url: 'https://www.guerrillamail.com/inbox?mail_id=' + emailId,
  72. headers: { Cookie: cookieHeader }
  73. });
  74. if (bodyRegExp.test(bodyResult.body)) {
  75. match = {
  76. subject: email.mail_subject,
  77. bodyPage: bodyResult.body
  78. };
  79. }
  80. }
  81. });
  82. if (! match)
  83. utils.sleepMs(3000);
  84. }
  85. clearTimeout(timeout);
  86. return match;
  87. });
  88. selftest.define('deferred registration - email registration token', ['net', 'slow'], function () {
  89. var s = new Sandbox;
  90. var email = testUtils.randomUserEmail();
  91. var username = testUtils.randomString(10);
  92. var appName = testUtils.randomAppName();
  93. var apiToken = testUtils.deployWithNewEmail(s, email, appName);
  94. // Check that we got a registration email in our inbox.
  95. var registrationEmail = waitForEmail(email, /Set a password/,
  96. /set a password/, 60);
  97. // Fish out the registration token and use to it to complete
  98. // registration.
  99. var token = testUtils.registrationUrlRegexp.exec(registrationEmail.bodyPage);
  100. if (! token || ! token[1]) {
  101. throw new Error("No registration token in email");
  102. }
  103. token = token[1];
  104. testUtils.registerWithToken(token, username, 'testtest', email);
  105. // Success! 'meteor whoami' should now know who we are.
  106. var run = s.run('whoami');
  107. run.waitSecs(testUtils.accountsCommandTimeoutSecs);
  108. run.read(username + '\n');
  109. run.expectExit(0);
  110. // We should be able to log out and log back in with our new password.
  111. testUtils.logout(s);
  112. testUtils.login(s, username, 'testtest');
  113. // And after logging out and logging back in, we should have
  114. // authorization to delete our app.
  115. testUtils.cleanUpApp(s, appName);
  116. // All the tokens we got should now be invalid.
  117. expectInvalidToken(token);
  118. expectInvalidToken(apiToken);
  119. testUtils.logout(s);
  120. // XXX Test that registration URLs get printed when they should
  121. });
  122. selftest.define('deferred registration revocation', ['net'], function () {
  123. // Test that if we are logged in as a passwordless user, and our
  124. // credential gets revoked, and we do something like 'meteor whoami'
  125. // that polls to see if registration is complete, then we handle it
  126. // gracefully.
  127. var s = new Sandbox;
  128. s.createApp('deployapp', 'empty');
  129. s.cd('deployapp');
  130. // Create a new deferred registration account. (Don't bother to wait
  131. // for the deploy to go through.)
  132. var email = testUtils.randomUserEmail();
  133. var username = testUtils.randomString(10);
  134. var appName = testUtils.randomAppName();
  135. var run = s.run('deploy', appName);
  136. run.waitSecs(5);
  137. run.matchErr('Email:');
  138. run.write(email + '\n');
  139. run.waitSecs(90);
  140. run.match('Deploying');
  141. run.waitSecs(15); // because the bundler doesn't yield
  142. run.stop();
  143. // 'whoami' says that we don't have a password
  144. run = s.run('whoami');
  145. run.waitSecs(15);
  146. run.matchErr('/setPassword?');
  147. run.expectExit(1);
  148. // Revoke the credential without updating .meteorsession.
  149. var sessionState = s.readSessionFile();
  150. run = s.run('logout');
  151. run.waitSecs(15);
  152. run.readErr("Logged out.\n");
  153. run.expectEnd();
  154. run.expectExit(0);
  155. s.writeSessionFile(sessionState);
  156. // 'whoami' now says that we're not logged in. No errors are printed.
  157. run = s.run('whoami');
  158. run.waitSecs(15);
  159. run.readErr("Not logged in. 'meteor login' to log in.\n");
  160. run.expectEnd();
  161. run.expectExit(1);
  162. });
  163. selftest.define(
  164. 'deferred registration - api registration token',
  165. ['net', 'slow'],
  166. function () {
  167. var s = new Sandbox;
  168. var email = testUtils.randomUserEmail();
  169. var username = testUtils.randomString(10);
  170. var appName = testUtils.randomAppName();
  171. var token = testUtils.deployWithNewEmail(s, email, appName);
  172. testUtils.registerWithToken(token, username, 'testtest', email);
  173. testUtils.logout(s);
  174. testUtils.login(s, username, 'testtest');
  175. testUtils.cleanUpApp(s, appName);
  176. // All tokens we received should not be invalid.
  177. expectInvalidToken(token);
  178. var registrationEmail = waitForEmail(email, /Set a password/,
  179. /set a password/, 60);
  180. var emailToken = testUtils.registrationUrlRegexp.exec(
  181. registrationEmail.bodyPage
  182. );
  183. if (! emailToken || ! emailToken[1]) {
  184. throw new Error('No registration token in email');
  185. }
  186. expectInvalidToken(emailToken[1]);
  187. testUtils.logout(s);
  188. }
  189. );
  190. selftest.define(
  191. 'deferred registration - register after logging out',
  192. ['net', 'slow'],
  193. function () {
  194. var s = new Sandbox;
  195. var email = testUtils.randomUserEmail();
  196. var username = testUtils.randomString(10);
  197. var appName = testUtils.randomAppName();
  198. var token = testUtils.deployWithNewEmail(s, email, appName);
  199. testUtils.logout(s);
  200. // If we deploy again with the same email address after logging out,
  201. // we should get a message telling us to check our email and
  202. // register, and the tool should obediently wait for us to do that
  203. // before doing the deploy.
  204. s.createApp('deployapp2', 'empty');
  205. s.cd('deployapp2');
  206. var run = s.run('deploy', appName);
  207. run.waitSecs(testUtils.accountsCommandTimeoutSecs);
  208. run.matchErr('Email:');
  209. run.write(email + '\n');
  210. run.waitSecs(testUtils.accountsCommandTimeoutSecs);
  211. run.matchErr('pick a password');
  212. run.matchErr('Waiting for you to register on the web...');
  213. var registrationEmail = waitForEmail(
  214. email,
  215. /Set a password/,
  216. /You previously created a Meteor developer account/,
  217. 60
  218. );
  219. token = testUtils.registrationUrlRegexp.exec(
  220. registrationEmail.bodyPage
  221. );
  222. if (! token || ! token[1]) {
  223. throw new Error('No registration token in email');
  224. }
  225. testUtils.registerWithToken(token[1], username, 'testtest', email);
  226. run.waitSecs(testUtils.accountsCommandTimeoutSecs);
  227. run.matchErr('Username: ' + username + '\n');
  228. run.matchErr('Password: ');
  229. run.write('testtest\n');
  230. run.waitSecs(90);
  231. run.match('Now serving at');
  232. run.expectExit(0);
  233. run = s.run('whoami');
  234. run.read(username);
  235. run.expectExit(0);
  236. testUtils.cleanUpApp(s, appName);
  237. testUtils.logout(s);
  238. }
  239. );