1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
use axum::extract::{Json, State};
use crate::{
empty::Empty,
test::{fixtures, verify},
};
#[tokio::test]
async fn password_change() {
// Set up the environment
let app = fixtures::scratch_app().await;
let creds = fixtures::user::create_with_password(&app, &fixtures::now()).await;
let cookie = fixtures::cookie::logged_in(&app, &creds, &fixtures::now()).await;
let identity = fixtures::identity::from_cookie(&app, &cookie, &fixtures::now()).await;
// Call the endpoint
let (name, password) = creds;
let to = fixtures::user::propose_password();
let request = super::Request {
password: password.clone(),
to: to.clone(),
};
let (new_cookie, Empty) = super::handler(
State(app.logins()),
fixtures::now(),
identity.clone(),
cookie.clone(),
Json(request),
)
.await
.expect("changing passwords succeeds");
// Verify that we have a new session
assert_ne!(cookie.secret(), new_cookie.secret());
// Verify that we're still ourselves
verify::identity::valid_for_login(&app, &new_cookie, &identity.login).await;
// Verify that our original token is no longer valid
verify::identity::invalid(&app, &cookie).await;
// Verify that our original password is no longer valid
verify::login::invalid_login(&app, &name, &password).await;
// Verify that our new password is valid
verify::login::valid_login(&app, &name, &to).await;
}
|
