1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
use axum::extract::{Json, State};
use super::post;
use crate::{
test::fixtures,
token::app::{LoginError, ValidateError},
};
#[tokio::test]
async fn password_change() {
// Set up the environment
let app = fixtures::scratch_app().await;
let creds = fixtures::login::create_with_password(&app, &fixtures::now()).await;
let cookie = fixtures::cookie::logged_in(&app, &creds, &fixtures::now()).await;
let identity = fixtures::identity::from_cookie(&app, &cookie, &fixtures::now()).await;
// Call the endpoint
let (name, password) = creds;
let to = fixtures::login::propose_password();
let request = post::Request {
password: password.clone(),
to: to.clone(),
};
let (new_cookie, Json(response)) = post::handler(
State(app.clone()),
fixtures::now(),
identity.clone(),
cookie.clone(),
Json(request),
)
.await
.expect("changing passwords succeeds");
// Verify that we have a new session
assert_ne!(cookie.secret(), new_cookie.secret());
// Verify that we're still ourselves
assert_eq!(identity.user, response);
// Verify that our original token is no longer valid
let validate_err = app
.tokens()
.validate(
&cookie
.secret()
.expect("original identity cookie has a secret"),
&fixtures::now(),
)
.await
.expect_err("validating the original identity secret should fail");
assert!(matches!(validate_err, ValidateError::InvalidToken));
// Verify that our original password is no longer valid
let login_err = app
.tokens()
.login(&name, &password, &fixtures::now())
.await
.expect_err("logging in with the original password should fail");
assert!(matches!(login_err, LoginError::Rejected));
// Verify that our new password is valid
let (login, _) = app
.tokens()
.login(&name, &to, &fixtures::now())
.await
.expect("logging in with the new password should succeed");
assert_eq!(identity.user, login);
}
|
