Merge branch 'main' into fix/role-deletion

server/test/forgot_password_mobile_test.go

@@ -0,0 +1,61 @@
+package test
+
+import (
+	"fmt"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/google/uuid"
+	"github.com/stretchr/testify/assert"
+)
+
+func forgotPasswordMobileTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should run forgot password for mobile`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		phoneNumber := "6240345678"
+		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
+			PhoneNumber:     refs.NewStringRef(phoneNumber),
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+		assert.NoError(t, err)
+		assert.NotNil(t, res)
+		forgotPasswordRes, err := resolvers.ForgotPasswordResolver(ctx, model.ForgotPasswordInput{
+			PhoneNumber: refs.NewStringRef(phoneNumber),
+		})
+		assert.Nil(t, err, "no errors for forgot password")
+		assert.NotNil(t, forgotPasswordRes)
+		assert.True(t, *forgotPasswordRes.ShouldShowMobileOtpScreen)
+		otpReq, err := db.Provider.GetOTPByPhoneNumber(ctx, phoneNumber)
+		assert.Nil(t, err)
+		mfaSession := uuid.NewString()
+		memorystore.Provider.SetMfaSession(res.User.ID, mfaSession, time.Now().Add(1*time.Minute).Unix())
+		cookie := fmt.Sprintf("%s=%s;", constants.MfaCookieName+"_session", mfaSession)
+		cookie = strings.TrimSuffix(cookie, ";")
+		req.Header.Set("Cookie", cookie)
+		// Reset password
+		resetPasswordRes, err := resolvers.ResetPasswordResolver(ctx, model.ResetPasswordInput{
+			PhoneNumber:     refs.NewStringRef(phoneNumber),
+			Otp:             refs.NewStringRef(otpReq.Otp),
+			Password:        s.TestInfo.Password + "test",
+			ConfirmPassword: s.TestInfo.Password + "test",
+		})
+		assert.Nil(t, err)
+		assert.NotNil(t, resetPasswordRes)
+		// Test login
+		loginRes, err := resolvers.LoginResolver(ctx, model.LoginInput{
+			PhoneNumber: refs.NewStringRef(phoneNumber),
+			Password:    s.TestInfo.Password + "test",
+		})
+		assert.Nil(t, err)
+		assert.NotNil(t, loginRes)
+	})
+}

server/test/forgot_password_test.go

@@ -24,7 +24,7 @@ func forgotPasswordTest(t *testing.T, s TestSetup) {
 		assert.NoError(t, err)
 		assert.NotNil(t, res)
 		forgotPasswordRes, err := resolvers.ForgotPasswordResolver(ctx, model.ForgotPasswordInput{
-			Email: email,
+			Email: refs.NewStringRef(email),
 		})
 		assert.Nil(t, err, "no errors for forgot password")
 		assert.NotNil(t, forgotPasswordRes)

server/test/integration_test.go

@@ -131,6 +131,7 @@ func TestResolvers(t *testing.T) {
 			mobileLoginTests(t, s)
 			totpLoginTest(t, s)
 			forgotPasswordTest(t, s)
+			forgotPasswordMobileTest(t, s)
 			resendVerifyEmailTests(t, s)
 			resetPasswordTest(t, s)
 			verifyEmailTest(t, s)

server/test/logout_test.go

@@ -35,6 +35,30 @@ func logoutTests(t *testing.T, s TestSetup) {
 		assert.NotNil(t, verifyRes)
 		accessToken := *verifyRes.AccessToken
 		assert.NotEmpty(t, accessToken)
+		// Test logout with access token
+		req.Header.Set("Authorization", "Bearer "+accessToken)
+		logoutRes, err := resolvers.LogoutResolver(ctx)
+		assert.Nil(t, err)
+		assert.NotNil(t, logoutRes)
+		assert.NotEmpty(t, logoutRes.Message)
+		req.Header.Set("Authorization", "")
+
+		// Test logout with session cookie
+		magicLoginRes, err = resolvers.MagicLinkLoginResolver(ctx, model.MagicLinkLoginInput{
+			Email: email,
+		})
+		assert.NoError(t, err)
+		assert.NotNil(t, magicLoginRes)
+		verificationRequest, err = db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeMagicLinkLogin)
+		assert.NoError(t, err)
+		assert.NotNil(t, verificationRequest)
+		verifyRes, err = resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
+			Token: verificationRequest.Token,
+		})
+		assert.NoError(t, err)
+		assert.NotNil(t, verifyRes)
+		accessToken = *verifyRes.AccessToken
+		assert.NotEmpty(t, accessToken)
 		claims, err := token.ParseJWTToken(accessToken)
 		assert.NoError(t, err)
 		assert.NotEmpty(t, claims)

server/test/reset_password_test.go

@@ -23,37 +23,30 @@ func resetPasswordTest(t *testing.T, s TestSetup) {
 		})
 		assert.NoError(t, err)
 		_, err = resolvers.ForgotPasswordResolver(ctx, model.ForgotPasswordInput{
-			Email: email,
+			Email: refs.NewStringRef(email),
 		})
 		assert.Nil(t, err, "no errors for forgot password")
-
 		verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeForgotPassword)
 		assert.Nil(t, err, "should get forgot password request")
 		assert.NotNil(t, verificationRequest)
 		_, err = resolvers.ResetPasswordResolver(ctx, model.ResetPasswordInput{
-			Token:           verificationRequest.Token,
+			Token:           refs.NewStringRef(verificationRequest.Token),
 			Password:        "test1",
 			ConfirmPassword: "test",
 		})
-
 		assert.NotNil(t, err, "passwords don't match")
-
 		_, err = resolvers.ResetPasswordResolver(ctx, model.ResetPasswordInput{
-			Token:           verificationRequest.Token,
+			Token:           refs.NewStringRef(verificationRequest.Token),
 			Password:        "test1",
 			ConfirmPassword: "test1",
 		})
-
 		assert.NotNil(t, err, "invalid password")
-
 		_, err = resolvers.ResetPasswordResolver(ctx, model.ResetPasswordInput{
-			Token:           verificationRequest.Token,
+			Token:           refs.NewStringRef(verificationRequest.Token),
 			Password:        "Test@1234",
 			ConfirmPassword: "Test@1234",
 		})
-
 		assert.Nil(t, err, "password changed successfully")
-
 		cleanData(email)
 	})
 }