Update tests

Author: dblythy

spec/EmailVerificationToken.spec.js

@@ -604,11 +604,9 @@ describe('Email Verification Token Expiration: ', () => {
       });
   });
 
-  it('should match codes with emailVerifyTokenReuseIfValid', done => {
-    const user = new Parse.User();
+  it('should match codes with emailVerifyTokenReuseIfValid', async done => {
     let sendEmailOptions;
     let sendVerificationEmailCallCount = 0;
-    let userBeforeRequest;
     const emailAdapter = {
       sendVerificationEmail: options => {
         sendEmailOptions = options;
@@ -617,72 +615,58 @@ describe('Email Verification Token Expiration: ', () => {
       sendPasswordResetEmail: () => Promise.resolve(),
       sendMail: () => {},
     };
-    reconfigureServer({
+    await reconfigureServer({
       appName: 'emailVerifyToken',
       verifyUserEmails: true,
       emailAdapter: emailAdapter,
       emailVerifyTokenValidityDuration: 5 * 60, // 5 minutes
       publicServerURL: 'http://localhost:8378/1',
       emailVerifyTokenReuseIfValid: true,
-    })
-      .then(() => {
-        user.setUsername('resends_verification_token');
-        user.setPassword('expiringToken');
-        user.set('email', '[email protected]');
-        return user.signUp();
-      })
-      .then(() => {
-        const config = Config.get('test');
-        return config.database
-          .find('_User', { username: 'resends_verification_token' })
-          .then(results => {
-            return results[0];
-          });
-      })
-      .then(newUser => {
-        // store this user before we make our email request
-        userBeforeRequest = newUser;
-        expect(sendVerificationEmailCallCount).toBe(1);
-
-        return request({
-          url: 'http://localhost:8378/1/verificationEmailRequest',
-          method: 'POST',
-          body: {
-            email: '[email protected]',
-          },
-          headers: {
-            'X-Parse-Application-Id': Parse.applicationId,
-            'X-Parse-REST-API-Key': 'rest',
-            'Content-Type': 'application/json',
-          },
-        });
-      })
-      .then(response => {
-        expect(response.status).toBe(200);
-        expect(sendVerificationEmailCallCount).toBe(2);
-        expect(sendEmailOptions).toBeDefined();
-
-        // query for this user again
-        const config = Config.get('test');
-        return config.database
-          .find('_User', { username: 'resends_verification_token' })
-          .then(results => {
-            return results[0];
-          });
-      })
-      .then(userAfterRequest => {
-        // verify that our token & expiration has been changed for this new request
-        expect(typeof userAfterRequest).toBe('object');
-        expect(userBeforeRequest._email_verify_token).toEqual(userAfterRequest._email_verify_token);
-        expect(userBeforeRequest._email_verify_token_expires_at).toEqual(
-          userAfterRequest._email_verify_token_expires_at
-        );
-        done();
-      })
-      .catch(error => {
-        jfail(error);
-        done();
-      });
+    });
+    const user = new Parse.User();
+    user.setUsername('resends_verification_token');
+    user.setPassword('expiringToken');
+    user.set('email', '[email protected]');
+    await user.signUp();
+
+    const config = Config.get('test');
+    const [userBeforeRequest] = await config.database.find('_User', {
+      username: 'resends_verification_token',
+    });
+    // store this user before we make our email request
+    expect(sendVerificationEmailCallCount).toBe(1);
+    await new Promise(resolve => {
+      setTimeout(() => {
+        resolve();
+      }, 1000);
+    });
+    const response = await request({
+      url: 'http://localhost:8378/1/verificationEmailRequest',
+      method: 'POST',
+      body: {
+        email: '[email protected]',
+      },
+      headers: {
+        'X-Parse-Application-Id': Parse.applicationId,
+        'X-Parse-REST-API-Key': 'rest',
+        'Content-Type': 'application/json',
+      },
+    });
+    expect(response.status).toBe(200);
+    expect(sendVerificationEmailCallCount).toBe(2);
+    expect(sendEmailOptions).toBeDefined();
+
+    const [userAfterRequest] = await config.database.find('_User', {
+      username: 'resends_verification_token',
+    });
+
+    // verify that our token & expiration has been changed for this new request
+    expect(typeof userAfterRequest).toBe('object');
+    expect(userBeforeRequest._email_verify_token).toEqual(userAfterRequest._email_verify_token);
+    expect(userBeforeRequest._email_verify_token_expires_at).toEqual(
+      userAfterRequest._email_verify_token_expires_at
+    );
+    done();
   });
 
   it('should not send a new verification email when a resend is requested and the user is VERIFIED', done => {

spec/PasswordPolicy.spec.js

@@ -122,8 +122,7 @@ describe('Password Policy: ', () => {
       });
   });
 
-  it('should not keep reset token', done => {
-    const user = new Parse.User();
+  it('should not keep reset token by default', async done => {
     const sendEmailOptions = [];
     const emailAdapter = {
       sendVerificationEmail: () => Promise.resolve(),
@@ -132,46 +131,26 @@ describe('Password Policy: ', () => {
       },
       sendMail: () => {},
     };
-    reconfigureServer({
+    await reconfigureServer({
       appName: 'passwordPolicy',
       emailAdapter: emailAdapter,
       passwordPolicy: {
         resetTokenValidityDuration: 5 * 60, // 5 minutes
       },
       publicServerURL: 'http://localhost:8378/1',
-    })
-      .then(() => {
-        user.setUsername('testResetTokenValidity');
-        user.setPassword('original');
-        user.set('email', '[email protected]');
-        return user.signUp();
-      })
-      .then(() => {
-        return Parse.User.requestPasswordReset('[email protected]').catch(err => {
-          jfail(err);
-          fail('Reset password request should not fail');
-          done();
-        });
-      })
-      .then(() => {
-        return Parse.User.requestPasswordReset('[email protected]').catch(err => {
-          jfail(err);
-          fail('Reset password request should not fail');
-          done();
-        });
-      })
-      .then(() => {
-        expect(sendEmailOptions[0].link).not.toBe(sendEmailOptions[1].link);
-        done();
-      })
-      .catch(err => {
-        jfail(err);
-        done();
-      });
+    });
+    const user = new Parse.User();
+    user.setUsername('testResetTokenValidity');
+    user.setPassword('original');
+    user.set('email', '[email protected]');
+    await user.signUp();
+    await Parse.User.requestPasswordReset('[email protected]');
+    await Parse.User.requestPasswordReset('[email protected]');
+    expect(sendEmailOptions[0].link).not.toBe(sendEmailOptions[1].link);
+    done();
   });
 
-  it('should keep reset token with resetTokenReuseIfValid', done => {
-    const user = new Parse.User();
+  it('should keep reset token with resetTokenReuseIfValid', async done => {
     const sendEmailOptions = [];
     const emailAdapter = {
       sendVerificationEmail: () => Promise.resolve(),
@@ -180,43 +159,24 @@ describe('Password Policy: ', () => {
       },
       sendMail: () => {},
     };
-    reconfigureServer({
+    await reconfigureServer({
       appName: 'passwordPolicy',
       emailAdapter: emailAdapter,
       passwordPolicy: {
         resetTokenValidityDuration: 5 * 60, // 5 minutes
         resetTokenReuseIfValid: true,
       },
       publicServerURL: 'http://localhost:8378/1',
-    })
-      .then(() => {
-        user.setUsername('testResetTokenValidity');
-        user.setPassword('original');
-        user.set('email', '[email protected]');
-        return user.signUp();
-      })
-      .then(() => {
-        return Parse.User.requestPasswordReset('[email protected]').catch(err => {
-          jfail(err);
-          fail('Reset password request should not fail');
-          done();
-        });
-      })
-      .then(() => {
-        return Parse.User.requestPasswordReset('[email protected]').catch(err => {
-          jfail(err);
-          fail('Reset password request should not fail');
-          done();
-        });
-      })
-      .then(() => {
-        expect(sendEmailOptions[0].link).toBe(sendEmailOptions[1].link);
-        done();
-      })
-      .catch(err => {
-        jfail(err);
-        done();
-      });
+    });
+    const user = new Parse.User();
+    user.setUsername('testResetTokenValidity');
+    user.setPassword('original');
+    user.set('email', '[email protected]');
+    await user.signUp();
+    await Parse.User.requestPasswordReset('[email protected]');
+    await Parse.User.requestPasswordReset('[email protected]');
+    expect(sendEmailOptions[0].link).toBe(sendEmailOptions[1].link);
+    done();
   });
 
   it('should fail if passwordPolicy.resetTokenValidityDuration is not a number', done => {

src/Config.js

@@ -70,6 +70,7 @@ export class Config {
     readOnlyMasterKey,
     allowHeaders,
     idempotencyOptions,
+    emailVerifyTokenReuseIfValid,
   }) {
     if (masterKey === readOnlyMasterKey) {
       throw new Error('masterKey and readOnlyMasterKey should be different');
@@ -82,6 +83,7 @@ export class Config {
         appName,
         publicServerURL,
         emailVerifyTokenValidityDuration,
+        emailVerifyTokenReuseIfValid,
       });
     }
 
@@ -190,6 +192,16 @@ export class Config {
       ) {
         throw 'passwordPolicy.maxPasswordHistory must be an integer ranging 0 - 20';
       }
+
+      if (
+        passwordPolicy.resetTokenReuseIfValid &&
+        typeof passwordPolicy.resetTokenReuseIfValid !== 'boolean'
+      ) {
+        throw 'resetTokenReuseIfValid must be a boolean value';
+      }
+      if (passwordPolicy.resetTokenReuseIfValid && !passwordPolicy.resetTokenValidityDuration) {
+        throw 'You cannot use resetTokenReuseIfValid without resetTokenValidityDuration';
+      }
     }
   }
 
@@ -207,6 +219,7 @@ export class Config {
     appName,
     publicServerURL,
     emailVerifyTokenValidityDuration,
+    emailVerifyTokenReuseIfValid,
   }) {
     if (!emailAdapter) {
       throw 'An emailAdapter is required for e-mail verification and password resets.';
@@ -224,6 +237,12 @@ export class Config {
         throw 'Email verify token validity duration must be a value greater than 0.';
       }
     }
+    if (emailVerifyTokenReuseIfValid && typeof emailVerifyTokenReuseIfValid !== 'boolean') {
+      throw 'emailVerifyTokenReuseIfValid must be a boolean value';
+    }
+    if (emailVerifyTokenReuseIfValid && !emailVerifyTokenValidityDuration) {
+      throw 'You cannot use emailVerifyTokenReuseIfValid without emailVerifyTokenValidityDuration';
+    }
   }
 
   static validateMasterKeyIps(masterKeyIps) {

src/Controllers/UserController.js

@@ -158,7 +158,11 @@ export class UserController extends AdaptableController {
    * @returns {*}
    */
   regenerateEmailVerifyToken(user) {
-    const { _email_verify_token, _email_verify_token_expires_at } = user;
+    const { _email_verify_token } = user;
+    let { _email_verify_token_expires_at } = user;
+    if (_email_verify_token_expires_at && _email_verify_token_expires_at.__type === 'Date') {
+      _email_verify_token_expires_at = _email_verify_token_expires_at.iso;
+    }
     if (
       this.config.emailVerifyTokenReuseIfValid &&
       this.config.emailVerifyTokenValidityDuration &&

src/Routers/UsersRouter.js

@@ -308,6 +308,7 @@ export class UsersRouter extends ClassesRouter {
         appName: req.config.appName,
         publicServerURL: req.config.publicServerURL,
         emailVerifyTokenValidityDuration: req.config.emailVerifyTokenValidityDuration,
+        emailVerifyTokenReuseIfValid: req.config.emailVerifyTokenReuseIfValid,
       });
     } catch (e) {
       if (typeof e === 'string') {