From b2bacd1a30f92ea3456a2af08d872bb991e9dfa7 Mon Sep 17 00:00:00 2001 From: Felix Ableitner Date: Fri, 22 Sep 2023 16:17:07 +0200 Subject: [PATCH] fix api tests --- api_tests/src/comment.spec.ts | 2 +- api_tests/src/community.spec.ts | 2 +- api_tests/src/post.spec.ts | 19 +++++++++++++------ api_tests/src/shared.ts | 21 ++++++++++++++++----- api_tests/src/user.spec.ts | 19 +++---------------- crates/api/src/local_user/login.rs | 3 ++- crates/api_crud/src/user/create.rs | 9 +++------ 7 files changed, 39 insertions(+), 36 deletions(-) diff --git a/api_tests/src/comment.spec.ts b/api_tests/src/comment.spec.ts index 6ced2bf330..006a094b86 100644 --- a/api_tests/src/comment.spec.ts +++ b/api_tests/src/comment.spec.ts @@ -229,7 +229,7 @@ test.skip("Remove a comment from admin and community on the same instance", asyn test("Remove a comment from admin and community on different instance", async () => { let alpha_user = await registerUser(alpha); let newAlphaApi = new LemmyHttp(alphaUrl, { - headers: { auth: alpha_user.jwt ?? "" }, + headers: { Authorization: "Bearer " + alpha_user.jwt ?? "" }, }); // New alpha user creates a community, post, and comment. diff --git a/api_tests/src/community.spec.ts b/api_tests/src/community.spec.ts index b81dd900c5..312f61ff93 100644 --- a/api_tests/src/community.spec.ts +++ b/api_tests/src/community.spec.ts @@ -252,7 +252,7 @@ test("moderator view", async () => { // register a new user with their own community on alpha and post to it let registerUserRes = await registerUser(alpha); let otherUser = new LemmyHttp(alphaUrl, { - headers: { auth: registerUserRes.jwt ?? "" }, + headers: { Authorization: "Bearer " + registerUserRes.jwt ?? "" }, }); let otherCommunity = (await createCommunity(otherUser)).community_view; diff --git a/api_tests/src/post.spec.ts b/api_tests/src/post.spec.ts index 51a10293be..17fc435ed8 100644 --- a/api_tests/src/post.spec.ts +++ b/api_tests/src/post.spec.ts @@ -36,10 +36,11 @@ import { waitUntil, waitForPost, alphaUrl, + loginUser, } from "./shared"; import { PostView } from "lemmy-js-client/dist/types/PostView"; import { CreatePost } from "lemmy-js-client/dist/types/CreatePost"; -import { LemmyHttp } from "lemmy-js-client"; +import { LemmyHttp, Login } from "lemmy-js-client"; let betaCommunity: CommunityView | undefined; @@ -381,11 +382,12 @@ test("Enforce site ban for federated user", async () => { // create a test user let alphaUserJwt = await registerUser(alpha); expect(alphaUserJwt).toBeDefined(); - let alpha_user = new LemmyHttp(alphaUrl, { - headers: { auth: alphaUserJwt.jwt ?? "" }, + var alpha_user = new LemmyHttp(alphaUrl, { + headers: { Authorization: "Bearer " + alphaUserJwt.jwt ?? "" }, }); - let alphaUserActorId = (await getSite(alpha_user)).my_user?.local_user_view - .person.actor_id; + let alphaUserPerson = (await getSite(alpha_user)).my_user?.local_user_view + .person; + let alphaUserActorId = alphaUserPerson?.actor_id; if (!alphaUserActorId) { throw "Missing alpha user actor id"; } @@ -431,8 +433,13 @@ test("Enforce site ban for federated user", async () => { ); expect(unBanAlpha.banned).toBe(false); + // Login gets invalidated by ban, need to login again + let newAlphaUserJwt = await loginUser(alpha, alphaUserPerson?.name!); + alpha_user.setHeaders({ + Authorization: "Bearer " + newAlphaUserJwt.jwt ?? "", + }); // alpha makes new post in beta community, it federates - let postRes2 = await createPost(alpha_user, betaCommunity.community.id); + let postRes2 = await createPost(alpha_user, betaCommunity!.community.id); let searchBeta3 = await waitForPost(beta, postRes2.post_view.post); let alphaUserOnBeta2 = await resolvePerson(beta, alphaUserActorId!); diff --git a/api_tests/src/shared.ts b/api_tests/src/shared.ts index a1868f8f2c..8b6379bcbb 100644 --- a/api_tests/src/shared.ts +++ b/api_tests/src/shared.ts @@ -124,11 +124,11 @@ export async function setupLogins() { resDelta, resEpsilon, ]); - alpha.setHeaders({ auth: res[0].jwt ?? "" }); - beta.setHeaders({ auth: res[1].jwt ?? "" }); - gamma.setHeaders({ auth: res[2].jwt ?? "" }); - delta.setHeaders({ auth: res[3].jwt ?? "" }); - epsilon.setHeaders({ auth: res[4].jwt ?? "" }); + alpha.setHeaders({ Authorization: "Bearer " + res[0].jwt ?? "" }); + beta.setHeaders({ Authorization: "Bearer " + res[1].jwt ?? "" }); + gamma.setHeaders({ Authorization: "Bearer " + res[2].jwt ?? "" }); + delta.setHeaders({ Authorization: "Bearer " + res[3].jwt ?? "" }); + epsilon.setHeaders({ Authorization: "Bearer " + res[4].jwt ?? "" }); // Registration applications are now enabled by default, need to disable them let editSiteForm: EditSite = { @@ -619,6 +619,17 @@ export async function registerUser( return api.register(form); } +export async function loginUser( + api: LemmyHttp, + username: string, +): Promise { + let form: Login = { + username_or_email: username, + password: password, + }; + return api.login(form); +} + export async function saveUserSettingsBio( api: LemmyHttp, ): Promise { diff --git a/api_tests/src/user.spec.ts b/api_tests/src/user.spec.ts index e1fc421b55..a59afcd5ee 100644 --- a/api_tests/src/user.spec.ts +++ b/api_tests/src/user.spec.ts @@ -41,7 +41,7 @@ test("Create user", async () => { let userRes = await registerUser(alpha); expect(userRes.jwt).toBeDefined(); let user = new LemmyHttp(alphaUrl, { - headers: { auth: userRes.jwt ?? "" }, + headers: { Authorization: "Bearer " + userRes.jwt ?? "" }, }); let site = await getSite(user); @@ -63,7 +63,7 @@ test("Delete user", async () => { let userRes = await registerUser(alpha); expect(userRes.jwt).toBeDefined(); let user = new LemmyHttp(alphaUrl, { - headers: { auth: userRes.jwt ?? "" }, + headers: { Authorization: "Bearer " + userRes.jwt ?? "" }, }); // make a local post and comment @@ -109,7 +109,7 @@ test("Delete user", async () => { test("Requests with invalid auth should be treated as unauthenticated", async () => { let invalid_auth = new LemmyHttp(alphaUrl, { - headers: { auth: "" }, + headers: { Authorization: "Bearer asd" }, }); let site = await getSite(invalid_auth); expect(site.my_user).toBeUndefined(); @@ -119,16 +119,3 @@ test("Requests with invalid auth should be treated as unauthenticated", async () let posts = invalid_auth.getPosts(form); expect((await posts).posts).toBeDefined(); }); - -test("Logout", async () => { - let userRes = await registerUser(alpha); - expect(userRes.jwt).toBeDefined(); - let user: API = { - client: alpha.client, - auth: userRes.jwt ?? "", - }; - - // TODO: requires lemmy-js-client update - user.client.login(); - expect(false); -}); diff --git a/crates/api/src/local_user/login.rs b/crates/api/src/local_user/login.rs index f5764be13b..903c39370c 100644 --- a/crates/api/src/local_user/login.rs +++ b/crates/api/src/local_user/login.rs @@ -1,5 +1,6 @@ use crate::check_totp_2fa_valid; use actix_web::{ + http::StatusCode, web::{Data, Json}, HttpRequest, HttpResponse, @@ -75,7 +76,7 @@ pub async fn login( registration_created: false, }; - let mut res = HttpResponse::Ok().json(json); + let mut res = HttpResponse::build(StatusCode::OK).json(json); res.add_cookie(&create_login_cookie(jwt))?; Ok(res) } diff --git a/crates/api_crud/src/user/create.rs b/crates/api_crud/src/user/create.rs index 18b9b9d2c6..ee0b714c09 100644 --- a/crates/api_crud/src/user/create.rs +++ b/crates/api_crud/src/user/create.rs @@ -1,5 +1,5 @@ use activitypub_federation::{config::Data, http_signatures::generate_actor_keypair}; -use actix_web::{web::Json, HttpRequest, HttpResponse}; +use actix_web::{http::StatusCode, web::Json, HttpRequest, HttpResponse, HttpResponseBuilder}; use lemmy_api_common::{ claims::Claims, context::LemmyContext, @@ -166,7 +166,7 @@ pub async fn register( .await?; } - let mut res = HttpResponse::Ok(); + let mut res = HttpResponseBuilder::new(StatusCode::OK); let mut login_response = LoginResponse { jwt: None, registration_created: false, @@ -178,10 +178,7 @@ pub async fn register( || (!require_registration_application && !local_site.require_email_verification) { let jwt = Claims::generate(inserted_local_user.id, req, &context).await?; - res - .cookie(create_login_cookie(jwt.clone())) - .await - .expect("set auth cookie"); + res.cookie(create_login_cookie(jwt.clone())); login_response.jwt = Some(jwt); } else { if local_site.require_email_verification {