Admin dashboard and sessions

2025-09-01 03:08:43 +02:00
parent de1fc4a825
commit 6f6e6ab017
23 changed files with 809 additions and 56 deletions
--- a/tests/api/change_password.rs
+++ b/tests/api/change_password.rs
@@ -0,0 +1,115 @@
+use uuid::Uuid;
+
+use crate::helpers::{TestApp, assert_is_redirect_to};
+
+#[tokio::test]
+async fn you_must_be_logged_in_to_see_the_change_password_form() {
+    let app = TestApp::spawn().await;
+
+    let response = app.get_change_password().await;
+
+    assert_is_redirect_to(&response, "/login");
+}
+
+#[tokio::test]
+async fn you_must_be_logged_in_to_change_your_password() {
+    let app = TestApp::spawn().await;
+
+    let new_password = Uuid::new_v4().to_string();
+    let response = app
+        .post_change_password(&serde_json::json!({
+            "current_password": Uuid::new_v4().to_string(),
+            "new_password": new_password,
+            "new_password_check": new_password,
+        }))
+        .await;
+
+    assert_is_redirect_to(&response, "/login");
+}
+
+#[tokio::test]
+async fn new_password_fields_must_match() {
+    let app = TestApp::spawn().await;
+
+    app.post_login(&serde_json::json!({
+        "username": app.test_user.username,
+        "password": app.test_user.password,
+    }))
+    .await;
+
+    let new_password = Uuid::new_v4().to_string();
+    let another_new_password = Uuid::new_v4().to_string();
+    let response = app
+        .post_change_password(&serde_json::json!({
+            "current_password": app.test_user.password,
+            "new_password": new_password,
+            "new_password_check": another_new_password,
+        }))
+        .await;
+    assert_is_redirect_to(&response, "/admin/password");
+
+    let html_page = app.get_change_password_html().await;
+    assert!(html_page.contains("You entered two different passwords"));
+}
+
+#[tokio::test]
+async fn current_password_is_invalid() {
+    let app = TestApp::spawn().await;
+
+    app.post_login(&serde_json::json!({
+        "username": app.test_user.username,
+        "password": app.test_user.password,
+    }))
+    .await;
+
+    let new_password = Uuid::new_v4().to_string();
+    let response = app
+        .post_change_password(&serde_json::json!({
+            "current_password": Uuid::new_v4().to_string(),
+            "new_password": new_password,
+            "new_password_check": new_password,
+        }))
+        .await;
+    assert_is_redirect_to(&response, "/admin/password");
+
+    let html_page = app.get_change_password_html().await;
+    assert!(html_page.contains("The current password is incorrect"));
+}
+
+#[tokio::test]
+async fn changing_password_works() {
+    let app = TestApp::spawn().await;
+
+    let login_body = &serde_json::json!({
+        "username": app.test_user.username,
+        "password": app.test_user.password,
+    });
+    let response = app.post_login(login_body).await;
+    assert_is_redirect_to(&response, "/admin/dashboard");
+
+    let new_password = Uuid::new_v4().to_string();
+    let response = app
+        .post_change_password(&serde_json::json!({
+            "current_password": app.test_user.password,
+            "new_password": new_password,
+            "new_password_check": new_password,
+        }))
+        .await;
+    assert_is_redirect_to(&response, "/admin/password");
+
+    let html_page = app.get_change_password_html().await;
+    assert!(html_page.contains("Your password has been changed"));
+
+    let response = app.post_logout().await;
+    assert_is_redirect_to(&response, "/login");
+
+    let html_page = app.get_login_html().await;
+    assert!(html_page.contains("You have successfully logged out"));
+
+    let login_body = &serde_json::json!({
+        "username": app.test_user.username,
+        "password": new_password,
+    });
+    let response = app.post_login(login_body).await;
+    assert_is_redirect_to(&response, "/admin/dashboard");
+}