asyavee/medusa-store
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

fix: Validate identifier payload for reset password (#9302)

Browse Source 
Closes CC-526
This commit is contained in:
Oli Juhl
2024-10-01 15:30:23 +02:00
committed by GitHub
parent fb67d90b64
commit 732f64177d
4 changed files with 27 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
integration-tests/http/__tests__/auth/admin/auth.spec.ts
View File

@@ -139,15 +139,23 @@ medusaIntegrationTestRunner({
describe("Reset password flows", () => {
it("should generate a reset password token", async () => {
const response = await api.post("/auth/user/emailpass/reset-password", {
email: "admin@medusa.js",
identifier: "admin@medusa.js",
})
expect(response.status).toEqual(201)
})
it("should fail if identifier is not provided", async () => {
const errResponse = await api
.post("/auth/user/emailpass/reset-password", {})
.catch((e) => e)
expect(errResponse.response.status).toEqual(400)
})
it("should fail to generate token for non-existing user, but still respond with 201", async () => {
const response = await api.post("/auth/user/emailpass/reset-password", {
email: "non-existing-user@medusa.js",
identifier: "non-existing-user@medusa.js",
})
expect(response.status).toEqual(201)
@@ -156,7 +164,7 @@ medusaIntegrationTestRunner({
it("should fail to generate token for existing user but no provider, but still respond with 201", async () => {
const response = await api.post(
"/auth/user/non-existing-provider/reset-password",
{ email: "admin@medusa.js" }
{ identifier: "admin@medusa.js" }
)
expect(response.status).toEqual(201)
@@ -165,7 +173,7 @@ medusaIntegrationTestRunner({
it("should fail to generate token for existing user but no provider, but still respond with 201", async () => {
const response = await api.post(
"/auth/user/non-existing-provider/reset-password",
{ email: "admin@medusa.js" }
{ identifier: "admin@medusa.js" }
)
expect(response.status).toEqual(201)