@Test
public void assertThatUserCanResetPassword() {
User user =
userService.createUserInformation(
"johndoe", "johndoe", "John", "Doe", "john.doe@localhost", "en-US", new Date());
String oldPassword = user.getPassword();
DateTime daysAgo = DateTime.now().minusHours(2);
String resetKey = RandomUtil.generateResetKey();
user.setActivated(true);
user.setResetDate(daysAgo);
user.setResetKey(resetKey);
userRepository.save(user);
Optional<User> maybeUser = userService.completePasswordReset("johndoe2", user.getResetKey());
assertThat(maybeUser.isPresent()).isTrue();
assertThat(maybeUser.get().getResetDate()).isNull();
assertThat(maybeUser.get().getResetKey()).isNull();
assertThat(maybeUser.get().getPassword()).isNotEqualTo(oldPassword);
userRepository.delete(user);
}
@Test
public void assertThatOnlyActivatedUserCanRequestPasswordReset() {
User user =
userService.createUserInformation(
"johndoe", "johndoe", "John", "Doe", "john.doe@localhost", "en-US");
Optional<User> maybeUser = userService.requestPasswordReset("john.doe@localhost");
assertThat(maybeUser.isPresent()).isFalse();
userRepository.delete(user);
}
@Test
public void assertThatUserMustExistToResetPassword() {
Optional<User> maybeUser = userService.requestPasswordReset("john.doe@localhost");
assertThat(maybeUser.isPresent()).isFalse();
maybeUser = userService.requestPasswordReset("admin@localhost");
assertThat(maybeUser.isPresent()).isTrue();
assertThat(maybeUser.get().getEmail()).isEqualTo("admin@localhost");
assertThat(maybeUser.get().getResetDate()).isNotNull();
assertThat(maybeUser.get().getResetKey()).isNotNull();
}
@Test
public void assertThatResetKeyMustBeValid() {
User user =
userService.createUserInformation(
"johndoe", "johndoe", "John", "Doe", "john.doe@localhost", "en-US");
ZonedDateTime daysAgo = ZonedDateTime.now().minusHours(25);
user.setActivated(true);
user.setResetDate(daysAgo);
user.setResetKey("1234");
userRepository.save(user);
Optional<User> maybeUser = userService.completePasswordReset("johndoe2", user.getResetKey());
assertThat(maybeUser.isPresent()).isFalse();
userRepository.delete(user);
}
@Test
public void testFindNotActivatedUsersByCreationDateBefore() {
userService.removeNotActivatedUsers();
ZonedDateTime now = ZonedDateTime.now();
List<User> users =
userRepository.findAllByActivatedIsFalseAndCreatedDateBefore(now.minusDays(3));
assertThat(users).isEmpty();
}
@Test
public void testRemoveOldPersistentTokens() {
User admin = userRepository.findOneByLogin("admin").get();
int existingCount = persistentTokenRepository.findByUser(admin).size();
generateUserToken(admin, "1111-1111", LocalDate.now());
LocalDate now = LocalDate.now();
generateUserToken(admin, "2222-2222", now.minusDays(32));
assertThat(persistentTokenRepository.findByUser(admin)).hasSize(existingCount + 2);
userService.removeOldPersistentTokens();
assertThat(persistentTokenRepository.findByUser(admin)).hasSize(existingCount + 1);
}
@Test
public void assertThatResetKeyMustNotBeOlderThan24Hours() {
User user =
userService.createUserInformation(
"johndoe", "johndoe", "John", "Doe", "john.doe@localhost", "en-US");
DateTime daysAgo = DateTime.now().minusHours(25);
String resetKey = RandomUtil.generateResetKey();
user.setActivated(true);
user.setResetDate(daysAgo);
user.setResetKey(resetKey);
userRepository.save(user);
Optional<User> maybeUser = userService.completePasswordReset("johndoe2", user.getResetKey());
assertThat(maybeUser.isPresent()).isFalse();
userRepository.delete(user);
}
