diff --git a/app/auth/tests/test_auth_routes.py b/app/auth/tests/test_auth_routes.py index 939ccb1c..132a3b36 100644 --- a/app/auth/tests/test_auth_routes.py +++ b/app/auth/tests/test_auth_routes.py @@ -53,6 +53,83 @@ def test_logout(m_unset_jwt_cookies, client): m_unset_jwt_cookies.assert_called_once() +@pytest.mark.integration +def test_successful_registry_basic(client): + data = get_fake_registration_json() + response = client.post(url_for("auth.register"), json=data) + assert response.status_code == 201 + header_map = {name.lower(): value.lower() for (name, value) in response.headers} + assert header_map["access-control-allow-origin"] == "http://0.0.0.0:3000" + assert header_map["content-type"] == "application/json" + assert isinstance(response.json, dict), "Response must be a dict" + assert ( + response.json["message"] == "Successfully created user" + ), "Response must have appropriate message" + + +@pytest.mark.integration +def test_successful_registry_second_user(client): + client.post( + url_for("auth.register", json=get_fake_registration_json()) + ) # first user + response = client.post( + url_for("auth.register"), json=get_fake_registration_json() + ) # another user + assert response.status_code == 201 + header_map = {name.lower(): value.lower() for (name, value) in response.headers} + assert header_map["access-control-allow-origin"] == "http://0.0.0.0:3000" + assert header_map["content-type"] == "application/json" + assert isinstance(response.json, dict), "Response must be a dict" + assert ( + response.json["message"] == "Successfully created user" + ), "Response must have appropriate success message" + + +@pytest.mark.parametrize( + "missing_field", + [ + "firstName", + "lastName", + "email", + "password", + "quizId", + ], +) +@pytest.mark.integration +def test_failed_registry_missing_field(missing_field, client): + data = get_fake_registration_json() + data.pop(missing_field) + response = client.post(url_for("auth.register"), json=data) + assert response.status_code == 400 + header_map = {name.lower(): value.lower() for (name, value) in response.headers} + assert header_map["content-type"] == "application/json" + assert response.json == { + "error": "{} must be included in the request body.".format(missing_field) + } + + +@pytest.mark.integration +def test_failed_registry_missing_body(client): + response = client.post(url_for("auth.register")) + assert response.status_code == 400 + header_map = {name.lower(): value.lower() for (name, value) in response.headers} + assert header_map["content-type"] == "application/json" + assert response.json == {"error": "JSON body must be included in the request."} + + +@pytest.mark.integration +def test_failed_registry_reregistry(client): + data = get_fake_registration_json() + client.post(url_for("auth.register"), json=data) # first registry + response = client.post(url_for("auth.register"), json=data) # reregistry attempt + assert response.status_code == 409 + header_map = {name.lower(): value.lower() for (name, value) in response.headers} + assert header_map["content-type"] == "application/json" + assert response.json == { + "error": "Cannot register email. Email already exists in the database." + }, "Response must have appropriate error message" + + recaptcha_Token = "03AGdBq27Tmja4W082LAEVoYyuuALGQwMVxOuOGDduLCQSTWWFuTtc4hQsc-KUVhsJQlBzEjdtxTqs1kXHusJCk2husZjY44rA-opJLWOgJuVUIoGtXozHtYhtmR5DibuJ3idGLalZ00niqnaa0zHC73hWPzc1CtnUO258nZLh1uxePi7DI-afWQd6aa4-EuRcPabG_E500r9S4RReTg42WtP8SNrqEdFoG9UdPoIF2aGCArHD6GqhQzwOev8_jeKUzcxq_1wEvxiID2ow7rxK339PCeTgO9Zz9fPnhTZ6mKaa_tmL1bSQ2zvWvA0Z5An3YvMP3sureZVR_mhJP2r84sYw9WbuI6hRr1oUGtTGuACB-IBqqE5m-meetr870N2Gl-vp3veeEyo34HLj5iDOr6YwyIXWBKam7mDHfhjps1QeiN90291e6CxaFd-bOkeazZyu2_aEPblNwIiUBl0BobqJ2dT2HlxXCRma0QDuX4xLvwh8_ayrJGo9t6nRxQHghZ2ZEh450bM0bVFAqkIGAqYv_EvYj7_XgQ" # this is the string from the cypress test I'm replacing ... recaptcha_Token = "abcdef" # ... but any string works! diff --git a/cypress/e2e/register.cy.js b/cypress/e2e/register.cy.js deleted file mode 100644 index fe4213ff..00000000 --- a/cypress/e2e/register.cy.js +++ /dev/null @@ -1,431 +0,0 @@ -/// - -import scores from "../fixtures/postScores.json"; -import scoresSetTwo from "../fixtures/postScoresSetTwo.json"; -var faker = require("faker"); - -let session_Id; -let set_one_quizId; -let set_two_quizId; -let user; -const successMessage = "Successfully created user"; -const badReqMessage = "email must be included in the request body."; -const alreadyRegisteredMessage = "Cannot register email. Email already exists in the database."; -const missingPasswordMessage = "password must be included in the request body."; -const missingName = "Name is missing."; -const invalidQuizIdMessage = "Quiz ID is not a valid UUID4 format."; -const quizIdIsRequiredMessage = "Quiz UUID must be included to register." -const rateLimitPerSecond = "ratelimit exceeded 5 per 1 second"; -const rateLimitPerMinute = "ratelimit exceeded 10 per 1 minute"; -const rateLimitPerHour = "ratelimit exceeded 50 per 1 hour"; -const rateLimitPerDay = "ratelimit exceeded 100 per 1 day"; -const missingBodyMessage = "JSON body must be included in the request."; -const missingFirstNameMessage = "firstName must be included in the request body." -const missingLastNameMessage = "lastName must be included in the request body."; -const missingQuizIdMessage = "quizId must be included in the request body."; - -describe("'/register' endpoint", () => { - before(() => { - cy.sessionEndpoint().should((response) => { - session_Id = response.body.sessionId - }).then(() => { - cy.scoresEndpoint(scores, session_Id).should((response) => { - set_one_quizId = response.body.quizId; - }); - cy.scoresEndpoint(scoresSetTwo, session_Id).should((response) => { - set_two_quizId = response.body.quizId; - }); - }) - }); - - it("should register a user", () => { - user = { - firstName: faker.name.firstName(), - lastName: faker.name.lastName(), - email: faker.internet.email(), - password: `@7${faker.internet.password()}`, - quizId: set_one_quizId - }; - - cy.registerEndpoint(user).should((response) => { - if (response.status == 201) { - expect(response.status).to.equal(201); - expect(response.headers["content-type"]).to.equal( - "application/json" - ); - expect(response.headers["access-control-allow-origin"]).to.equal( - "http://0.0.0.0:3000" - ); - expect(response.body).to.be.a("object"); - expect(response.body).to.have.property("message"); - expect(response.body.message).to.satisfy(function (s) { - return s === successMessage; - }); - - } else { - expect(response.status).to.equal(429); - expect(response.body).to.have.property("error"); - let errorMessage = response.body; - if (JSON.stringify(errorMessage).includes("5 per 1 second")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerSecond; - }); - } else if (JSON.stringify(errorMessage).includes("10 per 1 minute")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerMinute; - }); - } else if (JSON.stringify(errorMessage).includes("50 per 1 hour")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerHour; - }); - } - else expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerDay; - }); - } - }); - - }); - - it("should register another user", () => { - user = { - firstName: faker.name.firstName(), - lastName: faker.name.lastName(), - email: faker.internet.email(), - password: `@7${faker.internet.password()}`, - quizId: set_one_quizId - }; - - cy.registerEndpoint(user).should((response) => { - if (response.status == 201) { - expect(response.status).to.equal(201); - expect(response.headers["content-type"]).to.equal( - "application/json" - ); - expect(response.headers["access-control-allow-origin"]).to.equal( - "http://0.0.0.0:3000" - ); - expect(response.body).to.be.a("object"); - expect(response.body).to.have.property("message"); - expect(response.body.message).to.satisfy(function (s) { - return s === successMessage; - }); - - } else { - expect(response.status).to.equal(429); - expect(response.body).to.have.property("error"); - let errorMessage = response.body; - if (JSON.stringify(errorMessage).includes("5 per 1 second")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerSecond; - }); - } else if (JSON.stringify(errorMessage).includes("10 per 1 minute")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerMinute; - }); - } else if (JSON.stringify(errorMessage).includes("50 per 1 hour")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerHour; - }); - } - else expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerDay; - }); - } - }); - }); - - it("should handle if the user already exists", () => { - user = { - firstName: faker.name.firstName(), - lastName: faker.name.lastName(), - email: faker.internet.email(), - password: `@7${faker.internet.password()}`, - quizId: set_two_quizId - }; - - cy.registerEndpoint(user).then(() => { - cy.registerEndpoint(user).should((response) => { - if (response.status == 409) { - expect(response.status).to.equal(409); - expect(response.headers["content-type"]).to.equal("application/json"); - expect(response.body).to.be.a("object"); - expect(response.body).to.have.property("error"); - expect(response.body.error).to.satisfy(function (s) { - return s === alreadyRegisteredMessage; - }); - - } else { - expect(response.status).to.equal(429); - expect(response.body).to.have.property("error"); - let errorMessage = response.body; - if (JSON.stringify(errorMessage).includes("5 per 1 second")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerSecond; - }); - } else if (JSON.stringify(errorMessage).includes("10 per 1 minute")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerMinute; - }); - } else if (JSON.stringify(errorMessage).includes("50 per 1 hour")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerHour; - }); - } - else expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerDay; - }); - } - }); - }); - }); - - it("should handle a missing email", () => { - user = { - firstName: faker.name.firstName(), - lastName: faker.name.lastName(), - password: `@7${faker.internet.password()}`, - quizId: set_one_quizId - }; - - cy.registerEndpoint(user).should((response) => { - if (response.status == 400) { - expect(response.status).to.equal(400); - expect(response.headers["content-type"]).to.equal("application/json"); - expect(response.body).to.be.a("object"); - expect(response.body).to.have.property("error"); - expect(response.body.error).to.be.a("string"); - expect(response.body.error).to.satisfy(function (s) { - return s === badReqMessage; - }); - } else { - expect(response.status).to.equal(429); - expect(response.body).to.have.property("error"); - let errorMessage = response.body; - if (JSON.stringify(errorMessage).includes("5 per 1 second")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerSecond; - }); - } else if (JSON.stringify(errorMessage).includes("10 per 1 minute")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerMinute; - }); - } else if (JSON.stringify(errorMessage).includes("50 per 1 hour")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerHour; - }); - } - else expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerDay; - }); - } - }); - - }); - - it("should handle a missing password", () => { - user = { - firstName: faker.name.firstName(), - lastName: faker.name.lastName(), - email: faker.internet.email(), - quizId: set_one_quizId - }; - - cy.registerEndpoint(user).should((response) => { - if (response.status == 400) { - expect(response.status).to.equal(400); - expect(response.headers["content-type"]).to.equal("application/json"); - expect(response.body).to.be.a("object"); - expect(response.body).to.have.property("error"); - expect(response.body.error).to.satisfy(function (s) { - return s === missingPasswordMessage; - }); - - } else { - expect(response.status).to.equal(429); - expect(response.body).to.have.property("error"); - let errorMessage = response.body; - if (JSON.stringify(errorMessage).includes("5 per 1 second")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerSecond; - }); - } else if (JSON.stringify(errorMessage).includes("10 per 1 minute")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerMinute; - }); - } else if (JSON.stringify(errorMessage).includes("50 per 1 hour")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerHour; - }); - } - else expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerDay; - }); - } - }); - }); - - it("should handle a missing body", () => { - cy.registerEndpoint().should((response) => { - if (response.status == 400) { - expect(response.status).to.equal(400); - expect(response.headers["content-type"]).to.equal("application/json"); - expect(response.body).to.be.a("object"); - expect(response.body).to.have.property("error"); - expect(response.body.error).to.be.a("string"); - expect(response.body.error).to.satisfy(function (s) { - return s === missingBodyMessage; - }); - } else { - expect(response.status).to.equal(429); - expect(response.body).to.have.property("error"); - let errorMessage = response.body; - if (JSON.stringify(errorMessage).includes("5 per 1 second")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerSecond; - }); - } else if (JSON.stringify(errorMessage).includes("10 per 1 minute")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerMinute; - }); - } else if (JSON.stringify(errorMessage).includes("50 per 1 hour")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerHour; - }); - } - else expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerDay; - }); - } - }); - }); - - it("should handle a missing firstName", () => { - user = { - lastName: faker.name.lastName(), - email: faker.internet.email(), - password: `@7${faker.internet.password()}`, - quizId: set_one_quizId - }; - - cy.registerEndpoint(user).should((response) => { - if (response.status == 400) { - expect(response.status).to.equal(400); - expect(response.headers["content-type"]).to.equal("application/json"); - expect(response.body).to.be.a("object"); - expect(response.body).to.have.property("error"); - expect(response.body.error).to.be.a("string"); - expect(response.body.error, { timeout: 3000 }).to.satisfy(function (s) { - return s === missingFirstNameMessage; - }); - - } else { - expect(response.status).to.equal(429); - expect(response.body).to.have.property("error"); - let errorMessage = response.body; - if (JSON.stringify(errorMessage).includes("5 per 1 second")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerSecond; - }); - } else if (JSON.stringify(errorMessage).includes("10 per 1 minute")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerMinute; - }); - } else if (JSON.stringify(errorMessage).includes("50 per 1 hour")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerHour; - }); - } - else expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerDay; - }); - } - }); - }); - - it("should handle a missing lastName", () => { - user = { - firstName: faker.name.firstName(), - email: faker.internet.email(), - password: `@7${faker.internet.password()}`, - quizId: set_one_quizId - }; - - cy.registerEndpoint(user).should((response) => { - if (response.status == 400) { - expect(response.status).to.equal(400); - expect(response.headers["content-type"]).to.equal("application/json"); - expect(response.body).to.be.a("object"); - expect(response.body).to.have.property("error"); - expect(response.body.error).to.be.a("string"); - expect(response.body.error).to.satisfy(function (s) { - return s === missingLastNameMessage; - }); - - } else { - expect(response.status).to.equal(429); - expect(response.body).to.have.property("error"); - let errorMessage = response.body; - if (JSON.stringify(errorMessage).includes("5 per 1 second")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerSecond; - }); - } else if (JSON.stringify(errorMessage).includes("10 per 1 minute")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerMinute; - }); - } else if (JSON.stringify(errorMessage).includes("50 per 1 hour")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerHour; - }); - } - else expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerDay; - }); - } - }); - }); - - it("should handle a missing quizId", () => { - user = { - firstName: faker.name.firstName(), - lastName: faker.name.lastName(), - email: faker.internet.email(), - password: `@7${faker.internet.password()}` - }; - - cy.registerEndpoint(user).should((response) => { - if (response.status == 400) { - expect(response.status).to.equal(400); - expect(response.headers["content-type"]).to.equal("application/json"); - expect(response.body).to.be.a("object"); - expect(response.body).to.have.property("error"); - expect(response.body.error).to.be.a("string"); - expect(response.body.error).to.satisfy(function (s) { - return s === missingQuizIdMessage; - }); - - } else { - expect(response.status).to.equal(429); - expect(response.body).to.have.property("error"); - let errorMessage = response.body; - if (JSON.stringify(errorMessage).includes("5 per 1 second")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerSecond; - }); - } else if (JSON.stringify(errorMessage).includes("10 per 1 minute")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerMinute; - }); - } else if (JSON.stringify(errorMessage).includes("50 per 1 hour")) { - expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerHour; - }); - } - else expect(response.body.error).to.satisfy(function (s) { - return s === rateLimitPerDay; - }); - } - }); - }); -});