From fdce1b8d583f4533f1d4ba4c7c7092c505bf1705 Mon Sep 17 00:00:00 2001
From: Derek Burgman <derek@dereekb.com>
Date: Wed, 4 Jan 2023 18:15:22 -0600
Subject: [PATCH] fix: fixed beginResetPassword()

---
 .../src/lib/auth/auth.service.ts              |  5 +-
 .../src/lib/nest/auth/auth.module.spec.ts     | 51 +++++++++++++++++++
 2 files changed, 52 insertions(+), 4 deletions(-)

diff --git a/packages/firebase-server/src/lib/auth/auth.service.ts b/packages/firebase-server/src/lib/auth/auth.service.ts
index 291fc698d..0a3fdc6e8 100644
--- a/packages/firebase-server/src/lib/auth/auth.service.ts
+++ b/packages/firebase-server/src/lib/auth/auth.service.ts
@@ -138,10 +138,7 @@ export abstract class AbstractFirebaseServerAuthUserContext<S extends FirebaseSe
     };
 
     // set the claims
-    await this.updateClaims({
-      [FIREBASE_SERVER_AUTH_CLAIMS_RESET_PASSWORD_KEY]: null,
-      [FIREBASE_SERVER_AUTH_CLAIMS_RESET_LAST_COM_DATE_KEY]: null
-    });
+    await this.updateClaims(passwordClaimsData);
 
     // update the user
     await this.updateUser({ password });
diff --git a/packages/firebase-server/src/lib/nest/auth/auth.module.spec.ts b/packages/firebase-server/src/lib/nest/auth/auth.module.spec.ts
index 8491da980..40d1726be 100644
--- a/packages/firebase-server/src/lib/nest/auth/auth.module.spec.ts
+++ b/packages/firebase-server/src/lib/nest/auth/auth.module.spec.ts
@@ -111,6 +111,57 @@ describe('firebase server nest auth', () => {
             });
           });
 
+          describe('loadDetails()', () => {
+            it('should load the details for the user.', async () => {
+              const details = await authUserContext.loadDetails();
+              expect(details).toBeDefined();
+            });
+          });
+
+          describe('beginResetPassword()', () => {
+            it('should add password reset claims to the user and change their password.', async () => {
+              let record = await authUserContext.loadRecord();
+              const passwordHash = record.passwordHash;
+              expect(passwordHash).not.toBeDefined(); // no password set in this test
+
+              let resetPasswordClaims = await authUserContext.loadResetPasswordClaims();
+              expect(resetPasswordClaims).toBeUndefined();
+
+              await authUserContext.beginResetPassword();
+
+              authUserContext = authService.userContext(u.uid);
+              record = await authUserContext.loadRecord();
+
+              expect(record.passwordHash).not.toBe(passwordHash);
+
+              resetPasswordClaims = await authUserContext.loadResetPasswordClaims();
+              expect(resetPasswordClaims).toBeDefined();
+            });
+          });
+
+          describe('setPassword()', () => {
+            it('should clear any reset password claims.', async () => {
+              await authUserContext.beginResetPassword();
+
+              authUserContext = authService.userContext(u.uid);
+              let record = await authUserContext.loadRecord();
+
+              expect(record.passwordHash).toBeDefined();
+
+              let resetPasswordClaims = await authUserContext.loadResetPasswordClaims();
+              expect(resetPasswordClaims).toBeDefined();
+
+              // set new password
+              await authUserContext.setPassword('newpassword');
+
+              authUserContext = authService.userContext(u.uid);
+              record = await authUserContext.loadRecord();
+
+              resetPasswordClaims = await authUserContext.loadResetPasswordClaims();
+              expect(resetPasswordClaims).not.toBeDefined();
+            });
+          });
+
           describe('addRoles()', () => {
             it('should update the claims to have the roles (as configured by the service).', async () => {
               await authUserContext.addRoles(AUTH_ADMIN_ROLE);