Skip to content

Commit

Permalink
Fix password reset, email verification for custom endpoint (#7236)
Browse files Browse the repository at this point in the history
* fixed incorrect endpoint for password reset and email verification

* added tests
  • Loading branch information
mtrezza authored Mar 2, 2021
1 parent add67fd commit d789ca6
Show file tree
Hide file tree
Showing 2 changed files with 88 additions and 3 deletions.
79 changes: 78 additions & 1 deletion spec/PagesRouter.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ describe('Pages Router', () => {
expect(response.status).toBe(200);
});

it('responds with 404 if publicServerURL is not confgured', async () => {
it('responds with 404 if publicServerURL is not configured', async () => {
await reconfigureServer({
appName: 'unused',
pages: { enableRouter: true },
Expand Down Expand Up @@ -971,5 +971,82 @@ describe('Pages Router', () => {
expect(response.text).toBe('Not found.');
});
});

describe('custom endpoint', () => {
it('password reset works with custom endpoint', async () => {
config.pages.pagesEndpoint = 'customEndpoint';
await reconfigureServer(config);
const sendPasswordResetEmail = spyOn(
config.emailAdapter,
'sendPasswordResetEmail'
).and.callThrough();
const user = new Parse.User();
user.setUsername('exampleUsername');
user.setPassword('examplePassword');
user.set('email', 'mail@example.com');
await user.signUp();
await Parse.User.requestPasswordReset(user.getEmail());

const link = sendPasswordResetEmail.calls.all()[0].args[0].link;
const linkResponse = await request({
url: link,
followRedirects: false,
});
expect(linkResponse.status).toBe(200);

const appId = linkResponse.headers['x-parse-page-param-appid'];
const token = linkResponse.headers['x-parse-page-param-token'];
const username = linkResponse.headers['x-parse-page-param-username'];
const publicServerUrl = linkResponse.headers['x-parse-page-param-publicserverurl'];
const passwordResetPagePath = pageResponse.calls.all()[0].args[0];
expect(appId).toBeDefined();
expect(token).toBeDefined();
expect(username).toBeDefined();
expect(publicServerUrl).toBeDefined();
expect(passwordResetPagePath).toMatch(new RegExp(`\/${pages.passwordReset.defaultFile}`));
pageResponse.calls.reset();

const formUrl = `${publicServerUrl}/${config.pages.pagesEndpoint}/${appId}/request_password_reset`;
const formResponse = await request({
url: formUrl,
method: 'POST',
body: {
token,
username,
new_password: 'newPassword',
},
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
followRedirects: false,
});
expect(formResponse.status).toEqual(200);
expect(pageResponse.calls.all()[0].args[0]).toContain(
`/${pages.passwordResetSuccess.defaultFile}`
);
});

it('email verification works with custom endpoint', async () => {
config.pages.pagesEndpoint = 'customEndpoint';
await reconfigureServer(config);
const sendVerificationEmail = spyOn(
config.emailAdapter,
'sendVerificationEmail'
).and.callThrough();
const user = new Parse.User();
user.setUsername('exampleUsername');
user.setPassword('examplePassword');
user.set('email', 'mail@example.com');
await user.signUp();

const link = sendVerificationEmail.calls.all()[0].args[0].link;
const linkResponse = await request({
url: link,
followRedirects: false,
});
expect(linkResponse.status).toBe(200);

const pagePath = pageResponse.calls.all()[0].args[0];
expect(pagePath).toMatch(new RegExp(`\/${pages.emailVerificationSuccess.defaultFile}`));
});
});
});
});
12 changes: 10 additions & 2 deletions src/Config.js
Original file line number Diff line number Diff line change
Expand Up @@ -451,7 +451,7 @@ export class Config {
}

get requestResetPasswordURL() {
return `${this.publicServerURL}/apps/${this.applicationId}/request_password_reset`;
return `${this.publicServerURL}/${this.pagesEndpoint}/${this.applicationId}/request_password_reset`;
}

get passwordResetSuccessURL() {
Expand All @@ -466,7 +466,15 @@ export class Config {
}

get verifyEmailURL() {
return `${this.publicServerURL}/apps/${this.applicationId}/verify_email`;
return `${this.publicServerURL}/${this.pagesEndpoint}/${this.applicationId}/verify_email`;
}

// TODO: Remove this function once PagesRouter replaces the PublicAPIRouter;
// the (default) endpoint has to be defined in PagesRouter only.
get pagesEndpoint() {
return this.pages && this.pages.enableRouter && this.pages.pagesEndpoint
? this.pages.pagesEndpoint
: 'apps';
}
}

Expand Down

0 comments on commit d789ca6

Please sign in to comment.