shellphone.app/app/auth/mutations/reset-password.test.ts

import { hash256, SecurePassword } from "blitz";

import db from "../../../db";
import resetPassword from "./reset-password";

beforeEach(async () => {
	await db.$reset();
});

const mockCtx: any = {
	session: {
		$create: jest.fn,
	},
};

describe.skip("resetPassword mutation", () => {
	it("works correctly", async () => {
		expect(true).toBe(true);

		// Create test user
		const goodToken = "randomPasswordResetToken";
		const expiredToken = "expiredRandomPasswordResetToken";
		const future = new Date();
		future.setHours(future.getHours() + 4);
		const past = new Date();
		past.setHours(past.getHours() - 4);

		const user = await db.user.create({
			data: {
				email: "user@example.com",
				tokens: {
					// Create old token to ensure it's deleted
					create: [
						{
							type: "RESET_PASSWORD",
							hashedToken: hash256(expiredToken),
							expiresAt: past,
							sentTo: "user@example.com",
						},
						{
							type: "RESET_PASSWORD",
							hashedToken: hash256(goodToken),
							expiresAt: future,
							sentTo: "user@example.com",
						},
					],
				},
			},
			include: { tokens: true },
		});

		const newPassword = "newPassword";

		// Non-existent token
		await expect(
			resetPassword({ token: "no-token", password: "", passwordConfirmation: "" }, mockCtx),
		).rejects.toThrowError();

		// Expired token
		await expect(
			resetPassword({ token: expiredToken, password: newPassword, passwordConfirmation: newPassword }, mockCtx),
		).rejects.toThrowError();

		// Good token
		await resetPassword({ token: goodToken, password: newPassword, passwordConfirmation: newPassword }, mockCtx);

		// Delete's the token
		const numberOfTokens = await db.token.count({ where: { userId: user.id } });
		expect(numberOfTokens).toBe(0);

		// Updates user's password
		const updatedUser = await db.user.findFirst({ where: { id: user.id } });
		expect(await SecurePassword.verify(updatedUser!.hashedPassword, newPassword)).toBe(SecurePassword.VALID);
	});
});