diff --git a/packages/integration-tests/src/tests/api/interaction/forgot-password.test.ts b/packages/integration-tests/src/tests/api/interaction/forgot-password/happy-path.test.ts similarity index 100% rename from packages/integration-tests/src/tests/api/interaction/forgot-password.test.ts rename to packages/integration-tests/src/tests/api/interaction/forgot-password/happy-path.test.ts diff --git a/packages/integration-tests/src/tests/api/interaction/forgot-password/sad-path.test.ts b/packages/integration-tests/src/tests/api/interaction/forgot-password/sad-path.test.ts new file mode 100644 index 000000000..2d87d3a78 --- /dev/null +++ b/packages/integration-tests/src/tests/api/interaction/forgot-password/sad-path.test.ts @@ -0,0 +1,113 @@ +import { ConnectorType } from '@logto/connector-kit'; +import { InteractionEvent } from '@logto/schemas'; + +import { suspendUser } from '#src/api/admin-user.js'; +import { + patchInteractionIdentifiers, + putInteraction, + putInteractionProfile, + sendVerificationCode, +} from '#src/api/interaction.js'; +import { initClient } from '#src/helpers/client.js'; +import { + clearConnectorsByTypes, + setEmailConnector, + setSmsConnector, +} from '#src/helpers/connector.js'; +import { expectRejects, readVerificationCode } from '#src/helpers/index.js'; +import { generateNewUser, generateNewUserProfile } from '#src/helpers/user.js'; +import { generatePassword } from '#src/utils.js'; + +describe('reset password flow sad path', () => { + it('Should fail to reset password with email if related user is not exist', async () => { + await setEmailConnector(); + + const { primaryEmail } = generateNewUserProfile({ primaryEmail: true }); + + const client = await initClient(); + + await client.successSend(putInteraction, { event: InteractionEvent.ForgotPassword }); + await client.successSend(sendVerificationCode, { + email: primaryEmail, + }); + + const { code: verificationCode } = await readVerificationCode(); + await client.successSend(patchInteractionIdentifiers, { + email: primaryEmail, + verificationCode, + }); + + await client.successSend(putInteractionProfile, { password: generatePassword() }); + await expectRejects(client.submitInteraction(), { + code: 'user.user_not_exist', + statusCode: 404, + }); + + // Clear + await clearConnectorsByTypes([ConnectorType.Email]); + }); + + it('Should fail to reset password with phone if related user is not exist', async () => { + await setSmsConnector(); + + const { primaryPhone } = generateNewUserProfile({ primaryPhone: true }); + + const client = await initClient(); + + await client.successSend(putInteraction, { event: InteractionEvent.ForgotPassword }); + await client.successSend(sendVerificationCode, { + phone: primaryPhone, + }); + + const { code: verificationCode } = await readVerificationCode(); + await client.successSend(patchInteractionIdentifiers, { + phone: primaryPhone, + verificationCode, + }); + + await client.successSend(putInteractionProfile, { password: generatePassword() }); + await expectRejects(client.submitInteraction(), { + code: 'user.user_not_exist', + statusCode: 404, + }); + + // Clear + await clearConnectorsByTypes([ConnectorType.Sms]); + }); + + it('Should fail to reset password if related user is suspended', async () => { + await setSmsConnector(); + + const { + user, + userProfile: { primaryPhone }, + } = await generateNewUser({ + primaryPhone: true, + password: true, + }); + + await suspendUser(user.id, true); + + const client = await initClient(); + + await client.successSend(putInteraction, { event: InteractionEvent.ForgotPassword }); + await client.successSend(sendVerificationCode, { + phone: primaryPhone, + }); + + const { code: verificationCode } = await readVerificationCode(); + await client.successSend(patchInteractionIdentifiers, { + phone: primaryPhone, + verificationCode, + }); + + await client.successSend(putInteractionProfile, { password: generatePassword() }); + await expectRejects(client.submitInteraction(), { + code: 'user.suspended', + statusCode: 401, + }); + + // Clear + await clearConnectorsByTypes([ConnectorType.Sms]); + }); +});