diff --git a/src/Api/Jobs/UserJobs/PasswordResetJob.php b/src/Api/Jobs/UserJobs/PasswordResetJob.php index 251fb5fd..ea943dfc 100644 --- a/src/Api/Jobs/UserJobs/PasswordResetJob.php +++ b/src/Api/Jobs/UserJobs/PasswordResetJob.php @@ -17,7 +17,7 @@ class PasswordResetJob extends AbstractJob if (empty($user->getConfirmedEmail())) throw new SimpleException('This user has no e-mail confirmed; password reset cannot proceed'); - UserModel::sendPasswordResetEmail($user); + self::sendEmail($user); return $user; } @@ -35,7 +35,7 @@ class PasswordResetJob extends AbstractJob $user = $token->getUser(); $user->setPassword($newPassword); - $token->used = true; + $token->setUsed(true); TokenModel::save($token); UserModel::save($user); diff --git a/tests/JobTests/ActivateUserEmailJobTest.php b/tests/JobTests/ActivateUserEmailJobTest.php index 5e66894a..158d6b02 100644 --- a/tests/JobTests/ActivateUserEmailJobTest.php +++ b/tests/JobTests/ActivateUserEmailJobTest.php @@ -72,7 +72,6 @@ class ActivateUserEmailJobTest extends AbstractTest $this->assert->areEqual('godzilla@whitestar.gov', $user->getConfirmedEmail()); } - public function testUsingTokenTwice() { getConfig()->registration->needEmailForRegistering = true; diff --git a/tests/JobTests/PasswordResetJobTest.php b/tests/JobTests/PasswordResetJobTest.php new file mode 100644 index 00000000..b85d940d --- /dev/null +++ b/tests/JobTests/PasswordResetJobTest.php @@ -0,0 +1,127 @@ +registration->needEmailForRegistering = true; + Mailer::mockSending(); + + $user = $this->mockUser(); + $user->setUnconfirmedEmail('godzilla@whitestar.gov'); + UserModel::save($user); + + $this->assert->throws(function() use ($user) + { + Api::run( + new PasswordResetJob(), + [ + JobArgs::ARG_USER_NAME => $user->getName(), + ]); + }, 'no e-mail confirmed'); + } + + public function testSending() + { + getConfig()->registration->needEmailForRegistering = true; + Mailer::mockSending(); + + $user = $this->mockUser(); + $user->setConfirmedEmail('godzilla@whitestar.gov'); + UserModel::save($user); + + $this->assert->areEqual(0, Mailer::getMailCounter()); + + $this->assert->doesNotThrow(function() use ($user) + { + Api::run( + new PasswordResetJob(), + [ + JobArgs::ARG_USER_NAME => $user->getName(), + ]); + }); + + $this->assert->areEqual(1, Mailer::getMailCounter()); + + $tokens = Mailer::getMailsSent()[0]->tokens; + $tokenText = $tokens['token']; + $token = TokenModel::getByToken($tokenText); + + $this->assert->areEqual($user->getId(), $token->getUser()->getId()); + $this->assert->isTrue(strpos($tokens['link'], $tokenText) !== false); + + return $tokenText; + } + + public function testObtainingNewPassword() + { + getConfig()->registration->needEmailForRegistering = true; + Mailer::mockSending(); + + $user = $this->mockUser(); + $user->setConfirmedEmail('godzilla@whitestar.gov'); + UserModel::save($user); + + $this->assert->doesNotThrow(function() use ($user) + { + Api::run( + new PasswordResetJob(), + [ + JobArgs::ARG_USER_NAME => $user->getName(), + ]); + }); + + $tokenText = Mailer::getMailsSent()[0]->tokens['token']; + + $ret = $this->assert->doesNotThrow(function() use ($tokenText) + { + return Api::run( + new PasswordResetJob(), + [ + JobArgs::ARG_TOKEN => $tokenText, + ]); + }); + + $user = $ret->user; + $newPassword = $ret->newPassword; + $newPasswordHash = UserModel::hashPassword($newPassword, $user->getPasswordSalt()); + + $this->assert->areEqual($newPasswordHash, $user->getPasswordHash()); + $this->assert->doesNotThrow(function() use ($user, $newPassword) + { + Auth::login($user->getName(), $newPassword, false); + }); + } + + public function testUsingTokenTwice() + { + getConfig()->registration->needEmailForRegistering = true; + Mailer::mockSending(); + + $user = $this->mockUser(); + $user->setConfirmedEmail('godzilla@whitestar.gov'); + UserModel::save($user); + + Api::run( + new PasswordResetJob(), + [ + JobArgs::ARG_USER_NAME => $user->getName(), + ]); + + $tokenText = Mailer::getMailsSent()[0]->tokens['token']; + + Api::run( + new PasswordResetJob(), + [ + JobArgs::ARG_TOKEN => $tokenText, + ]); + + $this->assert->throws(function() use ($tokenText) + { + Api::run( + new PasswordResetJob(), + [ + JobArgs::ARG_TOKEN => $tokenText, + ]); + }, 'This token was already used'); + } +}