2018-11-10 09:37:33 +01:00
|
|
|
use Test::More;
|
|
|
|
use strict;
|
|
|
|
use IO::String;
|
|
|
|
|
|
|
|
BEGIN {
|
|
|
|
eval {
|
|
|
|
require 't/test-lib.pm';
|
|
|
|
require 't/smtp.pm';
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
my ( $res, $user, $pwd );
|
2018-11-16 15:08:27 +01:00
|
|
|
my $maintests = 17;
|
2018-11-10 09:37:33 +01:00
|
|
|
my $mailSend = 0;
|
|
|
|
|
|
|
|
my $mail2 = 0;
|
2018-11-16 15:08:27 +01:00
|
|
|
unlink 't/userdb.db';
|
2018-11-10 09:37:33 +01:00
|
|
|
|
|
|
|
SKIP: {
|
|
|
|
eval
|
2018-11-16 15:08:27 +01:00
|
|
|
'require Email::Sender::Simple;use GD::SecurityImage;use Image::Magick;';
|
2018-11-10 09:37:33 +01:00
|
|
|
if ($@) {
|
|
|
|
skip 'Missing dependencies', $maintests;
|
|
|
|
}
|
|
|
|
eval { require DBI; require DBD::SQLite; };
|
|
|
|
if ($@) {
|
|
|
|
skip 'DBD::SQLite not found', $maintests;
|
|
|
|
}
|
|
|
|
my $dbh = DBI->connect("dbi:SQLite:dbname=t/userdb.db");
|
|
|
|
$dbh->do(
|
|
|
|
'CREATE TABLE users (user text,password text,name text, mail text)');
|
|
|
|
$dbh->do(
|
2018-11-16 15:08:27 +01:00
|
|
|
"INSERT INTO users VALUES ('yadd','yadd','Yadd','yadd\@badwolf.org')");
|
2018-11-10 09:37:33 +01:00
|
|
|
|
2019-02-07 09:27:56 +01:00
|
|
|
my $client = LLNG::Manager::Test->new( {
|
2018-11-16 15:08:27 +01:00
|
|
|
ini => {
|
2018-11-15 22:55:53 +01:00
|
|
|
logLevel => 'error',
|
2018-11-10 09:37:33 +01:00
|
|
|
useSafeJail => 1,
|
|
|
|
portalDisplayRegister => 1,
|
|
|
|
authentication => 'Choice',
|
|
|
|
authChoiceParam => 'test',
|
|
|
|
authChoiceModules => {
|
|
|
|
demo => 'Demo;Demo;Demo',
|
|
|
|
sql => 'DBI;DBI;DBI',
|
|
|
|
},
|
|
|
|
userDB => 'Same',
|
|
|
|
passwordDB => 'Choice',
|
|
|
|
captcha_mail_enabled => 0,
|
|
|
|
portalDisplayResetPassword => 1,
|
|
|
|
dbiAuthChain => 'dbi:SQLite:dbname=t/userdb.db',
|
|
|
|
dbiAuthUser => '',
|
|
|
|
dbiAuthPassword => '',
|
|
|
|
dbiAuthTable => 'users',
|
|
|
|
dbiAuthLoginCol => 'user',
|
|
|
|
dbiAuthPasswordCol => 'password',
|
|
|
|
dbiAuthPasswordHash => '',
|
|
|
|
dbiDynamicHashEnabled => 0,
|
|
|
|
dbiMailCol => 'mail',
|
|
|
|
}
|
|
|
|
}
|
|
|
|
);
|
|
|
|
|
2018-11-16 15:08:27 +01:00
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/', IO::String->new('user=yadd&password=yadd&test=sql'),
|
2018-11-13 23:45:57 +01:00
|
|
|
length => 32
|
|
|
|
),
|
|
|
|
'Auth query'
|
|
|
|
);
|
|
|
|
expectOK($res);
|
|
|
|
my $id = expectCookie($res);
|
|
|
|
|
|
|
|
$client->logout($id);
|
|
|
|
|
2018-11-13 06:53:21 +01:00
|
|
|
foreach my $sameBrowser ( 0 .. 1 ) {
|
|
|
|
|
|
|
|
# Test form
|
|
|
|
# ------------------------
|
|
|
|
ok( $res = $client->_get( '/resetpwd', accept => 'text/html' ),
|
|
|
|
'Reset form', );
|
|
|
|
my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'mail' );
|
|
|
|
|
|
|
|
$query = 'mail=yadd%40badwolf.org';
|
|
|
|
|
|
|
|
# Post email
|
2018-11-16 15:08:27 +01:00
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
2018-11-13 06:53:21 +01:00
|
|
|
'/resetpwd', IO::String->new($query),
|
|
|
|
query => 'test=sql',
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Post mail'
|
|
|
|
);
|
2018-11-16 15:08:27 +01:00
|
|
|
my $pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
2018-11-10 09:37:33 +01:00
|
|
|
|
2018-11-13 06:53:21 +01:00
|
|
|
ok( mail() =~ m#a href="http://auth.example.com/resetpwd\?(.*?)"#,
|
|
|
|
'Found link in mail' );
|
|
|
|
$query = $1;
|
2018-11-10 09:37:33 +01:00
|
|
|
|
2018-11-16 15:08:27 +01:00
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
2018-11-13 06:53:21 +01:00
|
|
|
'/resetpwd',
|
|
|
|
query => $query,
|
|
|
|
accept => 'text/html',
|
|
|
|
( $sameBrowser ? ( cookie => $pdata ) : () ),
|
|
|
|
),
|
|
|
|
'Post mail token received by mail with '
|
2018-11-16 15:08:27 +01:00
|
|
|
. ( $sameBrowser ? 'the same browser' : 'another browser' )
|
2018-11-13 06:53:21 +01:00
|
|
|
);
|
|
|
|
( $host, $url, $query ) = expectForm( $res, '#', undef, 'token' );
|
|
|
|
ok( $res->[2]->[0] =~ /newpassword/s, ' Ask for a new password' );
|
|
|
|
|
|
|
|
$query .= '&newpassword=zz&confirmpassword=zz';
|
|
|
|
$pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
|
|
|
|
|
|
|
# Post new password
|
2018-11-16 15:08:27 +01:00
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
2018-11-13 06:53:21 +01:00
|
|
|
'/resetpwd', IO::String->new($query),
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html',
|
|
|
|
cookie => $pdata,
|
|
|
|
),
|
|
|
|
'Post new password'
|
|
|
|
);
|
|
|
|
|
|
|
|
ok( mail() =~ /Your password was changed/, 'Password was changed' );
|
|
|
|
|
|
|
|
#print STDERR Dumper($query);
|
2018-11-15 22:55:53 +01:00
|
|
|
|
2018-11-16 15:08:27 +01:00
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/',
|
|
|
|
IO::String->new('user=yadd&password=zz&test=sql'),
|
|
|
|
length => 30
|
|
|
|
),
|
|
|
|
'Auth query'
|
|
|
|
);
|
|
|
|
expectOK($res);
|
|
|
|
$id = expectCookie($res);
|
2018-11-13 23:45:57 +01:00
|
|
|
|
2018-11-16 15:08:27 +01:00
|
|
|
$client->logout($id);
|
|
|
|
$dbh->do("UPDATE users SET password='dwho' WHERE user='yadd'");
|
|
|
|
}
|
2018-11-13 23:45:57 +01:00
|
|
|
|
2018-11-10 09:37:33 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
eval { unlink 't/userdb.db' };
|
|
|
|
count($maintests);
|
|
|
|
clean_sessions();
|
|
|
|
done_testing( count() );
|