verify_spec.rb 1.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe Gql::Mutations::User::PasswordReset::Verify, type: :graphql do
  4. context 'when verifying reset password token' do
  5. let(:user) { create(:user) }
  6. let(:token) { User.password_reset_new_token(user.login)[:token].token }
  7. let(:query) do
  8. <<~QUERY
  9. mutation userPasswordResetVerify($token: String!) {
  10. userPasswordResetVerify(token: $token) {
  11. success
  12. errors {
  13. message
  14. }
  15. }
  16. }
  17. QUERY
  18. end
  19. let(:variables) do
  20. {
  21. token: token
  22. }
  23. end
  24. before do
  25. disable_user_lost_password if defined?(disable_user_lost_password)
  26. gql.execute(query, variables: variables)
  27. end
  28. context 'with disabled lost password feature' do
  29. let(:disable_user_lost_password) do
  30. Setting.set('user_lost_password', false)
  31. end
  32. it 'raises an error' do
  33. expect(gql.result.error_message).to eq 'This feature is not enabled.'
  34. end
  35. end
  36. context 'with a valid token' do
  37. it 'verifies password reset token' do
  38. expect(gql.result.data).to eq({ 'success' => true, 'errors' => nil })
  39. end
  40. end
  41. context 'with an invalid token' do
  42. let(:token) { SecureRandom.urlsafe_base64(48) }
  43. it 'raises an error' do
  44. expect(gql.result.data).to eq({ 'success' => nil, 'errors' => [{ 'message' => 'The provided token is invalid.' }] })
  45. end
  46. end
  47. end
  48. end