tech/sendico
2
0
Fork 0
Code Issues 30 Pull Requests Actions Packages Projects Releases Wiki Activity

fixed token errors

Browse Source
This commit is contained in:
Stephan D
2026-02-10 02:11:22 +01:00
parent 7f540671c1
commit 7c182afd23
2 changed files with 72 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
api/pkg/db/internal/mongo/verificationimp/verification_test.go
View File

@@ -553,8 +553,8 @@ func TestConsume_SecondConsumeFailsAlreadyUsed(t *testing.T) {
_, err = db.Consume(ctx, accountRef, model.PurposePasswordReset, raw)
require.Error(t, err)
assert.True(t, errors.Is(err, verification.ErrTokenNotFound),
"second consume should fail — used tokens are excluded from active filter")
assert.True(t, errors.Is(err, verification.ErrTokenAlreadyUsed),
"second consume should fail with already-used after usedAt is set")
}
func TestConsume_ExpiredTokenFails(t *testing.T) {
@@ -568,8 +568,8 @@ func TestConsume_ExpiredTokenFails(t *testing.T) {
_, err = db.Consume(ctx, accountRef, model.PurposePasswordReset, raw)
require.Error(t, err)
assert.True(t, errors.Is(err, verification.ErrTokenNotFound),
"expired token is excluded from active filter")
assert.True(t, errors.Is(err, verification.ErrTokenExpired),
"expired token should return explicit expiry error")
}
func TestConsume_UnknownTokenFails(t *testing.T) {
@@ -581,6 +581,20 @@ func TestConsume_UnknownTokenFails(t *testing.T) {
assert.True(t, errors.Is(err, verification.ErrTokenNotFound))
}
func TestConsume_AccountActivationWithoutAccountRef(t *testing.T) {
db := newTestVerificationDB(t)
ctx := context.Background()
accountRef := bson.NewObjectID()
raw, err := db.Create(ctx, req(accountRef, model.PurposeAccountActivation, "", time.Hour))
require.NoError(t, err)
tok, err := db.Consume(ctx, bson.NilObjectID, model.PurposeAccountActivation, raw)
require.NoError(t, err)
assert.Equal(t, accountRef, tok.AccountRef)
assert.Equal(t, model.PurposeAccountActivation, tok.Purpose)
}
func TestCreate_InvalidatesPreviousToken(t *testing.T) {
db := newTestVerificationDB(t)
ctx := context.Background()
@@ -596,8 +610,8 @@ func TestCreate_InvalidatesPreviousToken(t *testing.T) {
// Old token is no longer consumable — invalidated (usedAt set) by the second Create.
_, err = db.Consume(ctx, accountRef, model.PurposePasswordReset, oldRaw)
require.Error(t, err)
assert.True(t, errors.Is(err, verification.ErrTokenNotFound),
"old token should be invalidated after new token creation")
assert.True(t, errors.Is(err, verification.ErrTokenAlreadyUsed),
"old token should return already-used after invalidation")
// New token works fine.
tok, err := db.Consume(ctx, accountRef, model.PurposePasswordReset, newRaw)
@@ -618,9 +632,9 @@ func TestCreate_InvalidatesMultiplePreviousTokens(t *testing.T) {
require.NoError(t, err)
_, err = db.Consume(ctx, accountRef, model.PurposePasswordReset, first)
assert.True(t, errors.Is(err, verification.ErrTokenNotFound), "first should be invalidated")
assert.True(t, errors.Is(err, verification.ErrTokenAlreadyUsed), "first should be invalidated/used")
_, err = db.Consume(ctx, accountRef, model.PurposePasswordReset, second)
assert.True(t, errors.Is(err, verification.ErrTokenNotFound), "second should be invalidated")
assert.True(t, errors.Is(err, verification.ErrTokenAlreadyUsed), "second should be invalidated/used")
tok, err := db.Consume(ctx, accountRef, model.PurposePasswordReset, third)
require.NoError(t, err)