commit 4a3751f99bd4e36bbeacd99b30fee85b88e2cf11 (HEAD -> add-admin-password-reset-and-fix-tests, origin/add-admin-password-reset-and-fix-tests, fix-delete-user-test)
Author: Benjamin Porter <FreedomBen@users.noreply.github.com>
Date: Wed Aug 3 18:08:22 2022 -0600
Add implementation for reset password endpoints (admin)
There are two sets of endpoints for resetting a user's password:
1. Admin API endpoints: these allow an admin to request a password
reset token and give it to the user somehow. This does not result
in malan sending any email. It leaves validation up to the admin
2. Self-serve endpoints: these allow a user to change their own
password. They must first request a reset. That will trigger an
email to be sent to them that includes a reset token. They can then
use that token to call the endpoint that allows setting the new
password.
This change adds support to libmalan for the **Admin** endpoints.
Also adds tests for them.
commit 0a148a1dac5e4b1194697c4db5d5bb4773dbfdfa
Author: Benjamin Porter <FreedomBen@users.noreply.github.com>
Date: Wed Aug 3 18:06:58 2022 -0600
Add message to the error object and capture from response
commit 275081f5175dea35a954dbdb23ce99ccc26f90c0
Author: Benjamin Porter <FreedomBen@users.noreply.github.com>
Date: Wed Aug 3 18:03:44 2022 -0600
In test helper, cache root account login
this way we can reuse it without the overhead of creating a new session
every time
commit d8bb44bbb118b2f9359001bd7b1281bbf1d6f68e (origin/fix-delete-user-test)
Author: Benjamin Porter <FreedomBen@users.noreply.github.com>
Date: Wed Aug 3 17:40:24 2022 -0600
Fix delete user test
The session token that we were using gets revoked when the user is
deleted, so the test was failing with an unauthorized.
This checks that the token is indeed revoked, and then uses the root
account to make sure the user 404s
FreedomBen
commented
2 years ago