http: POST /api/account/password — self-service password change
This commit is contained in:
@@ -275,3 +275,27 @@ func TestAPIUserForceLogout(t *testing.T) {
|
||||
t.Errorf("expected 0 remaining sessions, got %d", rr)
|
||||
}
|
||||
}
|
||||
|
||||
func TestAPIAccountPasswordChange(t *testing.T) {
|
||||
t.Parallel()
|
||||
srv, ts, _ := rawTestServerWithUI(t)
|
||||
uid := makeUser(t, srv, "alice", store.RoleViewer)
|
||||
cookie := loginAs(t, srv, uid)
|
||||
|
||||
body, _ := json.Marshal(map[string]string{
|
||||
"current_password": "test-password",
|
||||
"new_password": "averylongpassword",
|
||||
})
|
||||
req, _ := stdhttp.NewRequest("POST", ts.URL+"/api/account/password", bytes.NewReader(body))
|
||||
req.AddCookie(cookie)
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
res, err := stdhttp.DefaultClient.Do(req)
|
||||
if err != nil {
|
||||
t.Fatalf("POST: %v", err)
|
||||
}
|
||||
defer res.Body.Close()
|
||||
if res.StatusCode != stdhttp.StatusOK {
|
||||
body, _ := io.ReadAll(res.Body)
|
||||
t.Errorf("status: got %d body=%s", res.StatusCode, body)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user