backend: update environment variables to use initial configuration for admin credentials, API key and webhook settings
This commit is contained in:
juancarmore
parent
e958fb2340
commit
981c7e0d96
@ -1,5 +1,5 @@
|
||||
USE_HTTPS=false
|
||||
MEET_LOG_LEVEL=debug
|
||||
SERVER_CORS_ORIGIN=*
|
||||
MEET_API_KEY=meet-api-key
|
||||
MEET_WEBHOOK_ENABLED=false
|
||||
MEET_INITIAL_API_KEY=meet-api-key
|
||||
MEET_INITIAL_WEBHOOK_ENABLED=false
|
||||
@ -1,5 +1,5 @@
|
||||
USE_HTTPS=false
|
||||
MEET_LOG_LEVEL=verbose
|
||||
SERVER_CORS_ORIGIN=*
|
||||
MEET_API_KEY=meet-api-key
|
||||
MEET_WEBHOOK_ENABLED=false
|
||||
MEET_INITIAL_API_KEY=meet-api-key
|
||||
MEET_INITIAL_WEBHOOK_ENABLED=false
|
||||
@ -21,26 +21,28 @@ export const {
|
||||
MEET_LOG_LEVEL = 'info',
|
||||
MEET_NAME_ID = 'openviduMeet',
|
||||
|
||||
// Authentication configuration
|
||||
MEET_API_KEY = '',
|
||||
MEET_ADMIN_USER = 'admin',
|
||||
/**
|
||||
* Authentication configuration
|
||||
*
|
||||
* IMPORTANT:
|
||||
* - This variable is only used the first time the server starts, storing the value in the database.
|
||||
* - To change it after the initial start, use the OpenVidu Meet API instead of modifying this environment variable.
|
||||
* - These variables are only used the first time the server starts, storing their values in the database.
|
||||
* - To change them after the initial start, use the OpenVidu Meet API instead of modifying these environment variables.
|
||||
*/
|
||||
MEET_ADMIN_SECRET = 'admin',
|
||||
MEET_INITIAL_ADMIN_USER = 'admin',
|
||||
MEET_INITIAL_ADMIN_PASSWORD = 'admin',
|
||||
MEET_INITIAL_API_KEY = '',
|
||||
|
||||
MEET_COOKIE_SECURE = 'false',
|
||||
|
||||
/**
|
||||
* Webhook configuration
|
||||
*
|
||||
* IMPORTANT:
|
||||
* - These variables are only used the first time the server starts, storing the values in the database.
|
||||
* - These variables are only used the first time the server starts, storing their values in the database.
|
||||
* - To change them after the initial start, use the OpenVidu Meet API instead of modifying these environment variables.
|
||||
*/
|
||||
MEET_WEBHOOK_ENABLED = 'false',
|
||||
MEET_WEBHOOK_URL = 'http://localhost:5080/webhook',
|
||||
MEET_INITIAL_WEBHOOK_ENABLED = 'false',
|
||||
MEET_INITIAL_WEBHOOK_URL = 'http://localhost:5080/webhook',
|
||||
|
||||
// LiveKit configuration
|
||||
LIVEKIT_URL = 'ws://localhost:7880',
|
||||
@ -106,14 +108,14 @@ export const logEnvVars = () => {
|
||||
console.log('SERVICE NAME ID: ', text(MEET_NAME_ID));
|
||||
console.log('CORS ORIGIN:', text(SERVER_CORS_ORIGIN));
|
||||
console.log('MEET LOG LEVEL: ', text(MEET_LOG_LEVEL));
|
||||
console.log('MEET API KEY: ', credential('****' + MEET_API_KEY.slice(-3)));
|
||||
console.log('MEET ADMIN USER: ', credential('****' + MEET_ADMIN_USER.slice(-3)));
|
||||
console.log('MEET ADMIN PASSWORD: ', credential('****' + MEET_ADMIN_SECRET.slice(-3)));
|
||||
console.log('MEET PREFERENCES STORAGE:', text(MEET_PREFERENCES_STORAGE_MODE));
|
||||
console.log('MEET_WEBHOOK_ENABLED:', text(MEET_WEBHOOK_ENABLED));
|
||||
console.log('MEET INITIAL ADMIN USER: ', credential('****' + MEET_INITIAL_ADMIN_USER.slice(-3)));
|
||||
console.log('MEET INITIAL ADMIN PASSWORD: ', credential('****' + MEET_INITIAL_ADMIN_PASSWORD.slice(-3)));
|
||||
console.log('MEET INITIAL API KEY: ', credential('****' + MEET_INITIAL_API_KEY.slice(-3)));
|
||||
console.log('MEET INITIAL WEBHOOK ENABLED:', text(MEET_INITIAL_WEBHOOK_ENABLED));
|
||||
|
||||
if (MEET_WEBHOOK_ENABLED === 'true') {
|
||||
console.log('MEET_WEBHOOK_URL:', text(MEET_WEBHOOK_URL));
|
||||
if (MEET_INITIAL_WEBHOOK_ENABLED === 'true') {
|
||||
console.log('MEET INITIAL WEBHOOK URL:', text(MEET_INITIAL_WEBHOOK_URL));
|
||||
}
|
||||
|
||||
console.log('---------------------------------------------------------');
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
import { User } from '@typings-ce';
|
||||
import { inject, injectable } from 'inversify';
|
||||
import { MEET_API_KEY } from '../environment.js';
|
||||
import { MEET_INITIAL_API_KEY } from '../environment.js';
|
||||
import { PasswordHelper } from '../helpers/index.js';
|
||||
import { errorApiKeyNotConfigured } from '../models/error.model.js';
|
||||
import { MeetStorageService, UserService } from './index.js';
|
||||
@ -48,11 +48,11 @@ export class AuthService {
|
||||
storedApiKeys = [];
|
||||
}
|
||||
|
||||
if (storedApiKeys.length === 0 && !MEET_API_KEY) {
|
||||
if (storedApiKeys.length === 0 && !MEET_INITIAL_API_KEY) {
|
||||
throw errorApiKeyNotConfigured();
|
||||
}
|
||||
|
||||
// Check if the provided API key matches any stored API key or the MEET_API_KEY
|
||||
return storedApiKeys.some((key) => key.key === apiKey) || apiKey === MEET_API_KEY;
|
||||
return storedApiKeys.some((key) => key.key === apiKey) || apiKey === MEET_INITIAL_API_KEY;
|
||||
}
|
||||
}
|
||||
|
||||
@ -8,7 +8,7 @@ import {
|
||||
} from '@typings-ce';
|
||||
import crypto from 'crypto';
|
||||
import { inject, injectable } from 'inversify';
|
||||
import { MEET_API_KEY } from '../environment.js';
|
||||
import { MEET_INITIAL_API_KEY } from '../environment.js';
|
||||
import { AuthService, LoggerService, MeetStorageService } from './index.js';
|
||||
import { errorWebhookUrlUnreachable } from '../models/error.model.js';
|
||||
|
||||
@ -222,8 +222,8 @@ export class OpenViduWebhookService {
|
||||
|
||||
if (apiKeys.length === 0) {
|
||||
// If no API keys are configured, check if the MEET_API_KEY environment variable is set
|
||||
if (MEET_API_KEY) {
|
||||
return MEET_API_KEY;
|
||||
if (MEET_INITIAL_API_KEY) {
|
||||
return MEET_INITIAL_API_KEY;
|
||||
}
|
||||
|
||||
throw new Error('There are no API keys configured yet. Please, create one to use webhooks.');
|
||||
|
||||
@ -12,11 +12,11 @@ import { inject, injectable } from 'inversify';
|
||||
import ms from 'ms';
|
||||
import { Readable } from 'stream';
|
||||
import {
|
||||
MEET_ADMIN_SECRET,
|
||||
MEET_ADMIN_USER,
|
||||
MEET_NAME_ID,
|
||||
MEET_WEBHOOK_ENABLED,
|
||||
MEET_WEBHOOK_URL
|
||||
MEET_INITIAL_ADMIN_PASSWORD,
|
||||
MEET_INITIAL_ADMIN_USER,
|
||||
MEET_INITIAL_WEBHOOK_ENABLED,
|
||||
MEET_INITIAL_WEBHOOK_URL,
|
||||
MEET_NAME_ID
|
||||
} from '../../environment.js';
|
||||
import { MeetLock, PasswordHelper, RecordingHelper } from '../../helpers/index.js';
|
||||
import {
|
||||
@ -141,8 +141,8 @@ export class MeetStorageService<
|
||||
|
||||
// Save the default admin user
|
||||
const admin = {
|
||||
username: MEET_ADMIN_USER,
|
||||
passwordHash: await PasswordHelper.hashPassword(MEET_ADMIN_SECRET),
|
||||
username: MEET_INITIAL_ADMIN_USER,
|
||||
passwordHash: await PasswordHelper.hashPassword(MEET_INITIAL_ADMIN_PASSWORD),
|
||||
roles: [UserRole.ADMIN, UserRole.USER]
|
||||
} as MUser;
|
||||
await this.saveUser(admin);
|
||||
@ -885,8 +885,8 @@ export class MeetStorageService<
|
||||
return {
|
||||
projectId: MEET_NAME_ID,
|
||||
webhooksPreferences: {
|
||||
enabled: MEET_WEBHOOK_ENABLED === 'true',
|
||||
url: MEET_WEBHOOK_URL
|
||||
enabled: MEET_INITIAL_WEBHOOK_ENABLED === 'true',
|
||||
url: MEET_INITIAL_WEBHOOK_URL
|
||||
},
|
||||
securityPreferences: {
|
||||
authentication: {
|
||||
|
||||
@ -9,9 +9,9 @@ import INTERNAL_CONFIG from '../../src/config/internal-config.js';
|
||||
import {
|
||||
LIVEKIT_API_KEY,
|
||||
LIVEKIT_API_SECRET,
|
||||
MEET_ADMIN_SECRET,
|
||||
MEET_ADMIN_USER,
|
||||
MEET_API_KEY
|
||||
MEET_INITIAL_ADMIN_PASSWORD,
|
||||
MEET_INITIAL_ADMIN_USER,
|
||||
MEET_INITIAL_API_KEY
|
||||
} from '../../src/environment.js';
|
||||
import { createApp, registerDependencies } from '../../src/server.js';
|
||||
import { RecordingService, RoomService } from '../../src/services/index.js';
|
||||
@ -29,8 +29,8 @@ import {
|
||||
|
||||
const CREDENTIALS = {
|
||||
admin: {
|
||||
username: MEET_ADMIN_USER,
|
||||
password: MEET_ADMIN_SECRET
|
||||
username: MEET_INITIAL_ADMIN_USER,
|
||||
password: MEET_INITIAL_ADMIN_PASSWORD
|
||||
}
|
||||
};
|
||||
|
||||
@ -204,7 +204,7 @@ export const createRoom = async (options: MeetRoomOptions = {}): Promise<MeetRoo
|
||||
|
||||
const response = await request(app)
|
||||
.post(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.send(options)
|
||||
.expect(201);
|
||||
return response.body;
|
||||
@ -215,7 +215,7 @@ export const getRooms = async (query: Record<string, any> = {}) => {
|
||||
|
||||
return await request(app)
|
||||
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.query(query);
|
||||
};
|
||||
|
||||
@ -235,7 +235,7 @@ export const getRoom = async (roomId: string, fields?: string, cookie?: string,
|
||||
if (cookie && role) {
|
||||
req.set('Cookie', cookie).set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, role);
|
||||
} else {
|
||||
req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
}
|
||||
|
||||
return await req;
|
||||
@ -282,7 +282,7 @@ export const deleteRoom = async (roomId: string, query: Record<string, any> = {}
|
||||
|
||||
const result = await request(app)
|
||||
.delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms/${roomId}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.query(query);
|
||||
await sleep('1s');
|
||||
return result;
|
||||
@ -293,7 +293,7 @@ export const bulkDeleteRooms = async (roomIds: any[], force?: any) => {
|
||||
|
||||
const result = await request(app)
|
||||
.delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.query({ roomIds: roomIds.join(','), force });
|
||||
await sleep('1s');
|
||||
return result;
|
||||
@ -308,7 +308,7 @@ export const deleteAllRooms = async () => {
|
||||
const response: any = await request(app)
|
||||
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`)
|
||||
.query({ fields: 'roomId', maxItems: 100, nextPageToken })
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.expect(200);
|
||||
|
||||
nextPageToken = response.body.pagination?.nextPageToken ?? undefined;
|
||||
@ -321,7 +321,7 @@ export const deleteAllRooms = async () => {
|
||||
await request(app)
|
||||
.delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`)
|
||||
.query({ roomIds: roomIds.join(','), force: true })
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
} while (nextPageToken);
|
||||
|
||||
await sleep('1s');
|
||||
@ -630,7 +630,7 @@ export const getRecording = async (recordingId: string) => {
|
||||
|
||||
return await request(app)
|
||||
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
};
|
||||
|
||||
export const getRecordingMedia = async (recordingId: string, range?: string) => {
|
||||
@ -638,7 +638,7 @@ export const getRecordingMedia = async (recordingId: string, range?: string) =>
|
||||
|
||||
const req = request(app)
|
||||
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}/media`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
|
||||
if (range) {
|
||||
req.set('range', range);
|
||||
@ -653,7 +653,7 @@ export const getRecordingUrl = async (recordingId: string, privateAccess = false
|
||||
return await request(app)
|
||||
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}/url`)
|
||||
.query({ privateAccess })
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
};
|
||||
|
||||
export const deleteRecording = async (recordingId: string) => {
|
||||
@ -661,7 +661,7 @@ export const deleteRecording = async (recordingId: string) => {
|
||||
|
||||
return await request(app)
|
||||
.delete(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
};
|
||||
|
||||
export const bulkDeleteRecordings = async (recordingIds: any[], recordingTokenCookie?: string): Promise<Response> => {
|
||||
@ -674,7 +674,7 @@ export const bulkDeleteRecordings = async (recordingIds: any[], recordingTokenCo
|
||||
if (recordingTokenCookie) {
|
||||
req.set('Cookie', recordingTokenCookie);
|
||||
} else {
|
||||
req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
}
|
||||
|
||||
return await req;
|
||||
@ -694,7 +694,7 @@ export const downloadRecordings = async (
|
||||
if (recordingTokenCookie) {
|
||||
req.set('Cookie', recordingTokenCookie);
|
||||
} else {
|
||||
req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
req.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
}
|
||||
|
||||
if (asBuffer) {
|
||||
@ -743,7 +743,7 @@ export const getAllRecordings = async (query: Record<string, any> = {}) => {
|
||||
|
||||
return await request(app)
|
||||
.get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.query(query);
|
||||
};
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
import { afterAll, afterEach, beforeAll, describe, expect, it } from '@jest/globals';
|
||||
import { Request } from 'express';
|
||||
import { MEET_WEBHOOK_ENABLED, MEET_WEBHOOK_URL } from '../../../../src/environment.js';
|
||||
import { MEET_INITIAL_WEBHOOK_ENABLED, MEET_INITIAL_WEBHOOK_URL } from '../../../../src/environment.js';
|
||||
import { expectValidationError } from '../../../helpers/assertion-helpers.js';
|
||||
import {
|
||||
getWebbhookPreferences,
|
||||
@ -12,8 +12,8 @@ import { startWebhookServer, stopWebhookServer } from '../../../helpers/test-sce
|
||||
|
||||
const restoreDefaultWebhookPreferences = async () => {
|
||||
const defaultPreferences = {
|
||||
enabled: MEET_WEBHOOK_ENABLED === 'true',
|
||||
url: MEET_WEBHOOK_URL
|
||||
enabled: MEET_INITIAL_WEBHOOK_ENABLED === 'true',
|
||||
url: MEET_INITIAL_WEBHOOK_URL
|
||||
};
|
||||
await updateWebbhookPreferences(defaultPreferences);
|
||||
};
|
||||
@ -114,8 +114,8 @@ describe('Webhook Preferences API Tests', () => {
|
||||
|
||||
expect(response.status).toBe(200);
|
||||
expect(response.body).toEqual({
|
||||
enabled: MEET_WEBHOOK_ENABLED === 'true',
|
||||
url: MEET_WEBHOOK_URL
|
||||
enabled: MEET_INITIAL_WEBHOOK_ENABLED === 'true',
|
||||
url: MEET_INITIAL_WEBHOOK_URL
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
@ -2,7 +2,7 @@ import { afterAll, beforeAll, beforeEach, describe, expect, it } from '@jest/glo
|
||||
import { Express } from 'express';
|
||||
import request from 'supertest';
|
||||
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
|
||||
import { LIVEKIT_URL, MEET_API_KEY } from '../../../../src/environment.js';
|
||||
import { LIVEKIT_URL, MEET_INITIAL_API_KEY } from '../../../../src/environment.js';
|
||||
import { MeetTokenMetadata, ParticipantRole } from '../../../../src/typings/ce';
|
||||
import { getPermissions } from '../../../helpers/assertion-helpers.js';
|
||||
import {
|
||||
@ -39,7 +39,7 @@ describe('Meeting API Security Tests', () => {
|
||||
it('should fail when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
@ -98,7 +98,7 @@ describe('Meeting API Security Tests', () => {
|
||||
it('should fail when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.patch(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.send({ role });
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
@ -147,7 +147,7 @@ describe('Meeting API Security Tests', () => {
|
||||
it('should fail when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_IDENTITY}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
|
||||
@ -2,9 +2,9 @@ import { beforeAll, describe, expect, it } from '@jest/globals';
|
||||
import { Express } from 'express';
|
||||
import request from 'supertest';
|
||||
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
|
||||
import { MEET_API_KEY } from '../../../../src/environment.js';
|
||||
import { loginUser, startTestServer } from '../../../helpers/request-helpers.js';
|
||||
import { MEET_INITIAL_API_KEY } from '../../../../src/environment.js';
|
||||
import { AuthMode, AuthType } from '../../../../src/typings/ce/index.js';
|
||||
import { loginUser, startTestServer } from '../../../helpers/request-helpers.js';
|
||||
|
||||
const PREFERENCES_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/preferences`;
|
||||
|
||||
@ -26,7 +26,7 @@ describe('Global Preferences API Security Tests', () => {
|
||||
it('should fail when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.put(`${PREFERENCES_PATH}/webhooks`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.send(webhookPreferences);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
@ -49,7 +49,7 @@ describe('Global Preferences API Security Tests', () => {
|
||||
it('should fail when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.get(`${PREFERENCES_PATH}/webhooks`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
@ -77,7 +77,7 @@ describe('Global Preferences API Security Tests', () => {
|
||||
it('should fail when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.put(`${PREFERENCES_PATH}/security`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.send(securityPreferences);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
@ -107,7 +107,7 @@ describe('Global Preferences API Security Tests', () => {
|
||||
it('should fail when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.put(`${PREFERENCES_PATH}/appearance`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.send({});
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
@ -130,7 +130,7 @@ describe('Global Preferences API Security Tests', () => {
|
||||
it('should fail when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.get(`${PREFERENCES_PATH}/appearance`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
|
||||
@ -2,7 +2,7 @@ import { afterAll, beforeAll, describe, expect, it } from '@jest/globals';
|
||||
import { Express } from 'express';
|
||||
import request from 'supertest';
|
||||
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
|
||||
import { MEET_API_KEY } from '../../../../src/environment.js';
|
||||
import { MEET_INITIAL_API_KEY } from '../../../../src/environment.js';
|
||||
import { MeetRecordingAccess, ParticipantRole } from '../../../../src/typings/ce/index.js';
|
||||
import { expectValidStopRecordingResponse } from '../../../helpers/assertion-helpers.js';
|
||||
import {
|
||||
@ -47,7 +47,7 @@ describe('Recording API Security Tests', () => {
|
||||
const response = await request(app)
|
||||
.post(INTERNAL_RECORDINGS_PATH)
|
||||
.send({ roomId: roomData.room.roomId })
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
@ -108,7 +108,7 @@ describe('Recording API Security Tests', () => {
|
||||
it('should fail when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.post(`${INTERNAL_RECORDINGS_PATH}/${roomData.recordingId}/stop`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
@ -160,7 +160,7 @@ describe('Recording API Security Tests', () => {
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.get(RECORDINGS_PATH)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
@ -224,7 +224,7 @@ describe('Recording API Security Tests', () => {
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.get(`${RECORDINGS_PATH}/${recordingId}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
@ -351,7 +351,7 @@ describe('Recording API Security Tests', () => {
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.delete(`${RECORDINGS_PATH}/${fakeRecordingId}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(404);
|
||||
});
|
||||
|
||||
@ -437,7 +437,7 @@ describe('Recording API Security Tests', () => {
|
||||
const response = await request(app)
|
||||
.delete(RECORDINGS_PATH)
|
||||
.query({ recordingIds: fakeRecordingId })
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
@ -516,7 +516,7 @@ describe('Recording API Security Tests', () => {
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.get(`${RECORDINGS_PATH}/${recordingId}/media`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
@ -640,7 +640,7 @@ describe('Recording API Security Tests', () => {
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.get(`${RECORDINGS_PATH}/${recordingId}/url`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
@ -715,7 +715,7 @@ describe('Recording API Security Tests', () => {
|
||||
const response = await request(app)
|
||||
.get(`${RECORDINGS_PATH}/download`)
|
||||
.query({ recordingIds: recordingId })
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
|
||||
@ -2,7 +2,7 @@ import { afterAll, beforeAll, beforeEach, describe, expect, it } from '@jest/glo
|
||||
import { Express } from 'express';
|
||||
import request from 'supertest';
|
||||
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
|
||||
import { MEET_API_KEY } from '../../../../src/environment.js';
|
||||
import { MEET_INITIAL_API_KEY } from '../../../../src/environment.js';
|
||||
import { AuthMode, MeetRecordingAccess, ParticipantRole } from '../../../../src/typings/ce/index.js';
|
||||
import {
|
||||
changeSecurityPreferences,
|
||||
@ -37,7 +37,7 @@ describe('Room API Security Tests', () => {
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.post(ROOMS_PATH)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.send({});
|
||||
expect(response.status).toBe(201);
|
||||
});
|
||||
@ -55,7 +55,9 @@ describe('Room API Security Tests', () => {
|
||||
|
||||
describe('Get Rooms Tests', () => {
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app).get(ROOMS_PATH).set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
const response = await request(app)
|
||||
.get(ROOMS_PATH)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
@ -82,7 +84,7 @@ describe('Room API Security Tests', () => {
|
||||
const response = await request(app)
|
||||
.delete(ROOMS_PATH)
|
||||
.query({ roomIds: roomId })
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(204);
|
||||
});
|
||||
|
||||
@ -110,7 +112,7 @@ describe('Room API Security Tests', () => {
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.get(`${ROOMS_PATH}/${roomData.room.roomId}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
@ -162,7 +164,7 @@ describe('Room API Security Tests', () => {
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.delete(`${ROOMS_PATH}/${roomId}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(204);
|
||||
});
|
||||
|
||||
@ -197,7 +199,7 @@ describe('Room API Security Tests', () => {
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.put(`${ROOMS_PATH}/${roomId}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY)
|
||||
.send(roomPreferences);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
@ -226,7 +228,7 @@ describe('Room API Security Tests', () => {
|
||||
it('should fail when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.get(`${INTERNAL_ROOMS_PATH}/${roomData.room.roomId}/preferences`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
|
||||
@ -2,7 +2,7 @@ import { beforeAll, describe, expect, it } from '@jest/globals';
|
||||
import { Express } from 'express';
|
||||
import request from 'supertest';
|
||||
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
|
||||
import { MEET_ADMIN_SECRET } from '../../../../src/environment.js';
|
||||
import { MEET_INITIAL_ADMIN_PASSWORD } from '../../../../src/environment.js';
|
||||
import { changePassword, loginUser, startTestServer } from '../../../helpers/request-helpers.js';
|
||||
|
||||
const USERS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/users`;
|
||||
@ -34,7 +34,7 @@ describe('User API Security Tests', () => {
|
||||
|
||||
describe('Change Password Tests', () => {
|
||||
const changePasswordRequest = {
|
||||
currentPassword: MEET_ADMIN_SECRET,
|
||||
currentPassword: MEET_INITIAL_ADMIN_PASSWORD,
|
||||
newPassword: 'newpassword123'
|
||||
};
|
||||
|
||||
@ -52,7 +52,7 @@ describe('User API Security Tests', () => {
|
||||
expect(response.status).toBe(200);
|
||||
|
||||
// Reset password
|
||||
await changePassword(changePasswordRequest.newPassword, MEET_ADMIN_SECRET, adminCookie);
|
||||
await changePassword(changePasswordRequest.newPassword, MEET_INITIAL_ADMIN_PASSWORD, adminCookie);
|
||||
});
|
||||
|
||||
it('should fail when user is not authenticated', async () => {
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
import { beforeAll, describe, expect, it } from '@jest/globals';
|
||||
import { MEET_ADMIN_SECRET } from '../../../../src/environment.js';
|
||||
import { MEET_INITIAL_ADMIN_PASSWORD } from '../../../../src/environment.js';
|
||||
import { expectValidationError } from '../../../helpers/assertion-helpers.js';
|
||||
import { changePassword, loginUser, startTestServer } from '../../../helpers/request-helpers.js';
|
||||
|
||||
@ -14,12 +14,12 @@ describe('Users API Tests', () => {
|
||||
describe('Change Password Tests', () => {
|
||||
it('should successfully change password', async () => {
|
||||
const newPassword = 'newpassword123';
|
||||
const response = await changePassword(MEET_ADMIN_SECRET, newPassword, adminCookie);
|
||||
const response = await changePassword(MEET_INITIAL_ADMIN_PASSWORD, newPassword, adminCookie);
|
||||
expect(response.status).toBe(200);
|
||||
expect(response.body).toHaveProperty('message', 'Password changed successfully');
|
||||
|
||||
// Reset password
|
||||
await changePassword(newPassword, MEET_ADMIN_SECRET, adminCookie);
|
||||
await changePassword(newPassword, MEET_INITIAL_ADMIN_PASSWORD, adminCookie);
|
||||
});
|
||||
|
||||
it('should fail when current password is incorrect', async () => {
|
||||
@ -29,7 +29,7 @@ describe('Users API Tests', () => {
|
||||
});
|
||||
|
||||
it('should fail when new password is not 5 characters long', async () => {
|
||||
const response = await changePassword(MEET_ADMIN_SECRET, '1234', adminCookie);
|
||||
const response = await changePassword(MEET_INITIAL_ADMIN_PASSWORD, '1234', adminCookie);
|
||||
expectValidationError(response, 'newPassword', 'New password must be at least 5 characters long');
|
||||
});
|
||||
});
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user