From 5480ab0f188ed76a991b05ebc81242a688a39a5f Mon Sep 17 00:00:00 2001
From: Elias Schneider <login@eliasschneider.com>
Date: Fri, 13 Dec 2024 09:03:52 +0100
Subject: [PATCH] tests: add e2e test for one time access tokens

---
 backend/internal/service/test_service.go     | 23 ++++++++++++++++++++
 frontend/tests/data.ts                       |  5 +++++
 frontend/tests/one-time-access-token.spec.ts | 21 ++++++++++++++++++
 3 files changed, 49 insertions(+)
 create mode 100644 frontend/tests/one-time-access-token.spec.ts

diff --git a/backend/internal/service/test_service.go b/backend/internal/service/test_service.go
index 446193f..6bbb87f 100644
--- a/backend/internal/service/test_service.go
+++ b/backend/internal/service/test_service.go
@@ -57,6 +57,29 @@ func (s *TestService) SeedDatabase() error {
 			}
 		}
 
+		oneTimeAccessTokens := []model.OneTimeAccessToken{{
+			Base: model.Base{
+				ID: "bf877753-4ea4-4c9c-bbbd-e198bb201cb8",
+			},
+			Token:     "HPe6k6uiDRRVuAQV",
+			ExpiresAt: datatype.DateTime(time.Now().Add(1 * time.Hour)),
+			UserID:    users[0].ID,
+		},
+			{
+				Base: model.Base{
+					ID: "d3afae24-fe2d-4a98-abec-cf0b8525096a",
+				},
+				Token:     "YCGDtftvsvYWiXd0",
+				ExpiresAt: datatype.DateTime(time.Now().Add(-1 * time.Second)), // expired
+				UserID:    users[0].ID,
+			},
+		}
+		for _, token := range oneTimeAccessTokens {
+			if err := tx.Create(&token).Error; err != nil {
+				return err
+			}
+		}
+
 		userGroups := []model.UserGroup{
 			{
 				Base: model.Base{
diff --git a/frontend/tests/data.ts b/frontend/tests/data.ts
index 16ccc6e..58a7a75 100644
--- a/frontend/tests/data.ts
+++ b/frontend/tests/data.ts
@@ -55,3 +55,8 @@ export const userGroups = {
 		name: 'human_resources'
 	}
 };
+
+export const oneTimeAccessTokens = [
+	{ token: 'HPe6k6uiDRRVuAQV', expired: false },
+	{ token: 'YCGDtftvsvYWiXd0', expired: true }
+];
diff --git a/frontend/tests/one-time-access-token.spec.ts b/frontend/tests/one-time-access-token.spec.ts
new file mode 100644
index 0000000..87d68e1
--- /dev/null
+++ b/frontend/tests/one-time-access-token.spec.ts
@@ -0,0 +1,21 @@
+import test, { expect } from '@playwright/test';
+import { oneTimeAccessTokens } from './data';
+
+// Disable authentication for these tests
+test.use({ storageState: { cookies: [], origins: [] } });
+
+test('Sign in with one time access token', async ({ page }) => {
+	const token = oneTimeAccessTokens.filter((t) => !t.expired)[0];
+	await page.goto(`/login/${token.token}`);
+
+	await page.getByRole('button', { name: 'Continue' }).click();
+	await page.waitForURL('/settings/account');
+});
+
+test('Sign in with expired one time access token fails', async ({ page }) => {
+	const token = oneTimeAccessTokens.filter((t) => t.expired)[0];
+	await page.goto(`/login/${token.token}`);
+
+	await page.getByRole('button', { name: 'Continue' }).click();
+	await expect(page.getByRole('status')).toHaveText('Token is invalid or expired');
+});