3 namespace Drupal\Tests\user\FunctionalJavascript;
5 use Drupal\Core\Test\AssertMailTrait;
7 use Drupal\FunctionalJavascriptTests\WebDriverTestBase;
8 use Drupal\Tests\TestFileCreationTrait;
9 use Drupal\user\Entity\User;
12 * Ensure that password reset methods work as expected.
16 class UserPasswordResetTest extends WebDriverTestBase {
19 getMails as drupalGetMails;
22 use TestFileCreationTrait {
23 getTestFiles as drupalGetTestFiles;
27 * The profile to install as a basis for testing.
29 * This test uses the standard profile to test the password reset in
30 * combination with an ajax request provided by the user picture configuration
31 * in the standard profile.
35 protected $profile = 'standard';
38 * The user object to test password resetting.
40 * @var \Drupal\user\UserInterface
47 public static $modules = ['block'];
52 protected function setUp() {
56 $account = $this->drupalCreateUser();
58 // Activate user by logging in.
59 $this->drupalLogin($account);
61 $this->account = User::load($account->id());
62 $this->account->pass_raw = $account->pass_raw;
63 $this->drupalLogout();
65 // Set the last login time that is used to generate the one-time link so
66 // that it is definitely over a second ago.
67 $account->login = REQUEST_TIME - mt_rand(10, 100000);
68 db_update('users_field_data')
69 ->fields(['login' => $account->getLastLoginTime()])
70 ->condition('uid', $account->id())
75 * Tests password reset functionality with an AJAX form.
77 * Make sure the ajax request from uploading a user picture does not
78 * invalidate the reset token.
80 public function testUserPasswordResetWithAdditionalAjaxForm() {
81 $this->drupalGet(Url::fromRoute('user.reset.form', ['uid' => $this->account->id()]));
83 // Try to reset the password for an invalid account.
84 $this->drupalGet('user/password');
86 // Reset the password by username via the password reset page.
87 $edit['name'] = $this->account->getUsername();
88 $this->drupalPostForm(NULL, $edit, t('Submit'));
90 $resetURL = $this->getResetURL();
91 $this->drupalGet($resetURL);
94 $this->drupalPostForm(NULL, NULL, t('Log in'));
97 $image_file = current($this->drupalGetTestFiles('image'));
98 $image_path = \Drupal::service('file_system')->realpath($image_file->uri);
101 $this->getSession()->getPage()->attachFileToField('Picture', $image_path);
102 $this->assertSession()->waitForButton('Remove');
104 // Change the forgotten password.
105 $password = user_password();
106 $edit = ['pass[pass1]' => $password, 'pass[pass2]' => $password];
107 $this->drupalPostForm(NULL, $edit, t('Save'));
109 // Verify that the password reset session has been destroyed.
110 $this->drupalPostForm(NULL, $edit, t('Save'));
111 // Password needed to make profile changes.
112 $this->assertSession()->pageTextContains("Your current password is missing or incorrect; it's required to change the Password.");
116 * Retrieves password reset email and extracts the login link.
118 public function getResetURL() {
119 // Assume the most recent email.
120 $_emails = $this->drupalGetMails();
121 $email = end($_emails);
123 preg_match('#.+user/reset/.+#', $email['body'], $urls);