appwrite/tests/e2e/Services/Account/AccountConsoleClientTest.php

<?php

namespace Tests\E2E\Services\Account;

use Tests\E2E\Client;
use Tests\E2E\Scopes\ProjectConsole;
use Tests\E2E\Scopes\Scope;
use Tests\E2E\Scopes\SideClient;
use Utopia\Database\Helpers\ID;

class AccountConsoleClientTest extends Scope
{
    use AccountBase;
    use ProjectConsole;
    use SideClient;

    public function testDeleteAccount(): void
    {
        $email = uniqid() . 'user@localhost.test';
        $password = 'password';
        $name = 'User Name';

        $response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
        ]), [
            'userId' => ID::unique(),
            'email' => $email,
            'password' => $password,
            'name' => $name,
        ]);

        $this->assertEquals($response['headers']['status-code'], 201);

        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
        ]), [
            'email' => $email,
            'password' => $password,
        ]);

        $this->assertEquals($response['headers']['status-code'], 201);

        $session = $response['cookies']['a_session_' . $this->getProject()['$id']];

        // create team
        $team = $this->client->call(Client::METHOD_POST, '/teams', [
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
            'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
        ], [
            'teamId' => 'unique()',
            'name' => 'myteam'
        ]);
        $this->assertEquals($team['headers']['status-code'], 201);

        $teamId = $team['body']['$id'];

        $response = $this->client->call(Client::METHOD_DELETE, '/account', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
            'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
        ]));

        $this->assertEquals($response['headers']['status-code'], 400);

        // DELETE TEAM
        $response = $this->client->call(Client::METHOD_DELETE, '/teams/' . $teamId, array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
            'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
        ]));
        $this->assertEquals($response['headers']['status-code'], 204);
        sleep(2);

        $response = $this->client->call(Client::METHOD_DELETE, '/account', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
            'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
        ]));

        $this->assertEquals($response['headers']['status-code'], 204);
    }

    public function testSessionAlert(): void
    {
        $email = uniqid() . 'session-alert@appwrite.io';
        $password = 'password123';
        $name = 'Session Alert Tester';

        // Create a new account
        $response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
            'x-appwrite-dev-key' => $this->getProject()['devKey'] ?? ''
        ]), [
            'userId' => ID::unique(),
            'email' => $email,
            'password' => $password,
            'name' => $name,
        ]);

        $this->assertEquals(201, $response['headers']['status-code']);

        // Create first session for the new account
        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
            'user-agent' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36',
        ]), [
            'email' => $email,
            'password' => $password,
        ]);

        $this->assertEquals(201, $response['headers']['status-code']);

        // Create second session for the new account
        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
            'user-agent' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36',
        ]), [
            'email' => $email,
            'password' => $password,
        ]);


        // Check the alert email
        $lastEmail = $this->getLastEmail();

        $this->assertEquals($email, $lastEmail['to'][0]['address']);
        $this->assertStringContainsString('Security alert: new session', $lastEmail['subject']);
        $this->assertStringContainsString($response['body']['ip'], $lastEmail['text']); // IP Address
        $this->assertStringContainsString('Unknown', $lastEmail['text']); // Country
        $this->assertStringContainsString($response['body']['clientName'], $lastEmail['text']); // Client name
        $this->assertStringContainsStringIgnoringCase('Appwrite logo', $lastEmail['html']);

        // Verify no alert sent in OTP login
        $response = $this->client->call(Client::METHOD_POST, '/account/tokens/email', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
        ]), [
            'userId' => ID::unique(),
            'email' => 'otpuser2@appwrite.io'
        ]);

        $this->assertEquals($response['headers']['status-code'], 201);
        $this->assertNotEmpty($response['body']['$id']);
        $this->assertNotEmpty($response['body']['$createdAt']);
        $this->assertNotEmpty($response['body']['userId']);
        $this->assertNotEmpty($response['body']['expire']);
        $this->assertEmpty($response['body']['secret']);
        $this->assertEmpty($response['body']['phrase']);
        $this->assertStringContainsStringIgnoringCase('New login detected on '. $this->getProject()['name'], $lastEmail['text']);

        $userId = $response['body']['userId'];

        $lastEmail = $this->getLastEmail();

        $this->assertEquals('otpuser2@appwrite.io', $lastEmail['to'][0]['address']);
        $this->assertEquals('OTP for ' . $this->getProject()['name'] . ' Login', $lastEmail['subject']);

        // Find 6 concurrent digits in email text - OTP
        preg_match_all("/\b\d{6}\b/", $lastEmail['text'], $matches);
        $code = ($matches[0] ?? [])[0] ?? '';

        $this->assertNotEmpty($code);

        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/token', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
        ]), [
            'userId' => $userId,
            'secret' => $code
        ]);

        $this->assertEquals(201, $response['headers']['status-code']);
        $this->assertEquals($userId, $response['body']['userId']);
        $this->assertNotEmpty($response['body']['$id']);
        $this->assertNotEmpty($response['body']['expire']);
        $this->assertEmpty($response['body']['secret']);

        $lastEmailId = $lastEmail['id'];
        $lastEmail = $this->getLastEmail();
        $this->assertEquals($lastEmailId, $lastEmail['id']);
    }

    public function testGetAccountLogs(): void
    {
        $email = uniqid() . 'user@localhost.test';
        $password = 'password';
        $name = 'User Name';

        /**
         * Test for SUCCESS - Create account and session for console project
         */
        $response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
        ]), [
            'userId' => ID::unique(),
            'email' => $email,
            'password' => $password,
            'name' => $name,
        ]);

        $this->assertEquals($response['headers']['status-code'], 201);

        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
        ]), [
            'email' => $email,
            'password' => $password,
        ]);

        $this->assertEquals($response['headers']['status-code'], 201);

        $session = $response['cookies']['a_session_' . $this->getProject()['$id']];

        /**
         * Test for SUCCESS - Get account logs
         */
        $response = $this->client->call(Client::METHOD_GET, '/account/logs', array_merge([
            'origin' => 'http://localhost',
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
            'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
        ]));

        $this->assertEquals(200, $response['headers']['status-code']);
        $this->assertIsArray($response['body']['logs']);
        $this->assertNotEmpty($response['body']['logs']);
        $this->assertIsNumeric($response['body']['total']);
    }
}
Tests - work in progress 2020-01-11 13:58:02 +00:00			`<?php`

Updated tests structure 2020-01-12 06:35:37 +00:00			`namespace Tests\E2E\Services\Account;`
Tests - work in progress 2020-01-11 13:58:02 +00:00
chore: run formatter 2024-03-06 17:34:21 +00:00			`use Tests\E2E\Client;`
Tests - work in progress 2020-01-11 13:58:02 +00:00			`use Tests\E2E\Scopes\ProjectConsole;`
chore: run formatter 2024-03-06 17:34:21 +00:00			`use Tests\E2E\Scopes\Scope;`
Tests - work in progress 2020-01-11 13:58:02 +00:00			`use Tests\E2E\Scopes\SideClient;`
Merge remote-tracking branch 'origin/main' into 1.5.x # Conflicts: # app/config/collections.php # app/config/errors.php # app/config/specs/open-api3-latest-client.json # app/config/specs/open-api3-latest-console.json # app/config/specs/open-api3-latest-server.json # app/config/specs/swagger2-latest-client.json # app/config/specs/swagger2-latest-console.json # app/config/specs/swagger2-latest-server.json # app/controllers/api/account.php # app/controllers/api/teams.php # app/controllers/api/users.php # app/controllers/shared/api.php # app/init.php # app/worker.php # composer.json # composer.lock # docker-compose.yml # src/Appwrite/Extend/Exception.php # src/Appwrite/Platform/Services/Tasks.php # src/Appwrite/Platform/Tasks/Maintenance.php # src/Appwrite/Platform/Workers/Certificates.php # src/Appwrite/Platform/Workers/Deletes.php # src/Appwrite/Platform/Workers/Messaging.php # src/Appwrite/Platform/Workers/Usage.php # src/Appwrite/Platform/Workers/UsageHook.php # src/Appwrite/Specification/Format/OpenAPI3.php # src/Appwrite/Specification/Format/Swagger2.php # tests/e2e/Services/Account/AccountConsoleClientTest.php 2024-02-21 12:29:28 +00:00			`use Utopia\Database\Helpers\ID;`
Tests - work in progress 2020-01-11 13:58:02 +00:00
			`class AccountConsoleClientTest extends Scope`
			`{`
feat: add tests 2023-01-11 12:39:56 +00:00			`use AccountBase;`
Tests - work in progress 2020-01-11 13:58:02 +00:00			`use ProjectConsole;`
			`use SideClient;`
update account delete test 2024-01-28 03:02:44 +00:00
			`public function testDeleteAccount(): void`
			`{`
chore: run formatter 2024-03-06 17:34:21 +00:00			`$email = uniqid() . 'user@localhost.test';`
			`$password = 'password';`
			`$name = 'User Name';`

			`$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`]), [`
			`'userId' => ID::unique(),`
			`'email' => $email,`
			`'password' => $password,`
			`'name' => $name,`
			`]);`

			`$this->assertEquals($response['headers']['status-code'], 201);`

			`$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`]), [`
			`'email' => $email,`
			`'password' => $password,`
			`]);`

			`$this->assertEquals($response['headers']['status-code'], 201);`

			`$session = $response['cookies']['a_session_' . $this->getProject()['$id']];`
Revert "Merge pull request #10468 from appwrite/feat-apps-module-dl" This reverts commit 9dd1939d1fb1fe81c0d7ab009bc2d43418fad3d2, reversing changes made to 8dfdfcb522d3dcabbfdb5e1d576b4c645b8a1619. # Conflicts: # app/config/collections/common.php # app/controllers/api/users.php # app/init/resources.php # composer.lock 2025-10-21 01:59:30 +00:00
chore: run formatter 2024-03-06 17:34:21 +00:00			`// create team`
			`$team = $this->client->call(Client::METHOD_POST, '/teams', [`
update account delete test 2024-01-28 03:02:44 +00:00			`'origin' => 'http://localhost',`
chore: run formatter 2024-03-06 17:34:21 +00:00			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,`
			`], [`
update account delete test 2024-01-28 03:02:44 +00:00			`'teamId' => 'unique()',`
			`'name' => 'myteam'`
chore: run formatter 2024-03-06 17:34:21 +00:00			`]);`
			`$this->assertEquals($team['headers']['status-code'], 201);`

			`$teamId = $team['body']['$id'];`

			`$response = $this->client->call(Client::METHOD_DELETE, '/account', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,`
			`]));`

			`$this->assertEquals($response['headers']['status-code'], 400);`

			`// DELETE TEAM`
			`$response = $this->client->call(Client::METHOD_DELETE, '/teams/' . $teamId, array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,`
			`]));`
			`$this->assertEquals($response['headers']['status-code'], 204);`
			`sleep(2);`

			`$response = $this->client->call(Client::METHOD_DELETE, '/account', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,`
			`]));`

			`$this->assertEquals($response['headers']['status-code'], 204);`
update account delete test 2024-01-28 03:02:44 +00:00			`}`
Update base template for session alert email 2025-10-31 12:22:47 +00:00
			`public function testSessionAlert(): void`
			`{`
			`$email = uniqid() . 'session-alert@appwrite.io';`
			`$password = 'password123';`
			`$name = 'Session Alert Tester';`

			`// Create a new account`
			`$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`'x-appwrite-dev-key' => $this->getProject()['devKey'] ?? ''`
			`]), [`
			`'userId' => ID::unique(),`
			`'email' => $email,`
			`'password' => $password,`
			`'name' => $name,`
			`]);`

			`$this->assertEquals(201, $response['headers']['status-code']);`

			`// Create first session for the new account`
			`$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`'user-agent' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36',`
			`]), [`
			`'email' => $email,`
			`'password' => $password,`
			`]);`

			`$this->assertEquals(201, $response['headers']['status-code']);`

			`// Create second session for the new account`
			`$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`'user-agent' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36',`
			`]), [`
			`'email' => $email,`
			`'password' => $password,`
			`]);`


			`// Check the alert email`
			`$lastEmail = $this->getLastEmail();`

			`$this->assertEquals($email, $lastEmail['to'][0]['address']);`
			`$this->assertStringContainsString('Security alert: new session', $lastEmail['subject']);`
			`$this->assertStringContainsString($response['body']['ip'], $lastEmail['text']); // IP Address`
			`$this->assertStringContainsString('Unknown', $lastEmail['text']); // Country`
			`$this->assertStringContainsString($response['body']['clientName'], $lastEmail['text']); // Client name`
			`$this->assertStringContainsStringIgnoringCase('Appwrite logo', $lastEmail['html']);`

			`// Verify no alert sent in OTP login`
			`$response = $this->client->call(Client::METHOD_POST, '/account/tokens/email', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`]), [`
			`'userId' => ID::unique(),`
			`'email' => 'otpuser2@appwrite.io'`
			`]);`

			`$this->assertEquals($response['headers']['status-code'], 201);`
			`$this->assertNotEmpty($response['body']['$id']);`
			`$this->assertNotEmpty($response['body']['$createdAt']);`
			`$this->assertNotEmpty($response['body']['userId']);`
			`$this->assertNotEmpty($response['body']['expire']);`
			`$this->assertEmpty($response['body']['secret']);`
			`$this->assertEmpty($response['body']['phrase']);`
			`$this->assertStringContainsStringIgnoringCase('New login detected on '. $this->getProject()['name'], $lastEmail['text']);`

			`$userId = $response['body']['userId'];`

			`$lastEmail = $this->getLastEmail();`

			`$this->assertEquals('otpuser2@appwrite.io', $lastEmail['to'][0]['address']);`
			`$this->assertEquals('OTP for ' . $this->getProject()['name'] . ' Login', $lastEmail['subject']);`

			`// Find 6 concurrent digits in email text - OTP`
			`preg_match_all("/\b\d{6}\b/", $lastEmail['text'], $matches);`
			`$code = ($matches[0] ?? [])[0] ?? '';`

			`$this->assertNotEmpty($code);`

			`$response = $this->client->call(Client::METHOD_POST, '/account/sessions/token', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`]), [`
			`'userId' => $userId,`
			`'secret' => $code`
			`]);`

			`$this->assertEquals(201, $response['headers']['status-code']);`
			`$this->assertEquals($userId, $response['body']['userId']);`
			`$this->assertNotEmpty($response['body']['$id']);`
			`$this->assertNotEmpty($response['body']['expire']);`
			`$this->assertEmpty($response['body']['secret']);`

			`$lastEmailId = $lastEmail['id'];`
			`$lastEmail = $this->getLastEmail();`
			`$this->assertEquals($lastEmailId, $lastEmail['id']);`
			`}`
add: missing test at console level. 2026-01-02 11:31:03 +00:00
			`public function testGetAccountLogs(): void`
			`{`
			`$email = uniqid() . 'user@localhost.test';`
			`$password = 'password';`
			`$name = 'User Name';`

			`/**`
			`* Test for SUCCESS - Create account and session for console project`
			`*/`
			`$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`]), [`
			`'userId' => ID::unique(),`
			`'email' => $email,`
			`'password' => $password,`
			`'name' => $name,`
			`]);`

			`$this->assertEquals($response['headers']['status-code'], 201);`

			`$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`]), [`
			`'email' => $email,`
			`'password' => $password,`
			`]);`

			`$this->assertEquals($response['headers']['status-code'], 201);`

			`$session = $response['cookies']['a_session_' . $this->getProject()['$id']];`

			`/**`
			`* Test for SUCCESS - Get account logs`
			`*/`
			`$response = $this->client->call(Client::METHOD_GET, '/account/logs', array_merge([`
			`'origin' => 'http://localhost',`
			`'content-type' => 'application/json',`
			`'x-appwrite-project' => $this->getProject()['$id'],`
			`'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,`
			`]));`

			`$this->assertEquals(200, $response['headers']['status-code']);`
			`$this->assertIsArray($response['body']['logs']);`
			`$this->assertNotEmpty($response['body']['logs']);`
			`$this->assertIsNumeric($response['body']['total']);`
			`}`
format files in app, src, tests 2022-05-23 14:54:50 +00:00			`}`