From fecdab8b6f883f14981982dc168ffbc29432e7e7 Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@nodebb.org>
Date: Wed, 4 Jan 2023 16:07:25 -0500
Subject: [PATCH] refactor: `helpers.loginUser` to be fully async

---
 test/authentication.js    | 202 ++++++++++++++------------------------
 test/controllers-admin.js |  20 ++--
 test/controllers.js       |  53 ++++------
 test/helpers/index.js     |  49 ++++-----
 test/messaging.js         |  12 +--
 test/posts.js             |  93 ++++++------------
 test/user.js              | 104 ++++----------------
 test/user/emails.js       |   3 +-
 8 files changed, 189 insertions(+), 347 deletions(-)

diff --git a/test/authentication.js b/test/authentication.js
index b8889d95eb..a4d15cbe1f 100644
--- a/test/authentication.js
+++ b/test/authentication.js
@@ -6,6 +6,7 @@ const url = require('url');
 const async = require('async');
 const nconf = require('nconf');
 const request = require('request');
+const requestAsync = require('request-promise-native');
 const util = require('util');
 
 const db = require('./mocks/databasemock');
@@ -157,27 +158,20 @@ describe('authentication', () => {
 		});
 	});
 
-	it('should login a user', (done) => {
-		helpers.loginUser('regular', 'regularpwd', (err, data) => {
-			assert.ifError(err);
-			assert(data.body);
-			request({
-				url: `${nconf.get('url')}/api/self`,
-				json: true,
-				jar: data.jar,
-			}, (err, response, body) => {
-				assert.ifError(err);
-				assert(body);
-				assert.equal(body.username, 'regular');
-				assert.equal(body.email, 'regular@nodebb.org');
-				db.getObject(`uid:${regularUid}:sessionUUID:sessionId`, (err, sessions) => {
-					assert.ifError(err);
-					assert(sessions);
-					assert(Object.keys(sessions).length > 0);
-					done();
-				});
-			});
+	it('should login a user', async () => {
+		const { jar, body: loginBody } = await helpers.loginUser('regular', 'regularpwd');
+		assert(loginBody);
+		const body = await requestAsync({
+			url: `${nconf.get('url')}/api/self`,
+			json: true,
+			jar,
 		});
+		assert(body);
+		assert.equal(body.username, 'regular');
+		assert.equal(body.email, 'regular@nodebb.org');
+		const sessions = await db.getObject(`uid:${regularUid}:sessionUUID:sessionId`);
+		assert(sessions);
+		assert(Object.keys(sessions).length > 0);
 	});
 
 	it('should regenerate the session identifier on successful login', async () => {
@@ -238,77 +232,53 @@ describe('authentication', () => {
 		});
 	});
 
-	it('should fail to login if user does not exist', (done) => {
-		helpers.loginUser('doesnotexist', 'nopassword', (err, data) => {
-			assert.ifError(err);
-			assert.equal(data.res.statusCode, 403);
-			assert.equal(data.body, '[[error:invalid-login-credentials]]');
-			done();
-		});
+	it('should fail to login if user does not exist', async () => {
+		const { res, body } = await helpers.loginUser('doesnotexist', 'nopassword');
+		assert.equal(res.statusCode, 403);
+		assert.equal(body, '[[error:invalid-login-credentials]]');
 	});
 
-	it('should fail to login if username is empty', (done) => {
-		helpers.loginUser('', 'some password', (err, data) => {
-			assert.ifError(err);
-			assert.equal(data.res.statusCode, 403);
-			assert.equal(data.body, '[[error:invalid-username-or-password]]');
-			done();
-		});
+	it('should fail to login if username is empty', async () => {
+		const { res, body } = await helpers.loginUser('', 'some password');
+		assert.equal(res.statusCode, 403);
+		assert.equal(body, '[[error:invalid-username-or-password]]');
 	});
 
-	it('should fail to login if password is empty', (done) => {
-		helpers.loginUser('someuser', '', (err, data) => {
-			assert.ifError(err);
-			assert.equal(data.res.statusCode, 403);
-			assert.equal(data.body, '[[error:invalid-username-or-password]]');
-			done();
-		});
+	it('should fail to login if password is empty', async () => {
+		const { res, body } = await helpers.loginUser('someuser', '');
+		assert.equal(res.statusCode, 403);
+		assert.equal(body, '[[error:invalid-username-or-password]]');
 	});
 
-	it('should fail to login if username and password are empty', (done) => {
-		helpers.loginUser('', '', (err, data) => {
-			assert.ifError(err);
-			assert.equal(data.res.statusCode, 403);
-			assert.equal(data.body, '[[error:invalid-username-or-password]]');
-			done();
-		});
+	it('should fail to login if username and password are empty', async () => {
+		const { res, body } = await helpers.loginUser('', '');
+		assert.equal(res.statusCode, 403);
+		assert.equal(body, '[[error:invalid-username-or-password]]');
 	});
 
-	it('should fail to login if user does not have password field in db', (done) => {
-		user.create({ username: 'hasnopassword', email: 'no@pass.org' }, (err, uid) => {
-			assert.ifError(err);
-			helpers.loginUser('hasnopassword', 'doesntmatter', (err, data) => {
-				assert.ifError(err);
-				assert.equal(data.res.statusCode, 403);
-				assert.equal(data.body, '[[error:invalid-login-credentials]]');
-				done();
-			});
-		});
+	it('should fail to login if user does not have password field in db', async () => {
+		await user.create({ username: 'hasnopassword', email: 'no@pass.org' });
+		const { res, body } = await helpers.loginUser('hasnopassword', 'doesntmatter');
+		assert.equal(res.statusCode, 403);
+		assert.equal(body, '[[error:invalid-login-credentials]]');
 	});
 
-	it('should fail to login if password is longer than 4096', (done) => {
+	it('should fail to login if password is longer than 4096', async () => {
 		let longPassword;
 		for (let i = 0; i < 5000; i++) {
 			longPassword += 'a';
 		}
-		helpers.loginUser('someuser', longPassword, (err, data) => {
-			assert.ifError(err);
-			assert.equal(data.res.statusCode, 403);
-			assert.equal(data.body, '[[error:password-too-long]]');
-			done();
-		});
+		const { res, body } = await helpers.loginUser('someuser', longPassword);
+		assert.equal(res.statusCode, 403);
+		assert.equal(body, '[[error:password-too-long]]');
 	});
 
-	it('should fail to login if local login is disabled', (done) => {
-		privileges.global.rescind(['groups:local:login'], 'registered-users', (err) => {
-			assert.ifError(err);
-			helpers.loginUser('regular', 'regularpwd', (err, data) => {
-				assert.ifError(err);
-				assert.equal(data.res.statusCode, 403);
-				assert.equal(data.body, '[[error:local-login-disabled]]');
-				privileges.global.give(['groups:local:login'], 'registered-users', done);
-			});
-		});
+	it('should fail to login if local login is disabled', async () => {
+		await privileges.global.rescind(['groups:local:login'], 'registered-users');
+		const { res, body } = await helpers.loginUser('regular', 'regularpwd');
+		assert.equal(res.statusCode, 403);
+		assert.equal(body, '[[error:local-login-disabled]]');
+		await privileges.global.give(['groups:local:login'], 'registered-users');
 	});
 
 	it('should fail to register if registraton is disabled', (done) => {
@@ -396,15 +366,12 @@ describe('authentication', () => {
 		assert.equal(res.statusCode, 200);
 	});
 
-	it('should fail to login if login type is username and an email is sent', (done) => {
+	it('should fail to login if login type is username and an email is sent', async () => {
 		meta.config.allowLoginWith = 'username';
-		helpers.loginUser('ginger@nodebb.org', '123456', (err, data) => {
-			meta.config.allowLoginWith = 'username-email';
-			assert.ifError(err);
-			assert.equal(data.res.statusCode, 400);
-			assert.equal(data.body, '[[error:wrong-login-type-username]]');
-			done();
-		});
+		const { res, body } = await helpers.loginUser('ginger@nodebb.org', '123456');
+		meta.config.allowLoginWith = 'username-email';
+		assert.equal(res.statusCode, 400);
+		assert.equal(body, '[[error:wrong-login-type-username]]');
 	});
 
 	it('should send 200 if not logged in', (done) => {
@@ -443,37 +410,26 @@ describe('authentication', () => {
 			bannedUser.uid = await user.create({ username: 'banme', password: '123456', email: 'ban@me.com' });
 		});
 
-		it('should prevent banned user from logging in', (done) => {
-			user.bans.ban(bannedUser.uid, 0, 'spammer', (err) => {
-				assert.ifError(err);
-				helpers.loginUser(bannedUser.username, bannedUser.pw, (err, data) => {
-					assert.ifError(err);
-					assert.equal(data.res.statusCode, 403);
-					delete data.body.timestamp;
-					assert.deepStrictEqual(data.body, {
-						banned_until: 0,
-						banned_until_readable: '',
-						expiry: 0,
-						expiry_readable: '',
-						reason: 'spammer',
-						uid: bannedUser.uid,
-					});
-					user.bans.unban(bannedUser.uid, (err) => {
-						assert.ifError(err);
-						const expiry = Date.now() + 10000;
-						user.bans.ban(bannedUser.uid, expiry, '', (err) => {
-							assert.ifError(err);
-							helpers.loginUser(bannedUser.username, bannedUser.pw, (err, data) => {
-								assert.ifError(err);
-								assert.equal(data.res.statusCode, 403);
-								assert(data.body.banned_until);
-								assert(data.body.reason, '[[user:info.banned-no-reason]]');
-								done();
-							});
-						});
-					});
-				});
+		it('should prevent banned user from logging in', async () => {
+			await user.bans.ban(bannedUser.uid, 0, 'spammer');
+			const { res: res1, body: body1 } = await helpers.loginUser(bannedUser.username, bannedUser.pw);
+			assert.equal(res1.statusCode, 403);
+			delete body1.timestamp;
+			assert.deepStrictEqual(body1, {
+				banned_until: 0,
+				banned_until_readable: '',
+				expiry: 0,
+				expiry_readable: '',
+				reason: 'spammer',
+				uid: bannedUser.uid,
 			});
+			await user.bans.unban(bannedUser.uid);
+			const expiry = Date.now() + 10000;
+			await user.bans.ban(bannedUser.uid, expiry, '');
+			const { res: res2, body: body2 } = await helpers.loginUser(bannedUser.username, bannedUser.pw);
+			assert.equal(res2.statusCode, 403);
+			assert(body2.banned_until);
+			assert(body2.reason, '[[user:info.banned-no-reason]]');
 		});
 
 		it('should allow banned user to log in if the "banned-users" group has "local-login" privilege', async () => {
@@ -497,24 +453,18 @@ describe('authentication', () => {
 			function (next) {
 				user.create({ username: 'lockme', password: '123456' }, next);
 			},
-			function (_uid, next) {
+			async (_uid) => {
 				uid = _uid;
-				helpers.loginUser('lockme', 'abcdef', next);
+				return helpers.loginUser('lockme', 'abcdef');
 			},
-			function (data, next) {
-				helpers.loginUser('lockme', 'abcdef', next);
-			},
-			function (data, next) {
-				helpers.loginUser('lockme', 'abcdef', next);
-			},
-			function (data, next) {
-				helpers.loginUser('lockme', 'abcdef', next);
-			},
-			function (data, next) {
+			async data => helpers.loginUser('lockme', 'abcdef'),
+			async data => helpers.loginUser('lockme', 'abcdef'),
+			async data => helpers.loginUser('lockme', 'abcdef'),
+			async (data) => {
 				meta.config.loginAttempts = 5;
 				assert.equal(data.res.statusCode, 403);
 				assert.equal(data.body, '[[error:account-locked]]');
-				helpers.loginUser('lockme', 'abcdef', next);
+				return helpers.loginUser('lockme', 'abcdef');
 			},
 			function (data, next) {
 				assert.equal(data.res.statusCode, 403);
diff --git a/test/controllers-admin.js b/test/controllers-admin.js
index c53f3ce3e3..73fc73089b 100644
--- a/test/controllers-admin.js
+++ b/test/controllers-admin.js
@@ -4,6 +4,7 @@ const async = require('async');
 const assert = require('assert');
 const nconf = require('nconf');
 const request = require('request');
+const requestAsync = require('request-promise-native');
 
 const db = require('./mocks/databasemock');
 const categories = require('../src/categories');
@@ -65,17 +66,16 @@ describe('Admin Controllers', () => {
 		});
 	});
 
-	it('should 403 if user is not admin', (done) => {
-		helpers.loginUser('admin', 'barbar', (err, data) => {
-			assert.ifError(err);
-			jar = data.jar;
-			request(`${nconf.get('url')}/admin`, { jar: jar }, (err, res, body) => {
-				assert.ifError(err);
-				assert.equal(res.statusCode, 403);
-				assert(body);
-				done();
-			});
+	it('should 403 if user is not admin', async () => {
+		({ jar } = await helpers.loginUser('admin', 'barbar'));
+		const { statusCode, body } = await requestAsync(`${nconf.get('url')}/admin`, {
+			jar: jar,
+			simple: false,
+			resolveWithFullResponse: true,
 		});
+
+		assert.equal(statusCode, 403);
+		assert(body);
 	});
 
 	it('should load admin dashboard', (done) => {
diff --git a/test/controllers.js b/test/controllers.js
index cf557a30d2..153abae76b 100644
--- a/test/controllers.js
+++ b/test/controllers.js
@@ -7,6 +7,9 @@ const request = require('request');
 const requestAsync = require('request-promise-native');
 const fs = require('fs');
 const path = require('path');
+const util = require('util');
+
+const sleep = util.promisify(setTimeout);
 
 const db = require('./mocks/databasemock');
 const categories = require('../src/categories');
@@ -1621,23 +1624,13 @@ describe('Controllers', () => {
 			});
 		});
 
-		it('should return false if user can not edit user', (done) => {
-			user.create({ username: 'regularJoe', password: 'barbar' }, (err) => {
-				assert.ifError(err);
-				helpers.loginUser('regularJoe', 'barbar', (err, data) => {
-					assert.ifError(err);
-					const { jar } = data;
-					request(`${nconf.get('url')}/api/user/foo/info`, { jar: jar, json: true }, (err, res) => {
-						assert.ifError(err);
-						assert.equal(res.statusCode, 403);
-						request(`${nconf.get('url')}/api/user/foo/edit`, { jar: jar, json: true }, (err, res) => {
-							assert.ifError(err);
-							assert.equal(res.statusCode, 403);
-							done();
-						});
-					});
-				});
-			});
+		it('should return false if user can not edit user', async () => {
+			await user.create({ username: 'regularJoe', password: 'barbar' });
+			const { jar } = await helpers.loginUser('regularJoe', 'barbar');
+			let { statusCode } = await requestAsync(`${nconf.get('url')}/api/user/foo/info`, { jar: jar, json: true, simple: false, resolveWithFullResponse: true });
+			assert.equal(statusCode, 403);
+			({ statusCode } = await requestAsync(`${nconf.get('url')}/api/user/foo/edit`, { jar: jar, json: true, simple: false, resolveWithFullResponse: true }));
+			assert.equal(statusCode, 403);
 		});
 
 		it('should load correct user', (done) => {
@@ -1693,22 +1686,18 @@ describe('Controllers', () => {
 			});
 		});
 
-		it('should increase profile view', (done) => {
-			helpers.loginUser('regularJoe', 'barbar', (err, data) => {
-				assert.ifError(err);
-				const { jar } = data;
-				request(`${nconf.get('url')}/api/user/foo`, { jar: jar }, (err, res) => {
-					assert.ifError(err);
-					assert.equal(res.statusCode, 200);
-					setTimeout(() => {
-						user.getUserField(fooUid, 'profileviews', (err, viewcount) => {
-							assert.ifError(err);
-							assert(viewcount > 0);
-							done();
-						});
-					}, 500);
-				});
+		it('should increase profile view', async () => {
+			const { jar } = await helpers.loginUser('regularJoe', 'barbar');
+			const { statusCode } = await requestAsync(`${nconf.get('url')}/api/user/foo`, {
+				jar: jar,
+				simple: false,
+				resolveWithFullResponse: true,
 			});
+			assert.equal(statusCode, 200);
+
+			await sleep(500);
+			const viewcount = await user.getUserField(fooUid, 'profileviews');
+			assert(viewcount > 0);
 		});
 
 		it('should parse about me', (done) => {
diff --git a/test/helpers/index.js b/test/helpers/index.js
index 6ca11e9252..90323c856d 100644
--- a/test/helpers/index.js
+++ b/test/helpers/index.js
@@ -40,37 +40,38 @@ helpers.request = async function (method, uri, options) {
 	});
 };
 
-helpers.loginUser = function (username, password, callback) {
+helpers.loginUser = async (username, password, payload = {}) => {
 	const jar = request.jar();
+	const form = { username, password, ...payload };
 
-	request({
+	const { statusCode, body: configBody } = await requestAsync({
 		url: `${nconf.get('url')}/api/config`,
 		json: true,
 		jar: jar,
-	}, (err, res, body) => {
-		if (err || res.statusCode !== 200) {
-			return callback(err || new Error('[[error:invalid-response]]'));
-		}
-		const { csrf_token } = body;
-		request.post(`${nconf.get('url')}/login`, {
-			form: {
-				username: username,
-				password: password,
-			},
-			json: true,
-			jar: jar,
-			headers: {
-				'x-csrf-token': csrf_token,
-			},
-		}, (err, res, body) => {
-			if (err) {
-				return callback(err || new Error('[[error:invalid-response]]'));
-			}
-			callback(null, { jar, res, body, csrf_token: csrf_token });
-		});
+		followRedirect: false,
+		simple: false,
+		resolveWithFullResponse: true,
 	});
-};
 
+	if (statusCode !== 200) {
+		throw new Error('[[error:invalid-response]]');
+	}
+
+	const { csrf_token } = configBody;
+	const res = await requestAsync.post(`${nconf.get('url')}/login`, {
+		form,
+		json: true,
+		jar: jar,
+		followRedirect: false,
+		simple: false,
+		resolveWithFullResponse: true,
+		headers: {
+			'x-csrf-token': csrf_token,
+		},
+	});
+
+	return { jar, res, body: res.body, csrf_token: csrf_token };
+};
 
 helpers.logoutUser = function (jar, callback) {
 	request({
diff --git a/test/messaging.js b/test/messaging.js
index 6c201a3fa9..1095fb8568 100644
--- a/test/messaging.js
+++ b/test/messaging.js
@@ -67,10 +67,10 @@ describe('Messaging Library', () => {
 		await Groups.join('administrators', mocks.users.foo.uid);
 		await User.setSetting(mocks.users.baz.uid, 'restrictChat', '1');
 
-		({ jar: mocks.users.foo.jar, csrf_token: mocks.users.foo.csrf } = await util.promisify(helpers.loginUser)('foo', 'barbar'));
-		({ jar: mocks.users.bar.jar, csrf_token: mocks.users.bar.csrf } = await util.promisify(helpers.loginUser)('bar', 'bazbaz'));
-		({ jar: mocks.users.baz.jar, csrf_token: mocks.users.baz.csrf } = await util.promisify(helpers.loginUser)('baz', 'quuxquux'));
-		({ jar: mocks.users.herp.jar, csrf_token: mocks.users.herp.csrf } = await util.promisify(helpers.loginUser)('herp', 'derpderp'));
+		({ jar: mocks.users.foo.jar, csrf_token: mocks.users.foo.csrf } = await helpers.loginUser('foo', 'barbar'));
+		({ jar: mocks.users.bar.jar, csrf_token: mocks.users.bar.csrf } = await helpers.loginUser('bar', 'bazbaz'));
+		({ jar: mocks.users.baz.jar, csrf_token: mocks.users.baz.csrf } = await helpers.loginUser('baz', 'quuxquux'));
+		({ jar: mocks.users.herp.jar, csrf_token: mocks.users.herp.csrf } = await helpers.loginUser('herp', 'derpderp'));
 
 		chatMessageDelay = meta.config.chatMessageDelay;
 		meta.config.chatMessageDelay = 0;
@@ -277,7 +277,7 @@ describe('Messaging Library', () => {
 
 		it('should change owner if owner is deleted', async () => {
 			const sender = await User.create({ username: 'deleted_chat_user', password: 'barbar' });
-			const { jar: senderJar, csrf_token: senderCsrf } = await util.promisify(helpers.loginUser)('deleted_chat_user', 'barbar');
+			const { jar: senderJar, csrf_token: senderCsrf } = await helpers.loginUser('deleted_chat_user', 'barbar');
 
 			const receiver = await User.create({ username: 'receiver' });
 			const { response } = await request(`${nconf.get('url')}/api/v3/chats`, {
@@ -851,7 +851,7 @@ describe('Messaging Library', () => {
 		});
 
 		it('should return 404 if user is not in room', async () => {
-			const data = await util.promisify(helpers.loginUser)('baz', 'quuxquux');
+			const data = await helpers.loginUser('baz', 'quuxquux');
 			const response = await request(`${nconf.get('url')}/api/user/baz/chats/${roomId}`, {
 				resolveWithFullResponse: true,
 				simple: false,
diff --git a/test/posts.js b/test/posts.js
index f40af0c0d8..344ad9990c 100644
--- a/test/posts.js
+++ b/test/posts.js
@@ -3,7 +3,7 @@
 
 const assert = require('assert');
 const async = require('async');
-const request = require('request');
+const request = require('request-promise-native');
 const nconf = require('nconf');
 const path = require('path');
 const util = require('util');
@@ -77,13 +77,7 @@ describe('Post\'s', () => {
 	});
 
 	it('should update category teaser properly', async () => {
-		const util = require('util');
-		const getCategoriesAsync = util.promisify(async (callback) => {
-			request(`${nconf.get('url')}/api/categories`, { json: true }, (err, res, body) => {
-				callback(err, body);
-			});
-		});
-
+		const getCategoriesAsync = async () => await request(`${nconf.get('url')}/api/categories`, { json: true });
 		const postResult = await topics.post({ uid: globalModUid, cid: cid, title: 'topic title', content: '123456789' });
 
 		let data = await getCategoriesAsync();
@@ -378,15 +372,11 @@ describe('Post\'s', () => {
 				function (next) {
 					privileges.categories.rescind(['groups:posts:view_deleted'], cid, 'Global Moderators', next);
 				},
-				function (next) {
-					helpers.loginUser('global mod', '123456', (err, data) => {
-						assert.ifError(err);
-						request(`${nconf.get('url')}/api/topic/${tid}`, { jar: data.jar, json: true }, (err, res, body) => {
-							assert.ifError(err);
-							assert.equal(body.posts[1].content, '[[topic:post_is_deleted]]');
-							privileges.categories.give(['groups:posts:view_deleted'], cid, 'Global Moderators', next);
-						});
-					});
+				async () => {
+					const { jar } = await helpers.loginUser('global mod', '123456');
+					const { posts } = await request(`${nconf.get('url')}/api/topic/${tid}`, { jar, json: true });
+					assert.equal(posts[1].content, '[[topic:post_is_deleted]]');
+					await privileges.categories.give(['groups:posts:view_deleted'], cid, 'Global Moderators');
 				},
 			], done);
 		});
@@ -996,19 +986,13 @@ describe('Post\'s', () => {
 			queueId = result.id;
 		});
 
-		it('should load queued posts', (done) => {
-			helpers.loginUser('globalmod', 'globalmodpwd', (err, data) => {
-				jar = data.jar;
-				assert.ifError(err);
-				request(`${nconf.get('url')}/api/post-queue`, { jar: jar, json: true }, (err, res, body) => {
-					assert.ifError(err);
-					assert.equal(body.posts[0].type, 'topic');
-					assert.equal(body.posts[0].data.content, 'queued topic content');
-					assert.equal(body.posts[1].type, 'reply');
-					assert.equal(body.posts[1].data.content, 'this is a queued reply');
-					done();
-				});
-			});
+		it('should load queued posts', async () => {
+			({ jar } = await helpers.loginUser('globalmod', 'globalmodpwd'));
+			const { posts } = await request(`${nconf.get('url')}/api/post-queue`, { jar: jar, json: true });
+			assert.equal(posts[0].type, 'topic');
+			assert.equal(posts[0].data.content, 'queued topic content');
+			assert.equal(posts[1].type, 'reply');
+			assert.equal(posts[1].data.content, 'this is a queued reply');
 		});
 
 		it('should error if data is invalid', (done) => {
@@ -1018,43 +1002,26 @@ describe('Post\'s', () => {
 			});
 		});
 
-		it('should edit post in queue', (done) => {
-			socketPosts.editQueuedContent({ uid: globalModUid }, { id: queueId, content: 'newContent' }, (err) => {
-				assert.ifError(err);
-				request(`${nconf.get('url')}/api/post-queue`, { jar: jar, json: true }, (err, res, body) => {
-					assert.ifError(err);
-					assert.equal(body.posts[1].type, 'reply');
-					assert.equal(body.posts[1].data.content, 'newContent');
-					done();
-				});
-			});
+		it('should edit post in queue', async () => {
+			await socketPosts.editQueuedContent({ uid: globalModUid }, { id: queueId, content: 'newContent' });
+			const { posts } = await request(`${nconf.get('url')}/api/post-queue`, { jar: jar, json: true });
+			assert.equal(posts[1].type, 'reply');
+			assert.equal(posts[1].data.content, 'newContent');
 		});
 
-		it('should edit topic title in queue', (done) => {
-			socketPosts.editQueuedContent({ uid: globalModUid }, { id: topicQueueId, title: 'new topic title' }, (err) => {
-				assert.ifError(err);
-				request(`${nconf.get('url')}/api/post-queue`, { jar: jar, json: true }, (err, res, body) => {
-					assert.ifError(err);
-					assert.equal(body.posts[0].type, 'topic');
-					assert.equal(body.posts[0].data.title, 'new topic title');
-					done();
-				});
-			});
+		it('should edit topic title in queue', async () => {
+			await socketPosts.editQueuedContent({ uid: globalModUid }, { id: topicQueueId, title: 'new topic title' });
+			const { posts } = await request(`${nconf.get('url')}/api/post-queue`, { jar: jar, json: true });
+			assert.equal(posts[0].type, 'topic');
+			assert.equal(posts[0].data.title, 'new topic title');
 		});
 
-		it('should edit topic category in queue', (done) => {
-			socketPosts.editQueuedContent({ uid: globalModUid }, { id: topicQueueId, cid: 2 }, (err) => {
-				assert.ifError(err);
-				request(`${nconf.get('url')}/api/post-queue`, { jar: jar, json: true }, (err, res, body) => {
-					assert.ifError(err);
-					assert.equal(body.posts[0].type, 'topic');
-					assert.equal(body.posts[0].data.cid, 2);
-					socketPosts.editQueuedContent({ uid: globalModUid }, { id: topicQueueId, cid: cid }, (err) => {
-						assert.ifError(err);
-						done();
-					});
-				});
-			});
+		it('should edit topic category in queue', async () => {
+			await socketPosts.editQueuedContent({ uid: globalModUid }, { id: topicQueueId, cid: 2 });
+			const { posts } = await request(`${nconf.get('url')}/api/post-queue`, { jar: jar, json: true });
+			assert.equal(posts[0].type, 'topic');
+			assert.equal(posts[0].data.cid, 2);
+			await socketPosts.editQueuedContent({ uid: globalModUid }, { id: topicQueueId, cid: cid });
 		});
 
 		it('should prevent regular users from approving posts', (done) => {
diff --git a/test/user.js b/test/user.js
index cb02df20a1..d33ce0538e 100644
--- a/test/user.js
+++ b/test/user.js
@@ -1925,25 +1925,18 @@ describe('User', () => {
 			done();
 		});
 
-		it('should add user to approval queue', (done) => {
-			helpers.registerUser({
+		it('should add user to approval queue', async () => {
+			await helpers.registerUser({
 				username: 'rejectme',
 				password: '123456',
 				'password-confirm': '123456',
 				email: '<script>alert("ok")<script>reject@me.com',
 				gdpr_consent: true,
-			}, (err) => {
-				assert.ifError(err);
-				helpers.loginUser('admin', '123456', (err, data) => {
-					assert.ifError(err);
-					request(`${nconf.get('url')}/api/admin/manage/registration`, { jar: data.jar, json: true }, (err, res, body) => {
-						assert.ifError(err);
-						assert.equal(body.users[0].username, 'rejectme');
-						assert.equal(body.users[0].email, '&lt;script&gt;alert(&quot;ok&quot;)&lt;script&gt;reject@me.com');
-						done();
-					});
-				});
 			});
+			const { jar } = await helpers.loginUser('admin', '123456');
+			const { users } = await requestAsync(`${nconf.get('url')}/api/admin/manage/registration`, { jar, json: true });
+			assert.equal(users[0].username, 'rejectme');
+			assert.equal(users[0].email, '&lt;script&gt;alert(&quot;ok&quot;)&lt;script&gt;reject@me.com');
 		});
 
 		it('should fail to add user to queue if username is taken', (done) => {
@@ -2066,21 +2059,8 @@ describe('User', () => {
 			let csrf_token;
 			let jar;
 
-			before((done) => {
-				helpers.loginUser('notAnInviter', COMMON_PW, (err, data) => {
-					assert.ifError(err);
-					jar = data.jar;
-
-					request({
-						url: `${nconf.get('url')}/api/config`,
-						json: true,
-						jar: jar,
-					}, (err, response, body) => {
-						assert.ifError(err);
-						csrf_token = body.csrf_token;
-						done();
-					});
-				});
+			before(async () => {
+				({ jar, csrf_token } = await helpers.loginUser('notAnInviter', COMMON_PW));
 			});
 
 			it('should error if user does not have invite privilege', async () => {
@@ -2102,21 +2082,8 @@ describe('User', () => {
 			let csrf_token;
 			let jar;
 
-			before((done) => {
-				helpers.loginUser('inviter', COMMON_PW, (err, data) => {
-					assert.ifError(err);
-					jar = data.jar;
-
-					request({
-						url: `${nconf.get('url')}/api/config`,
-						json: true,
-						jar: jar,
-					}, (err, response, body) => {
-						assert.ifError(err);
-						csrf_token = body.csrf_token;
-						done();
-					});
-				});
+			before(async () => {
+				({ jar, csrf_token } = await helpers.loginUser('inviter', COMMON_PW));
 			});
 
 			it('should error with invalid data', async () => {
@@ -2204,21 +2171,8 @@ describe('User', () => {
 			let csrf_token;
 			let jar;
 
-			before((done) => {
-				helpers.loginUser('adminInvite', COMMON_PW, (err, data) => {
-					assert.ifError(err);
-					jar = data.jar;
-
-					request({
-						url: `${nconf.get('url')}/api/config`,
-						json: true,
-						jar: jar,
-					}, (err, response, body) => {
-						assert.ifError(err);
-						csrf_token = body.csrf_token;
-						done();
-					});
-				});
+			before(async () => {
+				({ jar, csrf_token } = await helpers.loginUser('adminInvite', COMMON_PW));
 			});
 
 			it('should escape email', async () => {
@@ -2355,21 +2309,8 @@ describe('User', () => {
 			let csrf_token;
 			let jar;
 
-			before((done) => {
-				helpers.loginUser('inviter', COMMON_PW, (err, data) => {
-					assert.ifError(err);
-					jar = data.jar;
-
-					request({
-						url: `${nconf.get('url')}/api/config`,
-						json: true,
-						jar: jar,
-					}, (err, response, body) => {
-						assert.ifError(err);
-						csrf_token = body.csrf_token;
-						done();
-					});
-				});
+			before(async () => {
+				({ jar, csrf_token } = await helpers.loginUser('inviter', COMMON_PW));
 			});
 
 			it('should show a list of groups for adding to an invite', async () => {
@@ -2948,17 +2889,12 @@ describe('User', () => {
 		});
 	});
 
-	it('should allow user to login even if password is weak', (done) => {
-		User.create({ username: 'weakpwd', password: '123456' }, (err) => {
-			assert.ifError(err);
-			const oldValue = meta.config.minimumPasswordStrength;
-			meta.config.minimumPasswordStrength = 3;
-			helpers.loginUser('weakpwd', '123456', (err) => {
-				assert.ifError(err);
-				meta.config.minimumPasswordStrength = oldValue;
-				done();
-			});
-		});
+	it('should allow user to login even if password is weak', async () => {
+		await User.create({ username: 'weakpwd', password: '123456' });
+		const oldValue = meta.config.minimumPasswordStrength;
+		meta.config.minimumPasswordStrength = 3;
+		await helpers.loginUser('weakpwd', '123456');
+		meta.config.minimumPasswordStrength = oldValue;
 	});
 
 	describe('User\'s', async () => {
diff --git a/test/user/emails.js b/test/user/emails.js
index f413a51283..adf30b1d08 100644
--- a/test/user/emails.js
+++ b/test/user/emails.js
@@ -150,7 +150,6 @@ describe('email confirmation (v3 api)', () => {
 			resolve({ jar, response, body });
 		});
 	});
-	const login = util.promisify(helpers.loginUser);
 
 	before(async () => {
 		// If you're running this file directly, uncomment these lines
@@ -219,7 +218,7 @@ describe('email confirmation (v3 api)', () => {
 	it('should still confirm the email (as email is set in user hash)', async () => {
 		await user.email.remove(userObj.uid);
 		await user.setUserField(userObj.uid, 'email', 'test@example.org');
-		({ jar } = await login('email-test', 'abcdef')); // email removal logs out everybody
+		({ jar } = await helpers.loginUser('email-test', 'abcdef')); // email removal logs out everybody
 		await groups.join('administrators', userObj.uid);
 
 		const { res, body } = await helpers.request('post', `/api/v3/users/${userObj.uid}/emails/${encodeURIComponent('test@example.org')}/confirm`, {