Server improves:

* Server: improved messages on register/reset dialogs;
* Tests: added database compatible tests on new code or libs (auth db);

Mage.Server/src/main/java/mage/server/MageServerImpl.java

@@ -83,15 +83,17 @@ public class MageServerImpl implements MageServer {
     @Override
     public boolean emailAuthToken(String sessionId, String email) throws MageException {
         if (!managerFactory.configSettings().isAuthenticationActivated()) {
-            sendErrorMessageToClient(sessionId, "Registration is disabled by the server config");
+            sendErrorMessageToClient(sessionId, Session.REGISTRATION_DISABLED_MESSAGE);
             return false;
         }
-        AuthorizedUser authorizedUser = AuthorizedUserRepository.instance.getByEmail(email);
+
+        AuthorizedUser authorizedUser = AuthorizedUserRepository.getInstance().getByEmail(email);
         if (authorizedUser == null) {
             sendErrorMessageToClient(sessionId, "No user was found with the email address " + email);
             logger.info("Auth token is requested for " + email + " but there's no such user in DB");
             return false;
         }
+
         String authToken = generateAuthToken();
         activeAuthTokens.put(email, authToken);
         String subject = "XMage Password Reset Auth Token";
@@ -113,23 +115,31 @@ public class MageServerImpl implements MageServer {
     @Override
     public boolean resetPassword(String sessionId, String email, String authToken, String password) throws MageException {
         if (!managerFactory.configSettings().isAuthenticationActivated()) {
-            sendErrorMessageToClient(sessionId, "Registration is disabled by the server config");
+            sendErrorMessageToClient(sessionId, Session.REGISTRATION_DISABLED_MESSAGE);
             return false;
         }
+
+        // multi-step reset:
+        // - send auth token
+        // - check auth token to confirm reset
+
         String storedAuthToken = activeAuthTokens.get(email);
         if (storedAuthToken == null || !storedAuthToken.equals(authToken)) {
             sendErrorMessageToClient(sessionId, "Invalid auth token");
             logger.info("Invalid auth token " + authToken + " is sent for " + email);
             return false;
         }
-        AuthorizedUser authorizedUser = AuthorizedUserRepository.instance.getByEmail(email);
+
+        AuthorizedUser authorizedUser = AuthorizedUserRepository.getInstance().getByEmail(email);
         if (authorizedUser == null) {
-            sendErrorMessageToClient(sessionId, "The user is no longer in the DB");
+            sendErrorMessageToClient(sessionId, "User with that email doesn't exists");
             logger.info("Auth token is valid, but the user with email address " + email + " is no longer in the DB");
             return false;
         }
-        AuthorizedUserRepository.instance.remove(authorizedUser.getName());
-        AuthorizedUserRepository.instance.add(authorizedUser.getName(), password, email);
+
+        // recreate user with new password
+        AuthorizedUserRepository.getInstance().remove(authorizedUser.getName());
+        AuthorizedUserRepository.getInstance().add(authorizedUser.getName(), password, email);
         activeAuthTokens.remove(email);
         return true;
     }
@@ -1042,7 +1052,7 @@ public class MageServerImpl implements MageServer {
     @Override
     public void setActivation(final String sessionId, final String userName, boolean active) throws MageException {
         execute("setActivation", sessionId, () -> {
-            AuthorizedUser authorizedUser = AuthorizedUserRepository.instance.getByName(userName);
+            AuthorizedUser authorizedUser = AuthorizedUserRepository.getInstance().getByName(userName);
             Optional<User> u = managerFactory.userManager().getUserByName(userName);
             if (u.isPresent()) {
                 User user = u.get();