It looks like you’re wiring up an integration test for Accounts.resetPassword. How are you getting your tokenId, and are you sure it’s valid? It would need to be extracted from the password reset email sent to the user. For an example of how this can work, take a look at the accounts-password reset password flow tinytest (shows you how you can send and capture a password reset email, and extract the password reset token):
It’s not mocha based, but the idea is still the same. That being said, you might want to just unit test your use of Accounts.resetPassword; mock it out and just verify that your code is calling it (since Meteor is already integration testing Accounts.resetPassword).