verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
loopback/test/user.test.js

588 lines
18 KiB
JavaScript
Raw Normal View History

Fix user test race condition
2014-01-23 22:39:15 +00:00
var User;
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
var AccessToken = loopback.AccessToken;
Refactor email model into mail connector
2013-10-12 02:06:16 +00:00
var MailConnector = require('../lib/connectors/mail');
Initial users
2013-07-02 23:51:38 +00:00
rename asteroid to loopback
2013-07-16 17:49:25 +00:00
var userMemory = loopback.createDataSource({
Make sure User/AccessToken relations are set up by default User.login assumes the relation User.accessTokens exists
2014-02-14 18:31:30 +00:00
connector: 'memory'
Add basic email verification
2013-07-03 05:37:31 +00:00
});
Remove data argument name from user tests
2013-07-15 17:56:42 +00:00
Initial users
2013-07-02 23:51:38 +00:00
describe('User', function(){
Add `include=user` param to `User.login` Allow LB clients to get details of the currently logged-in user as part of the login response. Improve method's `description` to mention this new option.
2014-01-30 13:33:45 +00:00
var validCredentials = {email: 'foo@bar.com', password: 'bar'};
Add an option to honor emailVerified See https://github.com/strongloop/loopback/pull/215
2014-07-07 21:09:45 +00:00
var validCredentialsEmailVerified = {email: 'foo1@bar.com', password: 'bar1', emailVerified: true};
var validCredentialsEmailVerifiedOverREST = {email: 'foo2@bar.com', password: 'bar2', emailVerified: true};
Allow the creation of access token to be overriden
2014-06-06 21:30:18 +00:00
var validCredentialsWithTTL = {email: 'foo@bar.com', password: 'bar', ttl: 3600};
Set the correct status code for User.login See https://github.com/strongloop/loopback/issues/118
2014-02-28 21:19:52 +00:00
var invalidCredentials = {email: 'foo1@bar.com', password: 'bar1'};
var incompleteCredentials = {password: 'bar1'};
Fix user test race condition
2014-01-23 22:39:15 +00:00
beforeEach(function() {
User = loopback.User.extend('user');
User.email = loopback.Email.extend('email');
loopback.autoAttach();
Make sure User/AccessToken relations are set up by default User.login assumes the relation User.accessTokens exists
2014-02-14 18:31:30 +00:00
// Update the AccessToken relation to use the subclass of User
AccessToken.belongsTo(User);
Initial users
2013-07-02 23:51:38 +00:00
Fix user test race condition
2014-01-23 22:39:15 +00:00
// allow many User.afterRemote's to be called
User.setMaxListeners(0);
Make sure User/AccessToken relations are set up by default User.login assumes the relation User.accessTokens exists
2014-02-14 18:31:30 +00:00
Debugging odd defineFK behavior
2013-11-19 18:29:02 +00:00
});
Initial auto wiring for model dataSources
2013-11-19 00:13:40 +00:00
Initial users
2013-07-02 23:51:38 +00:00
beforeEach(function (done) {
fixup - Include accessToken in user logout tests
2013-12-18 05:34:30 +00:00
app.use(loopback.token());
rename asteroid to loopback
2013-07-16 17:49:25 +00:00
app.use(loopback.rest());
Fix login bug.
2013-07-16 01:22:33 +00:00
app.model(User);
Initial users
2013-07-02 23:51:38 +00:00
Add an option to honor emailVerified See https://github.com/strongloop/loopback/pull/215
2014-07-07 21:09:45 +00:00
User.create(validCredentials, function(err, user) {
User.create(validCredentialsEmailVerified, done);
});
Initial users
2013-07-02 23:51:38 +00:00
});
Add basic email verification
2013-07-03 05:37:31 +00:00
afterEach(function (done) {
Fix login bug.
2013-07-16 01:22:33 +00:00
User.destroyAll(function (err) {
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
User.accessToken.destroyAll(done);
Validate uniqueness and format of User email.
2013-07-13 00:03:13 +00:00
});
});
describe('User.create', function(){
Cleanup test markdown
2013-07-16 20:41:17 +00:00
it('Create a new user', function(done) {
Implement required and update invlaid id schemas
2013-07-28 20:20:55 +00:00
User.create({email: 'f@b.com', password: 'bar'}, function (err, user) {
Validate uniqueness and format of User email.
2013-07-13 00:03:13 +00:00
assert(!err);
assert(user.id);
assert(user.email);
done();
});
});
Fix the test assertion as the error message is changed.
2013-12-04 22:41:25 +00:00
Add a test case for credentials/challenges
2014-07-15 15:20:47 +00:00
it('credentials/challenges are object types', function (done) {
User.create({email: 'f1@b.com', password: 'bar1',
credentials: {cert: 'xxxxx', key: '111'},
challenges: {x: 'X', a: 1}
}, function (err, user) {
assert(!err);
User.findById(user.id, function (err, user) {
assert(user.id);
assert(user.email);
assert.deepEqual(user.credentials, {cert: 'xxxxx', key: '111'});
assert.deepEqual(user.challenges, {x: 'X', a: 1});
done();
});
});
});
Fix the test assertion as the error message is changed.
2013-12-04 22:41:25 +00:00
it('Email is required', function (done) {
Implement required and update invlaid id schemas
2013-07-28 20:20:55 +00:00
User.create({password: '123'}, function (err) {
Relax validation object test
2014-05-20 21:39:28 +00:00
assert(err);
assert.equal(err.name, "ValidationError");
assert.equal(err.statusCode, 422);
assert.equal(err.details.context, "user");
assert.deepEqual(err.details.codes.email, [
'presence',
Upgrade to loopback-datasource-juggler@1.7.0
2014-07-15 23:15:02 +00:00
'format.blank'
Relax validation object test
2014-05-20 21:39:28 +00:00
]);
Fix the test assertion as the error message is changed.
2013-12-04 22:41:25 +00:00
Implement required and update invlaid id schemas
2013-07-28 20:20:55 +00:00
done();
});
});
// will change in future versions where password will be optional by default
it('Password is required', function(done) {
var u = new User({email: "123@456.com"});
User.create({email: 'c@d.com'}, function (err) {
assert(err);
done();
});
});
Cleanup test markdown
2013-07-16 20:41:17 +00:00
it('Requires a valid email', function(done) {
Implement required and update invlaid id schemas
2013-07-28 20:20:55 +00:00
User.create({email: 'foo@', password: '123'}, function (err) {
Validate uniqueness and format of User email.
2013-07-13 00:03:13 +00:00
assert(err);
Implement required and update invlaid id schemas
2013-07-28 20:20:55 +00:00
done();
Validate uniqueness and format of User email.
2013-07-13 00:03:13 +00:00
});
});
Cleanup test markdown
2013-07-16 20:41:17 +00:00
it('Requires a unique email', function(done) {
Implement required and update invlaid id schemas
2013-07-28 20:20:55 +00:00
User.create({email: 'a@b.com', password: 'foobar'}, function () {
User.create({email: 'a@b.com', password: 'batbaz'}, function (err) {
Validate uniqueness and format of User email.
2013-07-13 00:03:13 +00:00
assert(err, 'should error because the email is not unique!');
done();
});
});
});
Validate username uniqueness Signed-off-by: Jaka Hudoklin <jakahudoklin@gmail.com>
2014-07-19 12:18:21 +00:00
it('Requires a unique username', function(done) {
User.create({email: 'a@b.com', username: 'abc', password: 'foobar'}, function () {
User.create({email: 'b@b.com', username: 'abc', password: 'batbaz'}, function (err) {
assert(err, 'should error because the username is not unique!');
done();
});
});
});
Validate uniqueness and format of User email.
2013-07-13 00:03:13 +00:00
Cleanup test markdown
2013-07-16 20:41:17 +00:00
it('Requires a password to login with basic auth', function(done) {
Validate uniqueness and format of User email.
2013-07-13 00:03:13 +00:00
User.create({email: 'b@c.com'}, function (err) {
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
User.login({email: 'b@c.com'}, function (err, accessToken) {
assert(!accessToken, 'should not create a accessToken without a valid password');
Validate uniqueness and format of User email.
2013-07-13 00:03:13 +00:00
assert(err, 'should not login without a password');
done();
});
});
});
Fix login bug.
2013-07-16 01:22:33 +00:00
Cleanup test markdown
2013-07-16 20:41:17 +00:00
it('Hashes the given password', function() {
Fix login bug.
2013-07-16 01:22:33 +00:00
var u = new User({username: 'foo', password: 'bar'});
assert(u.password !== 'bar');
});
Add an option to honor emailVerified See https://github.com/strongloop/loopback/pull/215
2014-07-07 21:09:45 +00:00
it('Create a user over REST should remove emailVerified property', function(done) {
request(app)
.post('/users')
.expect('Content-Type', /json/)
.expect(200)
.send(validCredentialsEmailVerifiedOverREST)
.end(function(err, res){
assert(!res.body.emailVerified);
done();
});
});
Add basic email verification
2013-07-03 05:37:31 +00:00
});
describe('User.login', function() {
Cleanup test markdown
2013-07-16 20:41:17 +00:00
it('Login a user by providing credentials', function(done) {
Add `include=user` param to `User.login` Allow LB clients to get details of the currently logged-in user as part of the login response. Improve method's `description` to mention this new option.
2014-01-30 13:33:45 +00:00
User.login(validCredentials, function (err, accessToken) {
Update AccessToken and User relationship - Add created default - Default TTLs for user login access tokens - Break out User / AccessToken relationship
2013-11-15 02:34:51 +00:00
assert(accessToken.userId);
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
assert(accessToken.id);
Add loopback.token() middleware
2013-11-14 21:01:47 +00:00
assert.equal(accessToken.id.length, 64);
Implement required and update invlaid id schemas
2013-07-28 20:20:55 +00:00
done();
});
});
Allow the creation of access token to be overriden
2014-06-06 21:30:18 +00:00
it('Login a user by providing credentials with TTL', function(done) {
User.login(validCredentialsWithTTL, function (err, accessToken) {
assert(accessToken.userId);
assert(accessToken.id);
assert.equal(accessToken.ttl, validCredentialsWithTTL.ttl);
assert.equal(accessToken.id.length, 64);
done();
});
});
it('Login a user using a custom createAccessToken', function(done) {
var createToken = User.prototype.createAccessToken; // Save the original method
// Override createAccessToken
User.prototype.createAccessToken = function(ttl, cb) {
// Reduce the ttl by half for testing purpose
this.accessTokens.create({ttl: ttl /2 }, cb);
};
User.login(validCredentialsWithTTL, function (err, accessToken) {
assert(accessToken.userId);
assert(accessToken.id);
assert.equal(accessToken.ttl, 1800);
assert.equal(accessToken.id.length, 64);
User.findById(accessToken.userId, function(err, user) {
user.createAccessToken(120, function (err, accessToken) {
assert(accessToken.userId);
assert(accessToken.id);
assert.equal(accessToken.ttl, 60);
assert.equal(accessToken.id.length, 64);
// Restore create access token
User.prototype.createAccessToken = createToken;
done();
});
});
});
});
Add an option to honor emailVerified See https://github.com/strongloop/loopback/pull/215
2014-07-07 21:09:45 +00:00
Implement required and update invlaid id schemas
2013-07-28 20:20:55 +00:00
it('Login a user over REST by providing credentials', function(done) {
Initial users
2013-07-02 23:51:38 +00:00
request(app)
.post('/users/login')
.expect('Content-Type', /json/)
.expect(200)
Add `include=user` param to `User.login` Allow LB clients to get details of the currently logged-in user as part of the login response. Improve method's `description` to mention this new option.
2014-01-30 13:33:45 +00:00
.send(validCredentials)
Initial users
2013-07-02 23:51:38 +00:00
.end(function(err, res){
if(err) return done(err);
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
var accessToken = res.body;
Initial users
2013-07-02 23:51:38 +00:00
Update AccessToken and User relationship - Add created default - Default TTLs for user login access tokens - Break out User / AccessToken relationship
2013-11-15 02:34:51 +00:00
assert(accessToken.userId);
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
assert(accessToken.id);
Add loopback.token() middleware
2013-11-14 21:01:47 +00:00
assert.equal(accessToken.id.length, 64);
Add `include=user` param to `User.login` Allow LB clients to get details of the currently logged-in user as part of the login response. Improve method's `description` to mention this new option.
2014-01-30 13:33:45 +00:00
assert(accessToken.user === undefined);
Initial users
2013-07-02 23:51:38 +00:00
done();
});
});
Add `include=user` param to `User.login` Allow LB clients to get details of the currently logged-in user as part of the login response. Improve method's `description` to mention this new option.
2014-01-30 13:33:45 +00:00
Set the correct status code for User.login See https://github.com/strongloop/loopback/issues/118
2014-02-28 21:19:52 +00:00
it('Login a user over REST by providing invalid credentials', function(done) {
request(app)
.post('/users/login')
.expect('Content-Type', /json/)
.expect(401)
.send(invalidCredentials)
.end(function(err, res){
done();
});
});
it('Login a user over REST by providing incomplete credentials', function(done) {
request(app)
.post('/users/login')
.expect('Content-Type', /json/)
.expect(400)
.send(incompleteCredentials)
.end(function(err, res){
done();
});
});
it('Login a user over REST with the wrong Content-Type', function(done) {
request(app)
.post('/users/login')
.set('Content-Type', null)
.expect('Content-Type', /json/)
.expect(400)
.send(validCredentials)
.end(function(err, res){
done();
});
});
Add `include=user` param to `User.login` Allow LB clients to get details of the currently logged-in user as part of the login response. Improve method's `description` to mention this new option.
2014-01-30 13:33:45 +00:00
it('Returns current user when `include` is `USER`', function(done) {
request(app)
.post('/users/login?include=USER')
.send(validCredentials)
.expect(200)
.expect('Content-Type', /json/)
.end(function(err, res) {
if (err) return done(err);
var token = res.body;
expect(token.user, 'body.user').to.not.equal(undefined);
expect(token.user, 'body.user')
.to.have.property('email', validCredentials.email);
done();
});
});
Fix login query
2013-07-28 21:33:13 +00:00
it('Login should only allow correct credentials', function(done) {
User.create({email: 'foo22@bar.com', password: 'bar'}, function(user, err) {
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
User.login({email: 'foo44@bar.com', password: 'bar'}, function(err, accessToken) {
Fix login query
2013-07-28 21:33:13 +00:00
assert(err);
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
assert(!accessToken);
Fix login query
2013-07-28 21:33:13 +00:00
done();
});
});
});
Initial users
2013-07-02 23:51:38 +00:00
});
Refactor email verification tests into a new group
2014-07-08 15:54:50 +00:00
describe('User.login requiring email verification', function() {
beforeEach(function() {
User.settings.emailVerificationRequired = true;
});
afterEach(function() {
User.settings.emailVerificationRequired = false;
});
it('Login a user by without email verification', function(done) {
User.login(validCredentials, function (err, accessToken) {
assert(err);
done();
});
});
it('Login a user by with email verification', function(done) {
User.login(validCredentialsEmailVerified, function (err, accessToken) {
assert(accessToken.userId);
assert(accessToken.id);
assert.equal(accessToken.id.length, 64);
done();
});
});
it('Login a user over REST when email verification is required', function(done) {
request(app)
.post('/users/login')
.expect('Content-Type', /json/)
.expect(200)
.send(validCredentialsEmailVerified)
.end(function(err, res){
if(err) return done(err);
var accessToken = res.body;
assert(accessToken.userId);
assert(accessToken.id);
assert.equal(accessToken.id.length, 64);
assert(accessToken.user === undefined);
done();
});
});
it('Login a user over REST without email verification when it is required', function(done) {
request(app)
.post('/users/login')
.expect('Content-Type', /json/)
.expect(401)
.send(validCredentials)
.end(function(err, res) {
done();
});
});
});
Add basic email verification
2013-07-03 05:37:31 +00:00
describe('User.logout', function() {
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
it('Logout a user by providing the current accessToken id (using node)', function(done) {
Add user.logout() sugar method and update logout docs
2013-07-12 23:10:15 +00:00
login(logout);
function login(fn) {
User.login({email: 'foo@bar.com', password: 'bar'}, fn);
}
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
function logout(err, accessToken) {
User.logout(accessToken.id, verify(accessToken.id, done));
Add user.logout() sugar method and update logout docs
2013-07-12 23:10:15 +00:00
}
});
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
it('Logout a user by providing the current accessToken id (over rest)', function(done) {
Add basic email verification
2013-07-03 05:37:31 +00:00
login(logout);
function login(fn) {
request(app)
.post('/users/login')
.expect('Content-Type', /json/)
.expect(200)
.send({email: 'foo@bar.com', password: 'bar'})
.end(function(err, res){
if(err) return done(err);
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
var accessToken = res.body;
Add basic email verification
2013-07-03 05:37:31 +00:00
Update AccessToken and User relationship - Add created default - Default TTLs for user login access tokens - Break out User / AccessToken relationship
2013-11-15 02:34:51 +00:00
assert(accessToken.userId);
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
assert(accessToken.id);
Add basic email verification
2013-07-03 05:37:31 +00:00
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
fn(null, accessToken.id);
Add basic email verification
2013-07-03 05:37:31 +00:00
});
}
fixup - Include accessToken in user logout tests
2013-12-18 05:34:30 +00:00
function logout(err, token) {
Add basic email verification
2013-07-03 05:37:31 +00:00
request(app)
fixup - Include accessToken in user logout tests
2013-12-18 05:34:30 +00:00
.post('/users/logout')
.set('Authorization', token)
Add root true to remote methods
2013-07-25 00:21:15 +00:00
.expect(204)
fixup - Include accessToken in user logout tests
2013-12-18 05:34:30 +00:00
.end(verify(token, done));
Add basic email verification
2013-07-03 05:37:31 +00:00
}
Add user.logout() sugar method and update logout docs
2013-07-12 23:10:15 +00:00
});
fixup - Include accessToken in user logout tests
2013-12-18 05:34:30 +00:00
function verify(token, done) {
assert(token);
Add user.logout() sugar method and update logout docs
2013-07-12 23:10:15 +00:00
return function (err) {
if(err) return done(err);
fixup - Include accessToken in user logout tests
2013-12-18 05:34:30 +00:00
AccessToken.findById(token, function (err, accessToken) {
Rename Session => AccessToken
2013-11-13 19:49:08 +00:00
assert(!accessToken, 'accessToken should not exist after logging out');
Add user.logout() sugar method and update logout docs
2013-07-12 23:10:15 +00:00
done(err);
});
}
}
Add basic email verification
2013-07-03 05:37:31 +00:00
});
describe('user.hasPassword(plain, fn)', function(){
Cleanup test markdown
2013-07-16 20:41:17 +00:00
it('Determine if the password matches the stored password', function(done) {
Add basic email verification
2013-07-03 05:37:31 +00:00
var u = new User({username: 'foo', password: 'bar'});
u.hasPassword('bar', function (err, isMatch) {
assert(isMatch, 'password doesnt match');
done();
Added bcrypt for password hashing
2013-07-15 21:07:17 +00:00
});
});
Fix login bug.
2013-07-16 01:22:33 +00:00
it('should match a password when saved', function(done) {
var u = new User({username: 'a', password: 'b', email: 'z@z.net'});
u.save(function (err, user) {
User.findById(user.id, function (err, uu) {
uu.hasPassword('b', function (err, isMatch) {
assert(isMatch);
done();
});
});
});
});
Added bcrypt for password hashing
2013-07-15 21:07:17 +00:00
it('should match a password after it is changed', function(done) {
User.create({email: 'foo@baz.net', username: 'bat', password: 'baz'}, function (err, user) {
User.findById(user.id, function (err, foundUser) {
assert(foundUser);
foundUser.hasPassword('baz', function (err, isMatch) {
assert(isMatch);
foundUser.password = 'baz2';
foundUser.save(function (err, updatedUser) {
updatedUser.hasPassword('baz2', function (err, isMatch) {
assert(isMatch);
User.findById(user.id, function (err, uu) {
uu.hasPassword('baz2', function (err, isMatch) {
assert(isMatch);
done();
});
});
});
});
});
});
});
Add basic email verification
2013-07-03 05:37:31 +00:00
});
});
describe('Verification', function(){
Report error for User.confirm() See https://github.com/strongloop/loopback/issues/377
2014-07-17 05:42:05 +00:00
Add basic email verification
2013-07-03 05:37:31 +00:00
describe('user.verify(options, fn)', function(){
it('Verify a user\'s email address', function(done) {
User.afterRemote('create', function(ctx, user, next) {
assert(user, 'afterRemote should include result');
var options = {
type: 'email',
to: user.email,
from: 'noreply@myapp.org',
redirect: '/',
protocol: ctx.req.protocol,
host: ctx.req.get('host')
};
user.verify(options, function (err, result) {
assert(result.email);
Upgrade to nodemailer 1.0.1
2014-07-15 23:46:43 +00:00
assert(result.email.response);
Add basic email verification
2013-07-03 05:37:31 +00:00
assert(result.token);
Build the email verification url from app context https://github.com/strongloop/loopback/issues/408
2014-07-27 05:39:42 +00:00
var msg = result.email.response.toString('utf-8');
assert(~msg.indexOf('/api/users/confirm'));
assert(~msg.indexOf('To: bar@bat.com'));
Add basic email verification
2013-07-03 05:37:31 +00:00
done();
});
});
request(app)
.post('/users')
.expect('Content-Type', /json/)
.expect(200)
Remove data argument name from user tests
2013-07-15 17:56:42 +00:00
.send({email: 'bar@bat.com', password: 'bar'})
Add basic email verification
2013-07-03 05:37:31 +00:00
.end(function(err, res){
if(err) return done(err);
});
});
});
Report error for User.confirm() See https://github.com/strongloop/loopback/issues/377
2014-07-17 05:42:05 +00:00
describe('User.confirm(options, fn)', function () {
var options;
function testConfirm(testFunc, done) {
User.afterRemote('create', function (ctx, user, next) {
Add basic email verification
2013-07-03 05:37:31 +00:00
assert(user, 'afterRemote should include result');
Report error for User.confirm() See https://github.com/strongloop/loopback/issues/377
2014-07-17 05:42:05 +00:00
options = {
Add basic email verification
2013-07-03 05:37:31 +00:00
type: 'email',
to: user.email,
from: 'noreply@myapp.org',
redirect: 'http://foo.com/bar',
protocol: ctx.req.protocol,
host: ctx.req.get('host')
};
Report error for User.confirm() See https://github.com/strongloop/loopback/issues/377
2014-07-17 05:42:05 +00:00
Add basic email verification
2013-07-03 05:37:31 +00:00
user.verify(options, function (err, result) {
Report error for User.confirm() See https://github.com/strongloop/loopback/issues/377
2014-07-17 05:42:05 +00:00
if (err) {
return done(err);
}
testFunc(result, done);
Add basic email verification
2013-07-03 05:37:31 +00:00
});
});
Report error for User.confirm() See https://github.com/strongloop/loopback/issues/377
2014-07-17 05:42:05 +00:00
Add basic email verification
2013-07-03 05:37:31 +00:00
request(app)
.post('/users')
.expect('Content-Type', /json/)
.expect(302)
Remove data argument name from user tests
2013-07-15 17:56:42 +00:00
.send({email: 'bar@bat.com', password: 'bar'})
Report error for User.confirm() See https://github.com/strongloop/loopback/issues/377
2014-07-17 05:42:05 +00:00
.end(function (err, res) {
if (err) {
return done(err);
}
Add basic email verification
2013-07-03 05:37:31 +00:00
});
Report error for User.confirm() See https://github.com/strongloop/loopback/issues/377
2014-07-17 05:42:05 +00:00
}
it('Confirm a user verification', function (done) {
testConfirm(function (result, done) {
request(app)
.get('/users/confirm?uid=' + (result.uid )
+ '&token=' + encodeURIComponent(result.token)
+ '&redirect=' + encodeURIComponent(options.redirect))
.expect(302)
.end(function (err, res) {
if (err) {
return done(err);
}
done();
});
}, done);
});
it('Report error for invalid user id during verification', function (done) {
testConfirm(function (result, done) {
request(app)
.get('/users/confirm?uid=' + (result.uid + '_invalid')
+ '&token=' + encodeURIComponent(result.token)
+ '&redirect=' + encodeURIComponent(options.redirect))
.expect(404)
.end(function (err, res) {
if (err) {
return done(err);
}
assert(res.body.error);
done();
});
}, done);
});
it('Report error for invalid token during verification', function (done) {
testConfirm(function (result, done) {
request(app)
.get('/users/confirm?uid=' + result.uid
+ '&token=' + encodeURIComponent(result.token) + '_invalid'
+ '&redirect=' + encodeURIComponent(options.redirect))
.expect(400)
.end(function (err, res) {
if (err) return done(err);
assert(res.body.error);
done();
});
}, done);
Add basic email verification
2013-07-03 05:37:31 +00:00
});
});
});
Add password reset
2013-11-20 18:59:29 +00:00
describe('Password Reset', function () {
describe('User.resetPassword(options, cb)', function () {
it('Creates a temp accessToken to allow a user to change password', function (done) {
var calledBack = false;
var email = 'foo@bar.com';
User.resetPassword({
email: email
}, function () {
calledBack = true;
});
User.once('resetPasswordRequest', function (info) {
assert(info.email);
assert(info.accessToken);
assert(info.accessToken.id);
assert.equal(info.accessToken.ttl / 60, 15);
assert(calledBack);
info.accessToken.user(function (err, user) {
assert.equal(user.email, email);
done();
});
});
});
});
});
Fix the test as DAO now ignores undefined value for query
2013-10-11 20:37:51 +00:00
});