Merge pull request #529 from Coobaha/fix/user_include

user#login include server crash fix

lib/models/user.js

@@ -161,7 +161,16 @@ User.login = function (credentials, include, fn) {
     include = undefined;
   }
 
-  include = (include || '').toLowerCase();
+  include = (include || '');
+  if (Array.isArray(include)) {
+    include = include.map(function ( val ) {
+      return val.toLowerCase();
+    });
+  }else {
+    include = include.toLowerCase();
+  }
+  
+
 
   var query = {};
   if(credentials.email) {
@@ -198,7 +207,7 @@ User.login = function (credentials, include, fn) {
         } else if(isMatch) {
           user.createAccessToken(credentials.ttl, function(err, token) {
             if (err) return fn(err);
-            if (include === 'user') {
+            if (Array.isArray(include) ? include.indexOf('user') !== -1 : include === 'user') {
               // NOTE(bajtos) We can't set token.user here:
               //  1. token.user already exists, it's a function injected by
               //     "AccessToken belongsTo User" relation

test/user.test.js

@@ -265,6 +265,22 @@ describe('User', function(){
         });
     });
 
+    it('should handle multiple `include`', function(done) {
+      request(app)
+        .post('/users/login?include=USER&include=Post')
+        .send(validCredentials)
+        .expect(200)
+        .expect('Content-Type', /json/)
+        .end(function(err, res) {
+          if (err) return done(err);
+          var token = res.body;
+          expect(token.user, 'body.user').to.not.equal(undefined);
+          expect(token.user, 'body.user')
+            .to.have.property('email', validCredentials.email);
+          done();
+        });
+    });
+
     it('Login should only allow correct credentials', function(done) {
       User.create({email: 'foo22@bar.com', password: 'bar'}, function(user, err) {
         User.login({email: 'foo44@bar.com', password: 'bar'}, function(err, accessToken) {