user#login include server crash fix

Signed-off-by: Alexander Ryzhikov <coobaha@gmail.com>
2014-09-03 09:58:49 +04:00 · 2014-09-03 09:58:49 +04:00 · 58538f02b7
parent 1af1ec2c43
commit 58538f02b7
2 changed files with 27 additions and 2 deletions
--- a/lib/models/user.js
+++ b/lib/models/user.js
@ -154,7 +154,16 @@ User.login = function (credentials, include, fn) {
    include = undefined;
  }

-  include = (include || '').toLowerCase();
+  include = (include || '');
+  if (Array.isArray(include)) {
+    include = include.map(function ( val ) {
+      return val.toLowerCase();
+    });
+  }else {
+    include = include.toLowerCase();
+  }
+  
+

  var query = {};
  if(credentials.email) {
@ -191,7 +200,7 @@ User.login = function (credentials, include, fn) {
        } else if(isMatch) {
          user.createAccessToken(credentials.ttl, function(err, token) {
            if (err) return fn(err);
-            if (include === 'user') {
+            if (Array.isArray(include) ? include.indexOf('user') !== -1 : include === 'user') {
              // NOTE(bajtos) We can't set token.user here:
              //  1. token.user already exists, it's a function injected by
              //     "AccessToken belongsTo User" relation
--- a/test/user.test.js
+++ b/test/user.test.js
@ -265,6 +265,22 @@ describe('User', function(){
        });
    });

+    it('should handle multiple `include`', function(done) {
+      request(app)
+        .post('/users/login?include=USER&include=Post')
+        .send(validCredentials)
+        .expect(200)
+        .expect('Content-Type', /json/)
+        .end(function(err, res) {
+          if (err) return done(err);
+          var token = res.body;
+          expect(token.user, 'body.user').to.not.equal(undefined);
+          expect(token.user, 'body.user')
+            .to.have.property('email', validCredentials.email);
+          done();
+        });
+    });
+
    it('Login should only allow correct credentials', function(done) {
      User.create({email: 'foo22@bar.com', password: 'bar'}, function(user, err) {
        User.login({email: 'foo44@bar.com', password: 'bar'}, function(err, accessToken) {