Merge pull request #941 from strongloop/feature/workaround-issue-251
Allow User.hashPassword/validatePassword to be overridden
This commit is contained in:
commit
90fd62ec0a
|
@ -453,6 +453,24 @@ module.exports = function(User) {
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/*!
|
||||||
|
* Hash the plain password
|
||||||
|
*/
|
||||||
|
User.hashPassword = function(plain) {
|
||||||
|
this.validatePassword(plain);
|
||||||
|
var salt = bcrypt.genSaltSync(this.settings.saltWorkFactor || SALT_WORK_FACTOR);
|
||||||
|
return bcrypt.hashSync(plain, salt);
|
||||||
|
};
|
||||||
|
|
||||||
|
User.validatePassword = function(plain) {
|
||||||
|
if (typeof plain === 'string' && plain) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
var err = new Error('Invalid password: ' + plain);
|
||||||
|
err.statusCode = 422;
|
||||||
|
throw err;
|
||||||
|
};
|
||||||
|
|
||||||
/*!
|
/*!
|
||||||
* Setup an extended user model.
|
* Setup an extended user model.
|
||||||
*/
|
*/
|
||||||
|
@ -467,8 +485,7 @@ module.exports = function(User) {
|
||||||
this.settings.ttl = this.settings.ttl || DEFAULT_TTL;
|
this.settings.ttl = this.settings.ttl || DEFAULT_TTL;
|
||||||
|
|
||||||
UserModel.setter.password = function(plain) {
|
UserModel.setter.password = function(plain) {
|
||||||
var salt = bcrypt.genSaltSync(this.constructor.settings.saltWorkFactor || SALT_WORK_FACTOR);
|
this.$password = this.constructor.hashPassword(plain);
|
||||||
this.$password = bcrypt.hashSync(plain, salt);
|
|
||||||
};
|
};
|
||||||
|
|
||||||
// Make sure emailVerified is not set by creation
|
// Make sure emailVerified is not set by creation
|
||||||
|
|
|
@ -22,14 +22,14 @@ describe('GeoPoint', function() {
|
||||||
describe('GeoPoint()', function() {
|
describe('GeoPoint()', function() {
|
||||||
it('Create from string', function() {
|
it('Create from string', function() {
|
||||||
var point = new GeoPoint('1.234,5.678');
|
var point = new GeoPoint('1.234,5.678');
|
||||||
assert.equal(point.lng, 1.234);
|
assert.equal(point.lat, 1.234);
|
||||||
assert.equal(point.lat, 5.678);
|
assert.equal(point.lng, 5.678);
|
||||||
var point2 = new GeoPoint('1.222, 5.333');
|
var point2 = new GeoPoint('1.222, 5.333');
|
||||||
assert.equal(point2.lng, 1.222);
|
assert.equal(point2.lat, 1.222);
|
||||||
assert.equal(point2.lat, 5.333);
|
assert.equal(point2.lng, 5.333);
|
||||||
var point3 = new GeoPoint('1.333, 5.111');
|
var point3 = new GeoPoint('1.333, 5.111');
|
||||||
assert.equal(point3.lng, 1.333);
|
assert.equal(point3.lat, 1.333);
|
||||||
assert.equal(point3.lat, 5.111);
|
assert.equal(point3.lng, 5.111);
|
||||||
});
|
});
|
||||||
it('Serialize as string', function() {
|
it('Serialize as string', function() {
|
||||||
var str = '1.234,5.678';
|
var str = '1.234,5.678';
|
||||||
|
@ -38,8 +38,8 @@ describe('GeoPoint', function() {
|
||||||
});
|
});
|
||||||
it('Create from array', function() {
|
it('Create from array', function() {
|
||||||
var point = new GeoPoint([5.555, 6.777]);
|
var point = new GeoPoint([5.555, 6.777]);
|
||||||
assert.equal(point.lng, 5.555);
|
assert.equal(point.lat, 5.555);
|
||||||
assert.equal(point.lat, 6.777);
|
assert.equal(point.lng, 6.777);
|
||||||
});
|
});
|
||||||
it('Create as Model property', function() {
|
it('Create as Model property', function() {
|
||||||
var Model = loopback.createModel('geo-model', {
|
var Model = loopback.createModel('geo-model', {
|
||||||
|
@ -51,8 +51,8 @@ describe('GeoPoint', function() {
|
||||||
});
|
});
|
||||||
|
|
||||||
assert(m.geo instanceof GeoPoint);
|
assert(m.geo instanceof GeoPoint);
|
||||||
assert.equal(m.geo.lng, 1.222);
|
assert.equal(m.geo.lat, 1.222);
|
||||||
assert.equal(m.geo.lat, 3.444);
|
assert.equal(m.geo.lng, 3.444);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
@ -135,6 +135,45 @@ describe('User', function() {
|
||||||
assert(u.password !== 'bar');
|
assert(u.password !== 'bar');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
describe('custom password hash', function() {
|
||||||
|
var defaultHashPassword;
|
||||||
|
var defaultValidatePassword;
|
||||||
|
|
||||||
|
beforeEach(function() {
|
||||||
|
defaultHashPassword = User.hashPassword;
|
||||||
|
defaultValidatePassword = User.defaultValidatePassword;
|
||||||
|
|
||||||
|
User.hashPassword = function(plain) {
|
||||||
|
return plain.toUpperCase();
|
||||||
|
};
|
||||||
|
|
||||||
|
User.validatePassword = function(plain) {
|
||||||
|
if (!plain || plain.length < 3) {
|
||||||
|
throw new Error('Password must have at least 3 chars');
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
};
|
||||||
|
});
|
||||||
|
|
||||||
|
afterEach(function() {
|
||||||
|
User.hashPassword = defaultHashPassword;
|
||||||
|
});
|
||||||
|
|
||||||
|
it('Reports invalid password', function() {
|
||||||
|
try {
|
||||||
|
var u = new User({username: 'foo', password: 'aa'});
|
||||||
|
assert(false, 'Error should have been thrown');
|
||||||
|
} catch (e) {
|
||||||
|
// Ignore
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
it('Hashes the given password', function() {
|
||||||
|
var u = new User({username: 'foo', password: 'bar'});
|
||||||
|
assert(u.password === 'BAR');
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
it('Create a user over REST should remove emailVerified property', function(done) {
|
it('Create a user over REST should remove emailVerified property', function(done) {
|
||||||
request(app)
|
request(app)
|
||||||
.post('/users')
|
.post('/users')
|
||||||
|
|
Loading…
Reference in New Issue