Allow password reset request for users in realms
This commit is contained in:
parent
298635dad1
commit
cddfb9c77d
|
@ -559,11 +559,12 @@ module.exports = function(User) {
|
|||
};
|
||||
|
||||
/**
|
||||
* Create a short lived acess token for temporary login. Allows users
|
||||
* Create a short lived access token for temporary login. Allows users
|
||||
* to change passwords if forgotten.
|
||||
*
|
||||
* @options {Object} options
|
||||
* @prop {String} email The user's email address
|
||||
* @property {String} realm The user's realm (optional)
|
||||
* @callback {Function} callback
|
||||
* @param {Error} err
|
||||
* @promise
|
||||
|
@ -589,7 +590,13 @@ module.exports = function(User) {
|
|||
} catch (err) {
|
||||
return cb(err);
|
||||
}
|
||||
UserModel.findOne({where: {email: options.email}}, function(err, user) {
|
||||
var where = {
|
||||
email: options.email,
|
||||
};
|
||||
if (options.realm) {
|
||||
where.realm = options.realm;
|
||||
}
|
||||
UserModel.findOne({where: where}, function(err, user) {
|
||||
if (err) {
|
||||
return cb(err);
|
||||
}
|
||||
|
|
|
@ -20,6 +20,8 @@ describe('User', function() {
|
|||
email: 'foo1@bar.com', password: 'bar1', emailVerified: true};
|
||||
var validCredentialsEmailVerifiedOverREST = {
|
||||
email: 'foo2@bar.com', password: 'bar2', emailVerified: true};
|
||||
var validCredentialsWithRealm = {
|
||||
email: 'foo3@bar.com', password: 'bar', realm: 'foobar'};
|
||||
var validCredentialsWithTTL = {email: 'foo@bar.com', password: 'bar', ttl: 3600};
|
||||
var validCredentialsWithTTLAndScope = {
|
||||
email: 'foo@bar.com', password: 'bar', ttl: 3600, scope: 'all'};
|
||||
|
@ -1924,6 +1926,58 @@ describe('User', function() {
|
|||
done();
|
||||
});
|
||||
});
|
||||
|
||||
describe('User.resetPassword(options, cb) requiring realm', function() {
|
||||
var realmUser;
|
||||
|
||||
beforeEach(function(done) {
|
||||
User.create(validCredentialsWithRealm, function(err, u) {
|
||||
if (err) return done(err);
|
||||
|
||||
realmUser = u;
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('Reports when email is not found in realm', function(done) {
|
||||
User.resetPassword({
|
||||
email: realmUser.email,
|
||||
realm: 'unknown',
|
||||
}, function(err) {
|
||||
assert(err);
|
||||
assert.equal(err.code, 'EMAIL_NOT_FOUND');
|
||||
assert.equal(err.statusCode, 404);
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('Creates a temp accessToken to allow user in realm to change password', function(done) {
|
||||
var calledBack = false;
|
||||
|
||||
User.resetPassword({
|
||||
email: realmUser.email,
|
||||
realm: realmUser.realm,
|
||||
}, function() {
|
||||
calledBack = true;
|
||||
});
|
||||
|
||||
User.once('resetPasswordRequest', function(info) {
|
||||
assert(info.email);
|
||||
assert(info.accessToken);
|
||||
assert(info.accessToken.id);
|
||||
assert.equal(info.accessToken.ttl / 60, 15);
|
||||
assert(calledBack);
|
||||
info.accessToken.user(function(err, user) {
|
||||
if (err) return done(err);
|
||||
|
||||
assert.equal(user.email, realmUser.email);
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
|
|
Loading…
Reference in New Issue