diff --git a/back/methods/vn-user/specs/sign-in.spec.js b/back/methods/vn-user/specs/sign-in.spec.js index f4cad88b9..26abe7eda 100644 --- a/back/methods/vn-user/specs/sign-in.spec.js +++ b/back/methods/vn-user/specs/sign-in.spec.js @@ -14,6 +14,16 @@ describe('VnUser Sign-in()', () => { }; const {VnUser, AccessToken} = models; describe('when credentials are correct', () => { + it('should return the token if user uses email', async() => { + let login = await VnUser.signIn(unauthCtx, 'salesAssistant@mydomain.com', 'nightmare'); + let accessToken = await AccessToken.findById(login.token); + let ctx = {req: {accessToken: accessToken}}; + + expect(login.token).toBeDefined(); + + await VnUser.logout(ctx.req.accessToken.id); + }); + it('should return the token', async() => { let login = await VnUser.signIn(unauthCtx, 'salesAssistant', 'nightmare'); let accessToken = await AccessToken.findById(login.token); diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 2ab97fce6..bbfee4c51 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -124,17 +124,20 @@ module.exports = function(Self) { return email.send(); }); + Self.signInValidate = (user, userToken) => { + const [[key, value]] = Object.entries(Self.userUses(user)); + if (userToken[key].toLowerCase() !== value.toLowerCase()) { + console.error('ERROR!!! - Signin with other user', _userToken, _user); + throw new UserError('Try again'); + } + }; Self.validateLogin = async function(user, password) { const loginInfo = Object.assign({password}, Self.userUses(user)); const token = await Self.login(loginInfo, 'user'); const userToken = await token.user.get(); - - // if (userToken.username.toLowerCase() !== user.toLowerCase()) { - // console.error('ERROR!!! - Signin with other user', userToken, user); - // throw new UserError('Try again'); - // } + Self.signInValidate(user, userToken); try { await Self.app.models.Account.sync(userToken.name, password);