back/methods/vn-user/sign-in.js

@@ -51,7 +51,7 @@ module.exports = Self => {
         }
         const validateLogin = await Self.validateLogin(user, password);
         await Self.app.models.SignInLog.create({
-            id: validateLogin.token,
+            token: validateLogin.token,
             userFk: vnUser.id,
             ip: ctx.req.ip
         });

back/methods/vn-user/specs/sign-in.spec.js

@@ -12,8 +12,21 @@ describe('VnUser Sign-in()', () => {
         },
         args: {}
     };
-    const {VnUser, AccessToken} = models;
+    const {VnUser, AccessToken, SignInLog} = models;
     describe('when credentials are correct', () => {
+        it('should return the token if user uses email', async() => {
+            let login = await VnUser.signIn(unauthCtx, 'salesAssistant@mydomain.com', 'nightmare');
+            let accessToken = await AccessToken.findById(login.token);
+            let ctx = {req: {accessToken: accessToken}};
+            let signInLog = await SignInLog.find({where: {token: accessToken.id}});
+
+            expect(signInLog.length).toEqual(1);
+            expect(signInLog[0].userFk).toEqual(accessToken.userId);
+            expect(login.token).toBeDefined();
+
+            await VnUser.logout(ctx.req.accessToken.id);
+        });
+
         it('should return the token', async() => {
             let login = await VnUser.signIn(unauthCtx, 'salesAssistant', 'nightmare');
             let accessToken = await AccessToken.findById(login.token);

back/models/vn-user.js

@@ -124,17 +124,20 @@ module.exports = function(Self) {
 
         return email.send();
     });
+    Self.signInValidate = (user, userToken) => {
+        const [[key, value]] = Object.entries(Self.userUses(user));
+        if (userToken[key].toLowerCase() !== value.toLowerCase()) {
+            console.error('ERROR!!! - Signin with other user', _userToken, _user);
+            throw new UserError('Try again');
+        }
+    };
 
     Self.validateLogin = async function(user, password) {
         const loginInfo = Object.assign({password}, Self.userUses(user));
         const token = await Self.login(loginInfo, 'user');
 
         const userToken = await token.user.get();
-
+        Self.signInValidate(user, userToken);
-        // if (userToken.username.toLowerCase() !== user.toLowerCase()) {
-        //     console.error('ERROR!!! - Signin with other user', userToken, user);
-        //     throw new UserError('Try again');
-        // }
 
         try {
             await Self.app.models.Account.sync(userToken.name, password);

db/changes/234604/00-createSignInLogTable.sql

@@ -2,17 +2,18 @@
 
 --
 -- Table structure for table `signInLog`
+-- Description: log to debug cross-login error
 --
 
 DROP TABLE IF EXISTS `account`.`signInLog`;
 /*!40101 SET @saved_cs_client     = @@character_set_client */;
 /*!40101 SET character_set_client = utf8 */;
 CREATE TABLE `account`.`signInLog` (
-  `id` varchar(10) NOT NULL ,
+  id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
+  `token` varchar(255) NOT NULL ,
   `userFk` int(10) unsigned DEFAULT NULL,
   `creationDate` timestamp NULL DEFAULT current_timestamp(),
   `ip` varchar(100) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL,
-  PRIMARY KEY (`id`),
   KEY `userFk` (`userFk`),
   CONSTRAINT `signInLog_ibfk_1` FOREIGN KEY (`userFk`) REFERENCES `user` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
 );

modules/account/back/models/sign_in-log.json

@@ -8,13 +8,20 @@
 	},
     "properties": {
         "id": {
+			"type": "number",
 			"id": true,
-			"type": "string"
+			"description": "Identifier"
+		},
+        "token": {
+            "required": true,
+			"type": "string",
+            "description": "Token's user"
 		},
         "creationDate": {
-			"type": "date"
+            "type": "date"
 		},
         "userFk": {
+            "required": true,
 			"type": "number"
 		},
         "ip": {