From 796a7b124bbb8ff69b2913b9b2b59a143db5060f Mon Sep 17 00:00:00 2001 From: Danny Coates Date: Mon, 19 Aug 2013 13:16:13 -0700 Subject: [PATCH] Added integration tests - /session/destroy - /recovery_email/resend_code - /get_random_bytes --- client/index.js | 34 +++++++++++++++++++++ models/account.js | 17 +++++++++++ models/recovery_email.js | 2 ++ routes/account.js | 9 +++--- test/run/integration_tests.js | 54 ++++++++++++++++++++++++++++++++++ test/run/verification_tests.js | 15 +++++++++- 6 files changed, 125 insertions(+), 6 deletions(-) diff --git a/client/index.js b/client/index.js index c8bc1b28..7802f523 100644 --- a/client/index.js +++ b/client/index.js @@ -241,6 +241,25 @@ Client.prototype.login = function (callback) { } } +Client.prototype.destroySession = function (callback) { + var p = P(null) + if (this.sessionToken) { + p = this.api.sessionDestroy(this.sessionToken) + .then( + function () { + this.sessionToken = null + return {} + }.bind(this) + ) + } + if (callback) { + p.done(callback.bind(null, null), callback) + } + else { + return p + } +} + Client.prototype.verifyEmail = function (code, callback) { var p = this.api.recoveryEmailVerifyCode(this.uid, code) if (callback) { @@ -273,6 +292,21 @@ Client.prototype.emailStatus = function (callback) { } } +Client.prototype.requestVerifyEmail = function (callback) { + var o = this.sessionToken ? P(null) : this.login() + var p = o.then( + function () { + return this.api.recoveryEmailResendCode(this.sessionToken, this.email) + }.bind(this) + ) + if (callback) { + p.done(callback.bind(null, null), callback) + } + else { + return p + } +} + Client.prototype.sign = function (publicKey, duration, callback) { var o = this.sessionToken ? P(null) : this.login() var p = o.then( diff --git a/models/account.js b/models/account.js index 362344ac..2f702a1f 100644 --- a/models/account.js +++ b/models/account.js @@ -237,6 +237,23 @@ module.exports = function (P, tokens, RecoveryEmail, db, config, error) { return P.all(methods) } + Account.prototype.primaryRecoveryEmail = function () { + // TODO: this is not ideal. consider refactoring how + // recovery emails are indexed + return this.recoveryEmails() + .then( + function (emails) { + for (var i = 0; emails.length; i++) { + var email = emails[i] + if (email.primary) { + return email + } + } + return null + } + ) + } + Account.prototype.deleteAllRecoveryEmails = function () { var codes = Object.keys(this.recoveryEmailCodes) var methods = [] diff --git a/models/recovery_email.js b/models/recovery_email.js index eeea7f28..128580b4 100644 --- a/models/recovery_email.js +++ b/models/recovery_email.js @@ -5,6 +5,7 @@ module.exports = function (crypto, P, db, mailer) { function RecoveryEmail() { + this.email = null this.code = null this.uid = null this.verified = false @@ -31,6 +32,7 @@ module.exports = function (crypto, P, db, mailer) { if (!object) return null if (object.value) object = object.value var rm = new RecoveryEmail() + rm.email = object.email rm.code = object.code rm.uid = object.uid rm.verified = object.verified diff --git a/routes/account.js b/routes/account.js index 1a08d1bf..f61cafb4 100644 --- a/routes/account.js +++ b/routes/account.js @@ -185,17 +185,16 @@ module.exports = function (crypto, uuid, isA, error, Account, RecoveryEmail) { handler: function (request) { var sessionToken = request.auth.credentials Account - .get(sessionToken.id) - .then( + .get(sessionToken.uid) + .done( function (account) { - RecoveryEmail - .get(account.email) + return account.primaryRecoveryEmail() .then( function (rm) { return rm.sendVerifyCode() } ) - .done( + .then( function () { request.reply({}) }, diff --git a/test/run/integration_tests.js b/test/run/integration_tests.js index 52d84d20..7600b43e 100644 --- a/test/run/integration_tests.js +++ b/test/run/integration_tests.js @@ -188,6 +188,60 @@ function main() { } ) + test( + 'session destroy', + function (t) { + var email = 'test4@example.com' + var password = 'foobar' + var client = null + var sessionToken = null + Client.create(config.public_url, email, password) + .then( + function (x) { + client = x + return client.devices() + } + ) + .then( + function () { + sessionToken = client.sessionToken + return client.destroySession() + } + ) + .then( + function () { + t.equal(client.sessionToken, null, 'session token deleted') + client.sessionToken = sessionToken + return client.devices() + } + ) + .done( + function (devices) { + t.fail('got devices with destroyed session') + t.end() + }, + function (err) { + t.equal(err.errno, 401, 'session is invalid') + t.end() + } + ) + } + ) + + test( + 'random bytes', + function (t) { + var client = new Client(config.public_url) + client.api.getRandomBytes() + .done( + function (x) { + t.equal(x.data.length, 64) + t.end() + } + ) + } + ) + test( 'teardown', function (t) { diff --git a/test/run/verification_tests.js b/test/run/verification_tests.js index 17e975ca..1f702cbc 100644 --- a/test/run/verification_tests.js +++ b/test/run/verification_tests.js @@ -17,6 +17,7 @@ function main() { var email = 'verification@example.com' var password = 'allyourbasearebelongtous' var client = null + var verifyCode = null Client.create(config.public_url, email, password) .then( function (x) { @@ -49,7 +50,19 @@ function main() { .then(waitForCode) .then( function (code) { - return client.verifyEmail(code) + verifyCode = code + return client.requestVerifyEmail() + } + ) + .then(waitForCode) + .then( + function (code) { + t.equal(code, verifyCode, 'verify codes are the same') + } + ) + .then( + function () { + return client.verifyEmail(verifyCode) } ) .then(