encode email as a hex string of UTF-8 bytes

2013-08-07 15:18:36 -07:00 · 2013-08-07 15:18:36 -07:00 · 9109a58eed
--- a/bin/mailer.js
+++ b/bin/mailer.js
@ -22,12 +22,12 @@ server.route(
 			handler: function (request) {
 				var reply = request.reply.bind(request)
 				mailer
-					.sendCode(request.payload.email, request.payload.code)
+					.sendCode(Buffer(request.payload.email, 'hex').toString(), request.payload.code)
 					.done(reply, reply)
 			},
 			validate: {
 				payload: {
-					email: isA.String().email().required(),
+					email: isA.String().regex(HEX_STRING).required(),
 					code: isA.String().regex(HEX_STRING).required()
 				}
 			}
--- a/client/example.js
+++ b/client/example.js
@ -3,7 +3,7 @@
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

 var Client = require('./')
-var email = 'me@example.com';
+var email = Buffer('më@example.com').toString('hex');
 var password = 'verySecurePassword';
 var publicKey = {
  "algorithm":"RS",
--- a/models/recovery_email.js
+++ b/models/recovery_email.js
@ -59,7 +59,7 @@ module.exports = function (crypto, P, db, mailer) {
  }

  RecoveryEmail.prototype.sendCode = function () {
-    return mailer.sendCode(this.email, this.code)
+    return mailer.sendCode(Buffer(this.email, 'hex').toString('utf8'), this.code)
  }

  RecoveryEmail.prototype.verify = function (code) {
--- a/routes/account.js
+++ b/routes/account.js
@ -18,7 +18,8 @@ module.exports = function (crypto, uuid, isA, error, Account, RecoveryEmail) {
        tags: ["srp", "account"],
        validate: {
          payload: {
-            email: isA.String().email().required(),
+            // TODO: still need to validate the utf8 string is a valid email
+            email: isA.String().regex(HEX_STRING).required(),
            srp: isA.Object({
              type: isA.String().required(), // TODO valid()
              verifier: isA.String().regex(HEX_STRING).required(),
--- a/routes/auth.js
+++ b/routes/auth.js
@ -24,7 +24,7 @@ module.exports = function (isA, Account, SrpSession, AuthBundle) {
        },
        validate: {
          payload: {
-            email: isA.String().email().required()
+            email: isA.String().regex(HEX_STRING).required()
          },
          response: {
            schema: {
--- a/routes/password.js
+++ b/routes/password.js
@ -61,7 +61,7 @@ module.exports = function (isA, error, Account, tokens) {
        handler: notImplemented,
        validate: {
          payload: {
-            email: isA.String().email().required()
+            email: isA.String().regex(HEX_STRING).required()
          },
          response: {
            schema: {
--- a/test/account_tests.js
+++ b/test/account_tests.js
@ -16,7 +16,7 @@ var AccountResetToken = models.tokens.AccountResetToken

 var a = {
  uid: 'xxx',
-  email: 'somebody@example.com',
+  email: Buffer('somebody@example.com').toString('hex'),
  srp: {
    verifier: 'BAD1',
    salt: 'BAD2'
@ -133,7 +133,7 @@ test(
 test(
  'Account.exists returns false if the email is not in use',
  function (t) {
-    Account.exists('nobody@example.com').done(
+    Account.exists(Buffer('nobody@example.com').toString('hex')).done(
      function (exists) {
        t.equal(exists, false)
        t.end()
--- a/test/integration.js
+++ b/test/integration.js
@ -3,7 +3,7 @@ var cp = require('child_process')
 var Client = require('../client')
 var config = require('../config').root()

-var email = 'test@example.com'
+var email = Buffer('test@example.com').toString('hex')
 var password = 'allyourbasearebelongtous'
 var publicKey = {
  "algorithm":"RS",
--- a/test/recovery_email_tests.js
+++ b/test/recovery_email_tests.js
@ -15,11 +15,13 @@ var mailer = {
 var models = require('../models')(config, dbs, mailer)
 var RecoveryEmail = models.RecoveryEmail

+var email = Buffer('me@example.com').toString('hex')
+
 test(
 	'RecoveryEmail.create generates a random 32 byte code as a hex string',
 	function (t) {
 		function end() { t.end() }
-		RecoveryEmail.create('xxx', 'me@example.com', true)
+		RecoveryEmail.create('xxx', email, true)
 			.then(
 				function (x) {
 					t.equal(x.code.length, 64)
@ -41,7 +43,7 @@ test(
 	function (t) {
 		sends = 0
 		function end() { t.end() }
-		RecoveryEmail.create('xxx', 'me@example.com', true)
+		RecoveryEmail.create('xxx', email, true)
 			.then(
 				function (x) {
 					t.equal(sends, 1)
@ -57,7 +59,7 @@ test(
 	'recoveryEmail.verify sets verified to true if the codes match',
 	function (t) {
 		function end() { t.end() }
-		RecoveryEmail.create('xxx', 'me@example.com', true)
+		RecoveryEmail.create('xxx', email, true)
 			.then(
 				function (x) {
 					t.equal(x.verified, false)
@ -79,7 +81,7 @@ test(
 	'recoveryEmail.verify does not set verified if codes do not match',
 	function (t) {
 		function end() { t.end() }
-		RecoveryEmail.create('xxx', 'me@example.com', true)
+		RecoveryEmail.create('xxx', email, true)
 			.then(
 				function (x) {
 					t.equal(x.verified, false)
@ -101,7 +103,7 @@ test(
 	'recoveryEmail.verify will not unset the verified flag from true to false',
 	function (t) {
 		function end() { t.end() }
-		RecoveryEmail.create('xxx', 'me@example.com', true)
+		RecoveryEmail.create('xxx', email, true)
 			.then(
 				function (x) {
 					t.equal(x.verified, false)
--- a/test/srp_session_tests.js
+++ b/test/srp_session_tests.js
@ -15,7 +15,7 @@ var SrpSession = models.SrpSession

 var alice = {
  uid: 'xxx',
-  email: 'somebody@example.com',
+  email: Buffer('somebödy@example.com').toString('hex'),
  password: 'awesomeSauce',
  srp: {
    verifier: null,