codeninjasllc/codecombat
1
0
Fork 0
mirror of https://github.com/codeninjasllc/codecombat.git synced 2025-05-02 17:03:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of https://github.com/codecombat/codecombat

Browse source
This commit is contained in:
Scott Erickson 2014-02-02 16:58:57 -08:00
commit ebc4985d30
2 changed files with 75 additions and 9 deletions
server/routes
auth.coffee
test/server
auth.spec.coffee

4
server/routes/auth.coffee
View file

@ -56,7 +56,7 @@ module.exports.setupRoutes = (app) ->
app.post('/auth/reset', (req, res) -> app.post('/auth/reset', (req, res) ->
unless req.body.email unless req.body.email
return errors.badInput(res, [{message:'Need an email specified.', property:email}]) return errors.badInput(res, [{message:'Need an email specified.', property:'email'}])
User.findOne({emailLower:req.body.email.toLowerCase()}).exec((err, user) -> User.findOne({emailLower:req.body.email.toLowerCase()}).exec((err, user) ->
if not user if not user
@ -74,7 +74,7 @@ module.exports.setupRoutes = (app) ->
else else
return res.end() return res.end()
else else
console.log 'new password is', user.get('passwordReset') res.send user.get('passwordReset')
return res.end() return res.end()
) )
) )

80
test/server/auth.spec.coffee
View file

@ -1,4 +1,8 @@
require './common' require './common'
request = require 'request'
urlLogin = getURL('/auth/login')
urlReset = getURL('/auth/reset')
describe '/auth/whoami', -> describe '/auth/whoami', ->
http = require 'http' http = require 'http'
@ -10,8 +14,6 @@ describe '/auth/whoami', ->
) )
describe '/auth/login', -> describe '/auth/login', ->
url = getURL('/auth/login')
request = require 'request'
it 'clears Users first', (done) -> it 'clears Users first', (done) ->
User.remove {}, (err) -> User.remove {}, (err) ->
@ -19,7 +21,7 @@ describe '/auth/login', ->
done() done()
it 'finds no user', (done) -> it 'finds no user', (done) ->
req = request.post(url, (error, response) -> req = request.post(urlLogin, (error, response) ->
expect(response).toBeDefined() expect(response).toBeDefined()
expect(response.statusCode).toBe(401) expect(response.statusCode).toBe(401)
done() done()
@ -40,7 +42,7 @@ describe '/auth/login', ->
form.append('password', 'nada') form.append('password', 'nada')
it 'finds that created user', (done) -> it 'finds that created user', (done) ->
req = request.post(url, (error, response) -> req = request.post(urlLogin, (error, response) ->
expect(response).toBeDefined() expect(response).toBeDefined()
expect(response.statusCode).toBe(200) expect(response.statusCode).toBe(200)
done() done()
@ -50,7 +52,7 @@ describe '/auth/login', ->
form.append('password', 'nada') form.append('password', 'nada')
it 'rejects wrong passwords', (done) -> it 'rejects wrong passwords', (done) ->
req = request.post(url, (error, response) -> req = request.post(urlLogin, (error, response) ->
expect(response.statusCode).toBe(401) expect(response.statusCode).toBe(401)
expect(response.body.indexOf("wrong, wrong")).toBeGreaterThan(-1) expect(response.body.indexOf("wrong, wrong")).toBeGreaterThan(-1)
done() done()
@ -60,10 +62,74 @@ describe '/auth/login', ->
form.append('password', 'blahblah') form.append('password', 'blahblah')
it 'is completely case insensitive', (done) -> it 'is completely case insensitive', (done) ->
req = request.post(url, (error, response) -> req = request.post(urlLogin, (error, response) ->
expect(response.statusCode).toBe(200) expect(response.statusCode).toBe(200)
done() done()
) )
form = req.form() form = req.form()
form.append('username', 'scoTT@gmaIL.com') form.append('username', 'scoTT@gmaIL.com')
form.append('password', 'NaDa') form.append('password', 'NaDa')
describe '/auth/reset', ->
passwordReset = ''
it 'emails require', (done) ->
req = request.post(urlReset, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(422)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
it 'can\'t reset an unknow user', (done) ->
req = request.post(urlReset, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(404)
done()
)
form = req.form()
form.append('email', 'unknow')
it 'reset user password', (done) ->
req = request.post(urlReset, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(200)
expect(response.body).toBeDefined()
passwordReset = response.body
done()
)
form = req.form()
form.append('email', 'scott@gmail.com')
it 'can login after resetting', (done) ->
req = request.post(urlLogin, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(200)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
form.append('password', passwordReset)
it 'resetting password is not permanent', (done) ->
req = request.post(urlLogin, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(401)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
form.append('password', passwordReset)
it 'can still login with old password', (done) ->
req = request.post(urlLogin, (error, response) ->
expect(response).toBeDefined()
expect(response.statusCode).toBe(200)
done()
)
form = req.form()
form.append('username', 'scott@gmail.com')
form.append('password', 'nada')