Merge pull request #99 from Concorda/t

use custom generated salt. Fixes #72
Concorda · May 25, 2016 · 82f863c · 82f863c
2 parents e13a57a + 012c64c
commit 82f863c
Show file tree

Hide file tree

Showing 6 changed files with 94 additions and 56 deletions.
diff --git a/lib/impl/services/auth.js b/lib/impl/services/auth.js
@@ -214,7 +214,15 @@ module.exports = function (options) {
         user.forcePwdChange = false
         user.passwordChangeTimestamp = new Date()
         user.save$(function () {
-          context.prior(msg, response)
+          context.act('role: util, cmd: genstrtoken', function (err, tokenData) {
+            if (err || !tokenData) {
+              return response(null, {ok: false, why: 'Internal server error'})
+            }
+
+            msg.salt = tokenData.token
+
+            context.prior(msg, response)
+          })
         })
       })
     })
@@ -430,19 +438,26 @@ module.exports = function (options) {
         userData.passwordChangeTimestamp = new Date()
         userData.forcePwdChange = userData.forcePwdChange || false
 
-        context.act('role: user, cmd: register', userData, function (err, result) {
-          if (err) {
-            return cb(null, {ok: false, why: err})
-          }
-          if (!result.ok) {
-            return cb(null, {ok: false, why: result.why})
+        context.act('role: util, cmd: genstrtoken', function (err, tokenData) {
+          if (err || !tokenData) {
+            return cb(null, {ok: false, why: 'Internal server error'})
           }
 
-          if (!result.user.emailValidated) {
-            context.act('role: util, cmd: sendValidationEmail', result.user, function () {
-              return cb(null, {ok: true, data: result.user})
-            })
-          }
+          userData.salt = tokenData.token
+          context.act('role: user, cmd: register', userData, function (err, result) {
+            if (err) {
+              return cb(null, {ok: false, why: err})
+            }
+            if (!result.ok) {
+              return cb(null, {ok: false, why: result.why})
+            }
+
+            if (!result.user.emailValidated) {
+              context.act('role: util, cmd: sendValidationEmail', result.user, function () {
+                return cb(null, {ok: true, data: result.user})
+              })
+            }
+          })
         })
       }
     })
@@ -476,7 +491,6 @@ module.exports = function (options) {
     if (!token || !password || !repeat) {
       return done(null, {ok: false, why: 'Invalid data.'})
     }
-
     context.act('role: concorda, verify: token', {token: token}, function (err, tokenData) {
       if (err || !tokenData) {
         return done(null, {ok: false, why: err || 'Invalid token.'})
@@ -489,18 +503,24 @@ module.exports = function (options) {
 
         user.forcePwdChange = false
         user.passwordChangeTimestamp = new Date()
-
-        seneca.act({ role: 'user', cmd: 'change_password', user: user, password: password, repeat: repeat }, function (err, out) {
-          if (err) {
-            return done(null, {ok: false, why: err})
+        context.act('role: util, cmd: genstrtoken', function (err, tokenData) {
+          if (err || !tokenData) {
+            return done(null, {ok: false, why: 'Internal server error'})
           }
+          msg.salt = tokenData.token
 
-          if (!out.ok) {
-            return done(null, {ok: false, why: err})
-          }
+          seneca.act({ role: 'user', cmd: 'change_password', user: user, password: password, repeat: repeat, salt: msg.salt }, function (err, out) {
+            if (err) {
+              return done(null, {ok: false, why: err})
+            }
 
-          user.save$(function () {
-            return done(null, {ok: true})
+            if (!out.ok) {
+              return done(null, {ok: false, why: err})
+            }
+
+            user.save$(function () {
+              return done(null, {ok: true})
+            })
           })
         })
       })

diff --git a/lib/impl/services/user.js b/lib/impl/services/user.js
@@ -90,19 +90,26 @@ module.exports = function (options) {
     // force change password by default if not otherwise specified by dashboard (TBD)
     userData.forcePwdChange = _.has(userData, 'forcePwdChange') ? userData.forcePwdChange : true
 
-    context.act('role: user, cmd: register', userData, function (err, result) {
-      if (err) {
-        return response(null, {ok: false, why: err})
-      }
-      if (!result.ok) {
-        return response(null, {ok: false, why: result.why})
+    context.act('role: util, cmd: genstrtoken', function (err, tokenData) {
+      if (err || !tokenData) {
+        return response(null, {ok: false, why: 'Internal server error'})
       }
+      userData.salt = tokenData.token
 
-      if (!result.user.emailValidated) {
-        context.act('role: util, cmd: sendValidationEmail', result.user, function () {
-          response(null, {ok: true, data: result.user})
-        })
-      }
+      context.act('role: user, cmd: register', userData, function (err, result) {
+        if (err) {
+          return response(null, {ok: false, why: err})
+        }
+        if (!result.ok) {
+          return response(null, {ok: false, why: result.why})
+        }
+
+        if (!result.user.emailValidated) {
+          context.act('role: util, cmd: sendValidationEmail', result.user, function () {
+            response(null, {ok: true, data: result.user})
+          })
+        }
+      })
     })
   }
 

diff --git a/lib/impl/util/dummyData.js b/lib/impl/util/dummyData.js
@@ -25,27 +25,34 @@ module.exports = function (options) {
 
         console.log('Added default client')
 
-        seneca.act('role: user, cmd: register', {
-          name: 'Concorda Administrator',
-          email: 'admin@concorda.com',
-          password: 'concorda',
-          repeat: 'concorda',
-          emailValidated: true,
-          forcePwdChange: true
-        }, function (err, data) {
-          if (err || !data.ok) {
-            seneca.log.info('Found default user, abort adding default data')
-            return done()
+        seneca.act('role: util, cmd: genstrtoken', function (err, tokenData) {
+          if (err || !tokenData) {
+            return done(null, {ok: false, why: 'Internal server error'})
           }
-          console.log('Added default user', data)
 
-          seneca.act('role: concorda, cmd: setUserClients', {clients: [client.data.id], userId: data.user.id}, function (err, data) {
+          seneca.act('role: user, cmd: register', {
+            name: 'Concorda Administrator',
+            email: 'admin@concorda.com',
+            password: 'concorda',
+            repeat: 'concorda',
+            emailValidated: true,
+            forcePwdChange: true,
+            salt: tokenData.token
+          }, function (err, data) {
             if (err || !data.ok) {
-              seneca.log.info('Error adding client to user', err, data)
+              seneca.log.info('Found default user, abort adding default data')
               return done()
             }
-            console.log('Added default application Concorda to default user')
-            done()
+            console.log('Added default user')
+
+            seneca.act('role: concorda, cmd: setUserClients', {clients: [client.data.id], userId: data.user.id}, function (err, data) {
+              if (err || !data.ok) {
+                seneca.log.info('Error adding client to user', err, data)
+                return done()
+              }
+              console.log('Associate default application Concorda to default user')
+              done()
+            })
           })
         })
       })

diff --git a/migrations/013.do.user.password.bytea.sql b/migrations/013.do.user.password.bytea.sql
diff --git a/test/group.test.js b/test/group.test.js
@@ -7,16 +7,17 @@ const test = lab.test
 const before = lab.before
 var Code = require('code')
 var expect = Code.expect
+const after = lab.after
 
-const Init = require('./test-init')
+const Util = require('./test-init')
 
 suite('Groups test suite ', () => {
   var seneca
   var userId
   var groupId
 
   before({}, function (done) {
-    Init.init({}, function (err, server) {
+    Util.init({}, function (err, server) {
       expect(err).to.not.exist()
       expect(server).to.exist()
 
@@ -25,6 +26,10 @@ suite('Groups test suite ', () => {
     })
   })
 
+  after({}, (done) => {
+    Util.after(seneca, done)
+  })
+
   test('add group', (done) => {
     seneca.act('role: concorda, cmd: addGroup', {data: {name: 'Concorda'}}, (err, response) => {
       expect(err).to.not.exist()

diff --git a/test/user.test.js b/test/user.test.js
@@ -123,8 +123,8 @@ suite('Hapi user suite tests ', () => {
       headers: { cookie: 'seneca-login=' + cookie }
     }, function (res) {
       Assert.equal(200, res.statusCode)
-      Assert.equal(1, JSON.parse(res.payload).data.length)
-      Assert.equal(1, JSON.parse(res.payload).count)
+      Assert.equal(2, JSON.parse(res.payload).data.length)
+      Assert.equal(2, JSON.parse(res.payload).count)
 
       done()
     })
@@ -204,8 +204,8 @@ suite('Hapi user suite tests ', () => {
       headers: { cookie: 'seneca-login=' + cookie }
     }, function (res) {
       Assert.equal(200, res.statusCode)
-      Assert.equal(2, JSON.parse(res.payload).data.length)
-      Assert.equal(2, JSON.parse(res.payload).count)
+      Assert.equal(3, JSON.parse(res.payload).data.length)
+      Assert.equal(3, JSON.parse(res.payload).count)
 
       Assert.equal(newName, JSON.parse(res.payload).data[0].name)