diff --git a/services/web/app/coffee/Features/PasswordReset/PasswordResetController.coffee b/services/web/app/coffee/Features/PasswordReset/PasswordResetController.coffee index ec5371f0f2..618e9e0a7d 100644 --- a/services/web/app/coffee/Features/PasswordReset/PasswordResetController.coffee +++ b/services/web/app/coffee/Features/PasswordReset/PasswordResetController.coffee @@ -53,7 +53,11 @@ module.exports = if req.body.login_after UserGetter.getUser user_id, {email: 1}, (err, user) -> return next(err) if err? - AuthenticationController.doLogin {email:user.email, password: password}, req, res, next + AuthenticationController.afterLoginSessionSetup req, user, (err) -> + if err? + logger.err {err, email: user.email}, "Error setting up session after setting password" + return next(err) + res.json {redir: AuthenticationController._getRedirectFromSession(req) || "/project"} else res.sendStatus 200 else diff --git a/services/web/test/UnitTests/coffee/PasswordReset/PasswordResetControllerTests.coffee b/services/web/test/UnitTests/coffee/PasswordReset/PasswordResetControllerTests.coffee index 89c6479734..d11507361c 100644 --- a/services/web/test/UnitTests/coffee/PasswordReset/PasswordResetControllerTests.coffee +++ b/services/web/test/UnitTests/coffee/PasswordReset/PasswordResetControllerTests.coffee @@ -145,18 +145,27 @@ describe "PasswordResetController", -> done() @PasswordResetController.setNewUserPassword @req, @res - it "should login user if login_after is set", (done) -> - @UserGetter.getUser = sinon.stub().callsArgWith(2, null, { email: "joe@example.com" }) - @PasswordResetHandler.setNewUserPassword.callsArgWith(2, null, true, @user_id = "user-id-123") - @req.body.login_after = "true" - @AuthenticationController.doLogin = (options, req, res, next)=> - @UserGetter.getUser.calledWith(@user_id).should.equal true - expect(options).to.deep.equal { - email: "joe@example.com", - password: @password - } + describe 'when login_after is set', -> + + beforeEach -> + @UserGetter.getUser = sinon.stub().callsArgWith(2, null, { email: "joe@example.com" }) + @PasswordResetHandler.setNewUserPassword.callsArgWith(2, null, true, @user_id = "user-id-123") + @req.body.login_after = "true" + @res.json = sinon.stub() + @AuthenticationController.afterLoginSessionSetup = sinon.stub().callsArgWith(2, null) + @AuthenticationController._getRedirectFromSession = sinon.stub().returns('/some/path') + + it "should login user if login_after is set", (done) -> + @PasswordResetController.setNewUserPassword @req, @res + @AuthenticationController.afterLoginSessionSetup.callCount.should.equal 1 + @AuthenticationController.afterLoginSessionSetup.calledWith( + @req, + {email: 'joe@example.com'} + ).should.equal true + @AuthenticationController._getRedirectFromSession.callCount.should.equal 1 + @res.json.callCount.should.equal 1 + @res.json.calledWith({redir: '/some/path'}).should.equal true done() - @PasswordResetController.setNewUserPassword @req, @res describe "renderSetPasswordForm", ->