Merge pull request #2605 from overleaf/jel-sso-registration

Do not block SSO registration on nonessential errors

GitOrigin-RevId: c9d6a7803aa8a48dbc1a8aae84d6f2588bad654e
This commit is contained in:
Timothée Alby 2020-02-20 11:08:18 -05:00 committed by Copybot
parent b94e1791e0
commit 506543d6a0
2 changed files with 23 additions and 2 deletions

View file

@ -16,6 +16,7 @@ const OError = require('@overleaf/o-error')
const HttpErrors = require('@overleaf/o-error/http') const HttpErrors = require('@overleaf/o-error/http')
const EmailHandler = require('../Email/EmailHandler') const EmailHandler = require('../Email/EmailHandler')
const UrlHelper = require('../Helpers/UrlHelper') const UrlHelper = require('../Helpers/UrlHelper')
const { promisify } = require('util')
const UserController = { const UserController = {
tryDeleteUser(req, res, next) { tryDeleteUser(req, res, next) {
@ -231,7 +232,7 @@ const UserController = {
}) })
}, },
_doLogout(req, cb) { doLogout(req, cb) {
metrics.inc('user.logout') metrics.inc('user.logout')
const user = AuthenticationController.getSessionUser(req) const user = AuthenticationController.getSessionUser(req)
logger.log({ user }, 'logging out') logger.log({ user }, 'logging out')
@ -258,7 +259,7 @@ const UserController = {
: undefined : undefined
const redirectUrl = requestedRedirect || '/login' const redirectUrl = requestedRedirect || '/login'
UserController._doLogout(req, err => { UserController.doLogout(req, err => {
if (err != null) { if (err != null) {
return next(err) return next(err)
} }
@ -397,4 +398,8 @@ const UserController = {
} }
} }
UserController.promises = {
doLogout: promisify(UserController.doLogout)
}
module.exports = UserController module.exports = UserController

View file

@ -44,6 +44,7 @@ describe('UserController', function() {
email: 'old@something.com' email: 'old@something.com'
} }
}, },
sessionID: '123',
body: {}, body: {},
i18n: { i18n: {
translate: text => text translate: text => text
@ -461,6 +462,21 @@ describe('UserController', function() {
return this.UserController.logout(this.req, this.res) return this.UserController.logout(this.req, this.res)
}) })
it('should untrack session', function(done) {
this.req.session.destroy = sinon.stub().callsArgWith(0)
this.SudoModeHandler.clearSudoMode = sinon.stub()
this.res.redirect = url => {
url.should.equal('/login')
this.UserSessionsManager.untrackSession.callCount.should.equal(1)
this.UserSessionsManager.untrackSession
.calledWith(sinon.match(this.req.user), this.req.sessionID)
.should.equal(true)
return done()
}
return this.UserController.logout(this.req, this.res)
})
it('should redirect after logout', function(done) { it('should redirect after logout', function(done) {
this.req.body.redirect = '/institutional-login' this.req.body.redirect = '/institutional-login'
this.req.session.destroy = sinon.stub().callsArgWith(0) this.req.session.destroy = sinon.stub().callsArgWith(0)