github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-21 20:47:08 -05:00
Code Issues Projects Releases Packages Wiki Activity

write to v1/v2 on register, password change and reset

Browse source 
GitOrigin-RevId: 29045912319d1d387613ec55c6620852d8857614
This commit is contained in:
Ersun Warncke 2019-05-30 11:15:15 -04:00 committed by sharelatex
parent d6651183b5
commit 8cc9bc5335
2 changed files with 33 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
services/web/app/src/Features/Authentication/AuthenticationManager.js
View file

@ -30,6 +30,8 @@ const BCRYPT_ROUNDS =
Settings != null ? Settings.security : undefined,
x => x.bcryptRounds
) || 12
const BCRYPT_MINOR_VERSION =
(Settings != null ? Settings.security.bcryptMinorVersion : undefined) || 'a'
const _checkWriteResult = function(result, callback) {
// for MongoDB
@ -211,40 +213,46 @@ module.exports = AuthenticationManager = {
}
},
hashPassword(password, callback) {
return bcrypt.genSalt(BCRYPT_ROUNDS, BCRYPT_MINOR_VERSION, function(
error,
salt
) {
if (error != null) {
return callback(error)
}
return bcrypt.hash(password, salt, callback)
})
},
setUserPasswordInV2(user_id, password, callback) {
const validation = this.validatePassword(password)
if (validation != null) {
return callback(validation.message)
}
const minorVersion = 'a'
return bcrypt.genSalt(BCRYPT_ROUNDS, minorVersion, function(error, salt) {
return this.hashPassword(password, function(error, hash) {
if (error != null) {
return callback(error)
}
return bcrypt.hash(password, salt, function(error, hash) {
if (error != null) {
return callback(error)
}
return db.users.update(
{
_id: ObjectId(user_id.toString())
return db.users.update(
{
_id: ObjectId(user_id.toString())
},
{
$set: {
hashedPassword: hash
},
{
$set: {
hashedPassword: hash
},
$unset: {
password: true
}
},
function(updateError, result) {
if (updateError != null) {
return callback(updateError)
}
return _checkWriteResult(result, callback)
$unset: {
password: true
}
)
})
},
function(updateError, result) {
if (updateError != null) {
return callback(updateError)
}
return _checkWriteResult(result, callback)
}
)
})
},

38
services/web/test/unit/src/PasswordReset/PasswordResetHandlerTests.js
View file

@ -290,7 +290,7 @@ describe('PasswordResetHandler', function() {
})
})
describe('when the data is a new style user_id', function() {
return describe('when the data is a new style user_id', function() {
beforeEach(function() {
this.AuthenticationManager.setUserPassword.yields(
null,
@ -319,41 +319,5 @@ describe('PasswordResetHandler', function() {
.should.equal(true)
})
})
return describe('when the data is v1 id', function() {
beforeEach(function() {
this.v1_user_id = 2345
this.AuthenticationManager.setUserPasswordInV1.yields(null, true)
this.UserGetter.getUser
.withArgs({ 'overleaf.id': this.v1_user_id })
.yields(null, { _id: this.user_id })
this.OneTimeTokenHandler.getValueFromTokenAndExpire.yields(null, {
v1_user_id: this.v1_user_id
})
return this.PasswordResetHandler.setNewUserPassword(
this.token,
this.password,
this.callback
)
})
it('should call setUserPasswordInV1', function() {
return this.AuthenticationManager.setUserPasswordInV1
.calledWith(this.v1_user_id, this.password)
.should.equal(true)
})
it('should look up the user by v1 id for the v2 user id', function() {
return this.UserGetter.getUser
.calledWith({ 'overleaf.id': this.v1_user_id })
.should.equal(true)
})
return it('should reset == true and the user_id', function() {
return this.callback
.calledWith(null, true, this.user_id)
.should.equal(true)
})
})
})
})