RanchiMall/flosight-api
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #277 from isocolsky/remove_expiration

Browse Source 
[EmailStorage plugin] Removed expiration date
This commit is contained in:
Gustavo Maximiliano Cortez 2014-12-15 14:15:42 -03:00
commit 4e2e2c5ba9
2 changed files with 7 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
plugins/emailstore.js
View File

@ -52,10 +52,6 @@
code: 406, code: 406,
message: 'User quota exceeded', message: 'User quota exceeded',
}, },
REGISTRATION_EXPIRED: {
code: 400,
message: 'Registration expired',
},
}; };
var EMAIL_TO_PASSPHRASE = 'email-to-passphrase-'; var EMAIL_TO_PASSPHRASE = 'email-to-passphrase-';
@ -74,8 +70,6 @@
var POST_LIMIT = 1024 * 300 /* Max POST 300 kb */ ; var POST_LIMIT = 1024 * 300 /* Max POST 300 kb */ ;
var DAYS_TO_EXPIRATION = 7; // An email can be awaiting validation for this long before expiring
var valueKey = function(email, key) { var valueKey = function(email, key) {
return STORED_VALUE + bitcore.util.twoSha256(email + SEPARATOR + key).toString('hex'); return STORED_VALUE + bitcore.util.twoSha256(email + SEPARATOR + key).toString('hex');
}; };
@ -371,18 +365,11 @@
*/ */
emailPlugin.createVerificationSecret = function(email, callback) { emailPlugin.createVerificationSecret = function(email, callback) {
emailPlugin.db.get(pendingKey(email), function(err, value) { emailPlugin.db.get(pendingKey(email), function(err, value) {
var available = false; if (err && err.notFound) {
var notFound = err && err.notFound;
var expired = !err && _.isObject(value) && moment().unix() > value.expires;
var available = notFound || expired;
if (available) {
var secret = emailPlugin.crypto.randomBytes(16).toString('hex'); var secret = emailPlugin.crypto.randomBytes(16).toString('hex');
var value = { var value = {
secret: secret, secret: secret,
expires: moment().add(DAYS_TO_EXPIRATION, 'days').unix(), created: moment().unix(),
}; };
emailPlugin.db.put(pendingKey(email), JSON.stringify(value), function(err) { emailPlugin.db.put(pendingKey(email), JSON.stringify(value), function(err) {
if (err) { if (err) {
@ -770,11 +757,7 @@
} catch (e) {} } catch (e) {}
if (parsed && _.isObject(parsed)) { if (parsed && _.isObject(parsed)) {
if (moment().unix() > parsed.expires) { value = parsed.secret;
return emailPlugin.returnError(emailPlugin.errors.REGISTRATION_EXPIRED, response);
} else {
value = parsed.secret;
}
} }
if (value !== secret) { if (value !== secret) {

25
test/test.EmailStore.js
View File

@ -230,7 +230,7 @@ describe('emailstore test', function() {
plugin.createVerificationSecretAndSendEmail(fakeEmail, function(err) { plugin.createVerificationSecretAndSendEmail(fakeEmail, function(err) {
var arg = JSON.parse(leveldb_stub.put.firstCall.args[1]); var arg = JSON.parse(leveldb_stub.put.firstCall.args[1]);
arg.secret.should.equal(fakeRandom); arg.secret.should.equal(fakeRandom);
arg.expires.should.equal(moment().add(7, 'days').unix()); arg.created.should.equal(moment().unix());
clock.restore(); clock.restore();
done(); done();
}); });
@ -367,7 +367,7 @@ describe('emailstore test', function() {
response.json.returnsThis(); response.json.returnsThis();
}); });
it('should validate correctly an email if the secret matches (without expiration date)', function() { it('should validate correctly an email if the secret matches (secret only)', function() {
leveldb_stub.get.onFirstCall().callsArgWith(1, null, secret); leveldb_stub.get.onFirstCall().callsArgWith(1, null, secret);
leveldb_stub.del = sinon.stub().yields(null); leveldb_stub.del = sinon.stub().yields(null);
response.redirect = sinon.stub(); response.redirect = sinon.stub();
@ -377,10 +377,10 @@ describe('emailstore test', function() {
assert(response.redirect.firstCall.calledWith(plugin.redirectUrl)); assert(response.redirect.firstCall.calledWith(plugin.redirectUrl));
}); });
it('should validate correctly an email if the secret matches (using expiration date)', function() { it('should validate correctly an email if the secret matches (secret + creation date)', function() {
leveldb_stub.get.onFirstCall().callsArgWith(1, null, JSON.stringify({ leveldb_stub.get.onFirstCall().callsArgWith(1, null, JSON.stringify({
secret: secret, secret: secret,
expires: moment().add(7, 'days').unix(), created: moment().unix(),
})); }));
leveldb_stub.del = sinon.stub().yields(null); leveldb_stub.del = sinon.stub().yields(null);
response.redirect = sinon.stub(); response.redirect = sinon.stub();
@ -404,23 +404,6 @@ describe('emailstore test', function() {
})); }));
assert(response.end.calledOnce); assert(response.end.calledOnce);
}); });
it('should fail to validate an email if the secret has expired', function() {
leveldb_stub.get.onFirstCall().callsArgWith(1, null, JSON.stringify({
secret: secret,
expires: moment().subtract(2, 'days').unix(),
}));
response.status.returnsThis();
response.json.returnsThis();
plugin.validate(request, response);
assert(response.status.firstCall.calledWith(plugin.errors.REGISTRATION_EXPIRED.code));
assert(response.json.firstCall.calledWith({
error: 'Registration expired'
}));
assert(response.end.calledOnce);
});
}); });
describe('removing items', function() { describe('removing items', function() {