From f02e3ebe750dbc565526e0fc36826f59bc794bfd Mon Sep 17 00:00:00 2001
From: Esteban Ordano <eordano@gmail.com>
Date: Tue, 4 Nov 2014 01:18:30 -0300
Subject: [PATCH] feature: change stored passphrase

---
 config/routes.js        |  1 +
 plugins/emailstore.js   | 48 +++++++++++++++++++++++++++++++++++++++--
 test/test.EmailStore.js | 35 ++++++++++++++++++++++++++++++
 3 files changed, 82 insertions(+), 2 deletions(-)

diff --git a/config/routes.js b/config/routes.js
index c99ed8e..59d6a7b 100644
--- a/config/routes.js
+++ b/config/routes.js
@@ -58,6 +58,7 @@ module.exports = function(app) {
     app.post(apiPrefix + '/email/validate', emailPlugin.validate);
     app.get(apiPrefix + '/email/retrieve/:email', emailPlugin.get);
     app.get(apiPrefix + '/email/validate', emailPlugin.validate);
+    app.post(apiPrefix + '/email/change_passphrase', emailPlugin.changePassphrase);
   }
 
   // Address routes
diff --git a/plugins/emailstore.js b/plugins/emailstore.js
index 52a177e..d8ee5f8 100644
--- a/plugins/emailstore.js
+++ b/plugins/emailstore.js
@@ -240,7 +240,13 @@ emailPlugin.checkPassphrase = function(email, passphrase, callback) {
  * @param {Function(err)} callback
  */
 emailPlugin.savePassphrase = function(email, passphrase, callback) {
-  emailPlugin.db.put(MAP_EMAIL_TO_SECRET + email, passphrase, callback);
+  emailPlugin.db.put(MAP_EMAIL_TO_SECRET + email, passphrase, function(err) {
+    if (err) {
+      logger.error(err);
+      return callback(emailPlugin.errors.INTERNAL_ERROR);
+    }
+    return callback(null);
+  });
 };
 
 /**
@@ -324,7 +330,7 @@ emailPlugin.processPost = function(request, response, email, key, secret, record
         } else {
           emailPlugin.savePassphrase(email, secret, function(err) {
             if (err) {
-              return callback({code: 500, message: err});
+              return callback(err);
             }
             return callback();
           });
@@ -477,6 +483,44 @@ emailPlugin.validate = function (request, response) {
   });
 };
 
+/**
+ * Changes an user's passphrase
+ *
+ * @param {Express.Request} request
+ * @param {Express.Response} response
+ */
+emailPlugin.changePassphrase = function (request, response) {
+  var queryData = '';
+
+  request.on('data', function (data) {
+    queryData += data;
+    if (queryData.length > MAX_ALLOWED_STORAGE) {
+      queryData = '';
+      response.writeHead(413, {'Content-Type': 'text/plain'}).end();
+      request.connection.destroy();
+    }
+  }).on('end', function () {
+    var params = querystring.parse(queryData);
+    var email = params.email;
+    var oldSecret = params.secret;
+    var newSecret = params.newSecret;
+    if (!email || !oldSecret || !newSecret) {
+      return emailPlugin.returnError(emailPlugin.errors.INVALID_REQUEST, response);
+    }
+    emailPlugin.checkPassphrase(email, oldSecret, function (error) {
+      if (error) {
+        return emailPlugin.returnError(error, response);
+      }
+      emailPlugin.savePassphrase(email, newSecret, function (error) {
+        if (error) {
+          return emailPlugin.returnError(error, response);
+        }
+        return response.json({success: true}).end();
+      });
+    });
+  });
+};
+
 module.exports = emailPlugin;
 
 })();
diff --git a/test/test.EmailStore.js b/test/test.EmailStore.js
index ceac4bc..4ad1d1b 100644
--- a/test/test.EmailStore.js
+++ b/test/test.EmailStore.js
@@ -125,6 +125,7 @@ describe('emailstore test', function() {
 
     it('should validate correctly an email if the secret matches', function() {
       leveldb_stub.get.onFirstCall().callsArgWith(1, null, secret);
+      response.redirect = sinon.stub();
 
       plugin.validate(request, response);
 
@@ -167,5 +168,39 @@ describe('emailstore test', function() {
       assert(response.end.calledOnce);
     });
   });
+
+  describe('changing the user password', function() {
+    it('should validate the previous passphrase', function() {
+      request.param = sinon.stub();
+      request.param.onFirstCall().returns('email');
+      request.param.onSecondCall().returns('oldSecret');
+      request.param.onThirdCall().returns('newSecret');
+      response.status.onFirstCall().returnsThis();
+      response.json.onFirstCall().returnsThis();
+
+      plugin.checkPassphrase = sinon.stub();
+      plugin.checkPassphrase.onFirstCall().callsArgWith(2, 'error');
+
+      plugin.changePassphrase(request, response);
+      assert(response.status.calledOnce);
+      assert(response.json.calledOnce);
+      assert(response.end.calledOnce);
+    });
+    it('should change the passphrase', function() {
+      request.param.onFirstCall().returns('email');
+      request.param.onSecondCall().returns('oldSecret');
+      request.param.onThirdCall().returns('newSecret');
+      response.json.onFirstCall().returnsThis();
+
+      plugin.checkPassphrase = sinon.stub();
+      plugin.checkPassphrase.onFirstCall().callsArgWith(2, null);
+      plugin.savePassphrase = sinon.stub();
+      plugin.savePassphrase.onFirstCall().callsArgWith(2, null);
+
+      plugin.changePassphrase(request, response);
+      assert(response.json.calledOnce);
+      assert(response.end.calledOnce);
+    });
+  });
 });