mirror of
https://github.com/laurent22/joplin.git
synced 2025-01-11 18:24:43 +02:00
Server: Removed the need for session controller
This commit is contained in:
parent
3c5ac1ecc5
commit
9b2e5e2959
@ -1,16 +0,0 @@
|
||||
import { Session } from '../../db';
|
||||
import { ErrorForbidden } from '../../utils/errors';
|
||||
import uuidgen from '../../utils/uuidgen';
|
||||
import BaseController from '../BaseController';
|
||||
|
||||
export default class SessionController extends BaseController {
|
||||
|
||||
public async authenticate(email: string, password: string): Promise<Session> {
|
||||
const userModel = this.models.user();
|
||||
const user = await userModel.login(email, password);
|
||||
if (!user) throw new ErrorForbidden('Invalid username or password');
|
||||
const session: Session = { id: uuidgen(), user_id: user.id };
|
||||
return this.models.session().save(session, { isNew: true });
|
||||
}
|
||||
|
||||
}
|
@ -1,6 +1,5 @@
|
||||
import { Models } from '../models/factory';
|
||||
// import OAuthController from './api/OAuthController';
|
||||
import SessionController from './api/SessionController';
|
||||
import IndexLoginController from './index/LoginController';
|
||||
import IndexHomeController from './index/HomeController';
|
||||
import IndexUserController from './index/UserController';
|
||||
@ -19,10 +18,6 @@ export class Controllers {
|
||||
// return new OAuthController(this.models_);
|
||||
// }
|
||||
|
||||
public apiSession() {
|
||||
return new SessionController(this.models_);
|
||||
}
|
||||
|
||||
public indexLogin() {
|
||||
return new IndexLoginController(this.models_);
|
||||
}
|
||||
|
@ -1,6 +1,7 @@
|
||||
import BaseModel from './BaseModel';
|
||||
import { User, Session } from '../db';
|
||||
import uuidgen from '../utils/uuidgen';
|
||||
import { ErrorForbidden } from '../utils/errors';
|
||||
|
||||
export default class SessionModel extends BaseModel {
|
||||
|
||||
@ -22,4 +23,10 @@ export default class SessionModel extends BaseModel {
|
||||
}, { isNew: true });
|
||||
}
|
||||
|
||||
public async authenticate(email: string, password: string): Promise<Session> {
|
||||
const user = await this.models().user().login(email, password);
|
||||
if (!user) throw new ErrorForbidden('Invalid username or password');
|
||||
return this.createUserSession(user.id);
|
||||
}
|
||||
|
||||
}
|
||||
|
74
packages/server/src/routes/index/login.test.ts
Normal file
74
packages/server/src/routes/index/login.test.ts
Normal file
@ -0,0 +1,74 @@
|
||||
import { Session } from '../../db';
|
||||
import routeHandler from '../../middleware/routeHandler';
|
||||
import { beforeAllDb, afterAllTests, beforeEachDb, koaAppContext, models, parseHtml, createUser } from '../../utils/testing/testUtils';
|
||||
import { AppContext } from '../../utils/types';
|
||||
|
||||
async function doLogin(email: string, password: string): Promise<AppContext> {
|
||||
const context = await koaAppContext({
|
||||
request: {
|
||||
method: 'POST',
|
||||
url: '/login',
|
||||
body: {
|
||||
email: email,
|
||||
password: password,
|
||||
},
|
||||
},
|
||||
});
|
||||
|
||||
await routeHandler(context);
|
||||
return context;
|
||||
}
|
||||
|
||||
describe('index_login', function() {
|
||||
|
||||
beforeAll(async () => {
|
||||
await beforeAllDb('index_login');
|
||||
});
|
||||
|
||||
afterAll(async () => {
|
||||
await afterAllTests();
|
||||
});
|
||||
|
||||
beforeEach(async () => {
|
||||
await beforeEachDb();
|
||||
});
|
||||
|
||||
test('should show the login page', async function() {
|
||||
const context = await koaAppContext({
|
||||
request: {
|
||||
method: 'GET',
|
||||
url: '/login',
|
||||
},
|
||||
});
|
||||
|
||||
await routeHandler(context);
|
||||
|
||||
const doc = parseHtml(context.response.body);
|
||||
expect(!!doc.querySelector('input[name=email]')).toBe(true);
|
||||
expect(!!doc.querySelector('input[name=password]')).toBe(true);
|
||||
});
|
||||
|
||||
test('should login', async function() {
|
||||
const user = await createUser(1);
|
||||
|
||||
const context = await doLogin(user.email, '123456');
|
||||
const sessionId = context.cookies.get('sessionId');
|
||||
const session: Session = await models().session().load(sessionId);
|
||||
expect(session.user_id).toBe(user.id);
|
||||
});
|
||||
|
||||
test('should not login with invalid credentials', async function() {
|
||||
const user = await createUser(1);
|
||||
|
||||
{
|
||||
const context = await doLogin('bad', '123456');
|
||||
expect(!context.cookies.get('sessionId')).toBe(true);
|
||||
}
|
||||
|
||||
{
|
||||
const context = await doLogin(user.email, 'bad');
|
||||
expect(!context.cookies.get('sessionId')).toBe(true);
|
||||
}
|
||||
});
|
||||
|
||||
});
|
@ -16,8 +16,8 @@ const route: Route = {
|
||||
if (ctx.method === 'POST') {
|
||||
try {
|
||||
const body = await formParse(ctx.req);
|
||||
const session = await ctx.controllers.apiSession().authenticate(body.fields.email, body.fields.password);
|
||||
|
||||
const session = await ctx.models.session().authenticate(body.fields.email, body.fields.password);
|
||||
ctx.cookies.set('sessionId', session.id);
|
||||
return redirect(ctx, `${baseUrl()}/home`);
|
||||
} catch (error) {
|
||||
|
@ -169,8 +169,6 @@ interface CreateUserAndSessionOptions {
|
||||
}
|
||||
|
||||
export const createUserAndSession = async function(index: number = 1, isAdmin: boolean = false, options: CreateUserAndSessionOptions = null): Promise<UserAndSession> {
|
||||
const sessionController = controllers().apiSession();
|
||||
|
||||
options = {
|
||||
email: `user${index}@localhost`,
|
||||
password: '123456',
|
||||
@ -178,7 +176,7 @@ export const createUserAndSession = async function(index: number = 1, isAdmin: b
|
||||
};
|
||||
|
||||
const user = await models().user().save({ email: options.email, password: options.password, is_admin: isAdmin ? 1 : 0 }, { skipValidation: true });
|
||||
const session = await sessionController.authenticate(options.email, options.password);
|
||||
const session = await models().session().authenticate(options.email, options.password);
|
||||
|
||||
return {
|
||||
user: user,
|
||||
|
Loading…
Reference in New Issue
Block a user