1
0
mirror of https://github.com/laurent22/joplin.git synced 2024-12-24 10:27:10 +02:00

Server: Removed the need for session controller

This commit is contained in:
Laurent Cozic 2021-01-14 13:29:03 +00:00
parent 3c5ac1ecc5
commit 9b2e5e2959
6 changed files with 83 additions and 25 deletions

View File

@ -1,16 +0,0 @@
import { Session } from '../../db';
import { ErrorForbidden } from '../../utils/errors';
import uuidgen from '../../utils/uuidgen';
import BaseController from '../BaseController';
export default class SessionController extends BaseController {
public async authenticate(email: string, password: string): Promise<Session> {
const userModel = this.models.user();
const user = await userModel.login(email, password);
if (!user) throw new ErrorForbidden('Invalid username or password');
const session: Session = { id: uuidgen(), user_id: user.id };
return this.models.session().save(session, { isNew: true });
}
}

View File

@ -1,6 +1,5 @@
import { Models } from '../models/factory';
// import OAuthController from './api/OAuthController';
import SessionController from './api/SessionController';
import IndexLoginController from './index/LoginController';
import IndexHomeController from './index/HomeController';
import IndexUserController from './index/UserController';
@ -19,10 +18,6 @@ export class Controllers {
// return new OAuthController(this.models_);
// }
public apiSession() {
return new SessionController(this.models_);
}
public indexLogin() {
return new IndexLoginController(this.models_);
}

View File

@ -1,6 +1,7 @@
import BaseModel from './BaseModel';
import { User, Session } from '../db';
import uuidgen from '../utils/uuidgen';
import { ErrorForbidden } from '../utils/errors';
export default class SessionModel extends BaseModel {
@ -22,4 +23,10 @@ export default class SessionModel extends BaseModel {
}, { isNew: true });
}
public async authenticate(email: string, password: string): Promise<Session> {
const user = await this.models().user().login(email, password);
if (!user) throw new ErrorForbidden('Invalid username or password');
return this.createUserSession(user.id);
}
}

View File

@ -0,0 +1,74 @@
import { Session } from '../../db';
import routeHandler from '../../middleware/routeHandler';
import { beforeAllDb, afterAllTests, beforeEachDb, koaAppContext, models, parseHtml, createUser } from '../../utils/testing/testUtils';
import { AppContext } from '../../utils/types';
async function doLogin(email: string, password: string): Promise<AppContext> {
const context = await koaAppContext({
request: {
method: 'POST',
url: '/login',
body: {
email: email,
password: password,
},
},
});
await routeHandler(context);
return context;
}
describe('index_login', function() {
beforeAll(async () => {
await beforeAllDb('index_login');
});
afterAll(async () => {
await afterAllTests();
});
beforeEach(async () => {
await beforeEachDb();
});
test('should show the login page', async function() {
const context = await koaAppContext({
request: {
method: 'GET',
url: '/login',
},
});
await routeHandler(context);
const doc = parseHtml(context.response.body);
expect(!!doc.querySelector('input[name=email]')).toBe(true);
expect(!!doc.querySelector('input[name=password]')).toBe(true);
});
test('should login', async function() {
const user = await createUser(1);
const context = await doLogin(user.email, '123456');
const sessionId = context.cookies.get('sessionId');
const session: Session = await models().session().load(sessionId);
expect(session.user_id).toBe(user.id);
});
test('should not login with invalid credentials', async function() {
const user = await createUser(1);
{
const context = await doLogin('bad', '123456');
expect(!context.cookies.get('sessionId')).toBe(true);
}
{
const context = await doLogin(user.email, 'bad');
expect(!context.cookies.get('sessionId')).toBe(true);
}
});
});

View File

@ -16,8 +16,8 @@ const route: Route = {
if (ctx.method === 'POST') {
try {
const body = await formParse(ctx.req);
const session = await ctx.controllers.apiSession().authenticate(body.fields.email, body.fields.password);
const session = await ctx.models.session().authenticate(body.fields.email, body.fields.password);
ctx.cookies.set('sessionId', session.id);
return redirect(ctx, `${baseUrl()}/home`);
} catch (error) {

View File

@ -169,8 +169,6 @@ interface CreateUserAndSessionOptions {
}
export const createUserAndSession = async function(index: number = 1, isAdmin: boolean = false, options: CreateUserAndSessionOptions = null): Promise<UserAndSession> {
const sessionController = controllers().apiSession();
options = {
email: `user${index}@localhost`,
password: '123456',
@ -178,7 +176,7 @@ export const createUserAndSession = async function(index: number = 1, isAdmin: b
};
const user = await models().user().save({ email: options.email, password: options.password, is_admin: isAdmin ? 1 : 0 }, { skipValidation: true });
const session = await sessionController.authenticate(options.email, options.password);
const session = await models().session().authenticate(options.email, options.password);
return {
user: user,