From 8ffa03f775c486ea3d0af3c284c1c829aa92e020 Mon Sep 17 00:00:00 2001 From: Gabor Javorszky Date: Mon, 27 May 2013 22:03:13 +0100 Subject: [PATCH] Duplicate user, error handling, password in fixture --- config.js | 3 ++- core/admin/controllers/index.js | 17 +++++++----- core/shared/data/fixtures/001.js | 9 ++++--- .../models/dataProvider.bookshelf.users.js | 27 ++++++++++++------- 4 files changed, 35 insertions(+), 21 deletions(-) diff --git a/config.js b/config.js index e67a032fd9..2e2896d913 100644 --- a/config.js +++ b/config.js @@ -68,7 +68,8 @@ connection: { filename: './core/shared/data/testdb.db' }, - debug: true + debug: false + // debug: true }, staging: {}, diff --git a/core/admin/controllers/index.js b/core/admin/controllers/index.js index 95b8c52f90..67510658c8 100755 --- a/core/admin/controllers/index.js +++ b/core/admin/controllers/index.js @@ -64,9 +64,9 @@ console.log('user found: ', user); req.session.user = "ghostadmin"; res.redirect(req.query.redirect || '/ghost/'); - }, function (err) { + }, function (error) { // Do something here to signal the reason for an error - console.log(err.stack); + req.flash('error', error.message); res.redirect('/ghost/login/'); }); }, @@ -78,16 +78,19 @@ }); }, 'doRegister': function (req, res) { - // console.log(req.body); - if (req.body.email_address !== '' && req.body.password.length > 5) { + var email = req.body.email_address, + password = req.body.password; + + if (email !== '' && password.length > 5) { api.users.add({ - email_address: req.body.email_address, - password: req.body.password + email_address: email, + password: password }).then(function (user) { console.log('user added', user); res.redirect('/ghost/login/'); }, function (error) { - console.log('there was an error', error); + req.flash('error', error.message); + res.redirect('/ghost/register/'); }); } else { req.flash('error', "The password is too short. Have at least 6 characters in there"); diff --git a/core/shared/data/fixtures/001.js b/core/shared/data/fixtures/001.js index f2ecbd92d5..849f92a6ae 100644 --- a/core/shared/data/fixtures/001.js +++ b/core/shared/data/fixtures/001.js @@ -50,15 +50,16 @@ module.exports = { users: [ { - "id": "1", - "username": "johnonolan", + "id": "1", + "username": "johnonolan", "first_name": "John", "last_name": "O'Nolan", + "password": "$2a$10$.pb3wOEhbEPvArvOBB.iyuKslBjC7lSXCUzp29civDTvCg3M1j0XO", "email_address": "john@onolan.org", "profile_picture": "logo.png", "cover_picture": "", - "bio": "Interactive designer, public speaker, startup advisor and writer. Living in Austria, attempting world domination via keyboard.", - "url": "john.onolan.org", + "bio": "Interactive designer, public speaker, startup advisor and writer. Living in Austria, attempting world domination via keyboard.", + "url": "john.onolan.org", "created_by": 1, "updated_by": 1 } diff --git a/core/shared/models/dataProvider.bookshelf.users.js b/core/shared/models/dataProvider.bookshelf.users.js index 7407b271a8..eeaf9b443e 100644 --- a/core/shared/models/dataProvider.bookshelf.users.js +++ b/core/shared/models/dataProvider.bookshelf.users.js @@ -30,11 +30,17 @@ // Clone the _user so we don't expose the hashed password unnecessarily userData = _.extend({}, _user); - return nodefn.call(bcrypt.hash, _user.password, null, null).then(function (hash) { - userData.password = hash; - return BaseProvider.prototype.add.call(self, userData); + return self.model.forge({email_address: userData.email_address}).fetch().then(function (user) { + if (!!user.attributes.email_address) { + return when.reject(new Error('A user with that email address already exists.')); + } + return nodefn.call(bcrypt.hash, _user.password, null, null).then(function (hash) { + userData.password = hash; + return BaseProvider.prototype.add.call(self, userData); + }); }); + }; /** @@ -47,12 +53,15 @@ return this.model.forge({ email_address: _userdata.email }).fetch().then(function (user) { - return nodefn.call(bcrypt.compare, _userdata.pw, user.get('password')).then(function (matched) { - if (!matched) { - return when.reject(new Error('Password does not match')); - } - return user; - }); + if (!!user.attributes.email_address) { + return nodefn.call(bcrypt.compare, _userdata.pw, user.get('password')).then(function (matched) { + if (!matched) { + return when.reject(new Error('Passwords do not match')); + } + return user; + }); + } + return when.reject(new Error('We do not have a record for such user.')); }); };