summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThais Siqueira <thais.siqueira@gmail.com>2017-03-10 11:28:39 -0300
committerThais Siqueira <thais.siqueira@gmail.com>2017-03-10 11:28:39 -0300
commit417818997fca057635793cdf60a3e1bfa6716e35 (patch)
tree41406bc3f1a88fa606b871a810b00679c7a69859
parent67824594246aee807ebacdf61c4e2d0a136eab73 (diff)
Adds recovery code to user account
Related with https://github.com/pixelated/pixelated-user-agent/issues/924 With @aarni
-rw-r--r--app/models/account.rb3
-rw-r--r--app/models/user.rb2
-rw-r--r--test/integration/api/update_account_test.rb6
-rw-r--r--test/unit/account_test.rb36
4 files changed, 47 insertions, 0 deletions
diff --git a/app/models/account.rb b/app/models/account.rb
index d722caa..0731cac 100644
--- a/app/models/account.rb
+++ b/app/models/account.rb
@@ -62,6 +62,9 @@ class Account
update_login(attrs[:login])
@user.update_attributes attrs.slice(:password_verifier, :password_salt)
end
+ if attrs[:recovery_code_verifier].present?
+ @user.update_attributes attrs.slice(:recovery_code_verifier, :recovery_code_salt)
+ end
# TODO: move into identity controller
key = update_pgp_key(attrs[:public_key])
@user.errors.set :public_key, key.errors.full_messages
diff --git a/app/models/user.rb b/app/models/user.rb
index 259778b..215a3b0 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -8,6 +8,8 @@ class User < CouchRest::Model::Base
property :login, String, :accessible => true
property :password_verifier, String, :accessible => true
property :password_salt, String, :accessible => true
+ property :recovery_code_verifier, String, :accessible => true
+ property :recovery_code_salt, String, :accessible => true
property :contact_email, String, :accessible => true
property :contact_email_key, String, :accessible => true
property :invite_code, String, :accessible => true
diff --git a/test/integration/api/update_account_test.rb b/test/integration/api/update_account_test.rb
index 1492006..108f05d 100644
--- a/test/integration/api/update_account_test.rb
+++ b/test/integration/api/update_account_test.rb
@@ -28,6 +28,12 @@ class UpdateAccountTest < SrpTest
assert server_auth["M2"]
end
+ test "update recovery code via api" do
+ authenticate
+ update_user recovery_code_verifier: "123", recovery_code_salt: "456"
+ assert last_response.successful?
+ end
+
test "change login with password_verifier" do
authenticate
new_login = 'zaph'
diff --git a/test/unit/account_test.rb b/test/unit/account_test.rb
index e00e589..058e196 100644
--- a/test/unit/account_test.rb
+++ b/test/unit/account_test.rb
@@ -96,6 +96,42 @@ class AccountTest < ActiveSupport::TestCase
user.account.destroy
end
+ test "create recovery code if it does not exist" do
+ user = Account.create(FactoryGirl.attributes_for(:user, :invite_code => @testcode.invite_code))
+ user.account.update(:recovery_code_verifier => "abc", :recovery_code_salt => "123")
+ user.reload
+
+ assert_equal "abc", user.recovery_code_verifier
+ assert_equal "123", user.recovery_code_salt
+
+ user.account.destroy
+ end
+
+ test "update recovery code that already exists" do
+ user = Account.create(FactoryGirl.attributes_for(:user,
+ :invite_code => @testcode.invite_code,
+ :recovery_code_verifier => "000",
+ :recovery_code_salt => "111"))
+
+ user.account.update(:recovery_code_verifier => "abc", :recovery_code_salt => "123")
+ user.reload
+
+ assert_equal "abc", user.recovery_code_verifier
+ assert_equal "123", user.recovery_code_salt
+
+ user.account.destroy
+ end
+
+ test "update password" do
+ user = Account.create(FactoryGirl.attributes_for(:user, :invite_code => @testcode.invite_code))
+ user.account.update(:password_verifier => "551A8B", :password_salt => "551A8B")
+
+ assert_equal "551A8B", user.password_verifier
+ assert_equal "551A8B", user.password_salt
+
+ user.account.destroy
+ end
+
test "Invite code count goes up by 1 when the invite code is entered" do
with_config invite_required: true do
user = Account.create(FactoryGirl.attributes_for(:user, :invite_code => @testcode.invite_code))