made changes and fixed tests

nodeSolidServer · Mar 15, 2024 · 133b28e · 133b28e
1 parent 00629ef
commit 133b28e
Show file tree

Hide file tree

Showing 10 changed files with 74 additions and 79 deletions.
diff --git a/common/js/auth-buttons.js b/common/js/auth-buttons.js
@@ -39,7 +39,7 @@
 
   // Log the user in on the client and the server
   async function login () {
-    alert(`login from this page is no more possible.\n\nYou must ask the pod owner to modify this page or remove it.`)
+    alert('login from this page is no more possible.\n\nYou must ask the pod owner to modify this page or remove it.')
     /* deprecated since inrupt/solid-auth-client
     const session = await auth.popupLogin()
     if (session) {

diff --git a/common/js/index-buttons.js b/common/js/index-buttons.js
@@ -1,44 +1,43 @@
 'use strict'
-var keyname = 'SolidServerRootRedirectLink';
-function register() { 
-    alert(2); window.location.href = "/register"; 
+const keyname = 'SolidServerRootRedirectLink'
+function register () {
+  alert(2); window.location.href = '/register'
 }
-document.addEventListener('DOMContentLoaded', async function() {
-    const authn = UI.authn
-    const authSession = UI.authn.authSession
+document.addEventListener('DOMContentLoaded', async function () {
+  const authn = UI.authn
+  const authSession = UI.authn.authSession
 
-    if (!authn.currentUser()) await authn.checkUser();
-    let user = authn.currentUser();
+  if (!authn.currentUser()) await authn.checkUser()
+  const user = authn.currentUser()
 
-    // IF LOGGED IN: SET SolidServerRootRedirectLink. LOGOUT
-    if( user ) {
-        window.localStorage.setItem(keyname, user.uri);
-        await authSession.logout();
-    }
-    else {
-        let webId = window.localStorage.getItem(keyname);
+  // IF LOGGED IN: SET SolidServerRootRedirectLink. LOGOUT
+  if (user) {
+    window.localStorage.setItem(keyname, user.uri)
+    await authSession.logout()
+  } else {
+    const webId = window.localStorage.getItem(keyname)
 
-        // IF NOT LOGGED IN AND COOKIE EXISTS: REMOVE COOKIE, HIDE WELCOME, SHOW LINK TO PROFILE
-        if( webId ) {
-        window.localStorage.removeItem(keyname);
-        document.getElementById('loggedIn').style.display = "block";
-        document.getElementById('loggedIn').innerHTML = `<p>Your WebID is : <a href="${webId}">${webId}</a>.</p> <p>Visit your profile to log into your Pod.</p>`;
-        }
+    // IF NOT LOGGED IN AND COOKIE EXISTS: REMOVE COOKIE, HIDE WELCOME, SHOW LINK TO PROFILE
+    if (webId) {
+      window.localStorage.removeItem(keyname)
+      document.getElementById('loggedIn').style.display = 'block'
+      document.getElementById('loggedIn').innerHTML = `<p>Your WebID is : <a href="${webId}">${webId}</a>.</p> <p>Visit your profile to log into your Pod.</p>`
+    }
 
-        // IF NOT LOGGED IN AND COOKIE DOES NOT EXIST  
-        //     SHOW WELCOME, SHOW LOGIN BUTTON
-        //     HIDE LOGIN BUTTON, ADD REGISTER BUTTON
-        else {
-        let loginArea = document.getElementById('loginStatusArea');
-        let html = `<input type="button" onclick="window.location.href='/register'" value="Register to get a Pod" class="register-button">`
-        let span = document.createElement("span")
-        span.innerHTML = html
-        loginArea.appendChild(span);
-        loginArea.appendChild(UI.login.loginStatusBox(document, null, {}))
-        const logInButton = loginArea.querySelectorAll('input')[1];
-        logInButton.value = "Log in to see your WebID";
-        const signUpButton = loginArea.querySelectorAll('input')[2];
-        signUpButton.style.display = "none";
-        }                    
+    // IF NOT LOGGED IN AND COOKIE DOES NOT EXIST
+    //     SHOW WELCOME, SHOW LOGIN BUTTON
+    //     HIDE LOGIN BUTTON, ADD REGISTER BUTTON
+    else {
+      const loginArea = document.getElementById('loginStatusArea')
+      const html = '<input type="button" onclick="window.location.href=\'/register\'" value="Register to get a Pod" class="register-button">'
+      const span = document.createElement('span')
+      span.innerHTML = html
+      loginArea.appendChild(span)
+      loginArea.appendChild(UI.login.loginStatusBox(document, null, {}))
+      const logInButton = loginArea.querySelectorAll('input')[1]
+      logInButton.value = 'Log in to see your WebID'
+      const signUpButton = loginArea.querySelectorAll('input')[2]
+      signUpButton.style.display = 'none'
     }
-})
+  }
+})
diff --git a/lib/create-server.js b/lib/create-server.js
@@ -68,8 +68,8 @@ function createServer (argv, app) {
     }
 
     const credentials = Object.assign({
-      key: key,
-      cert: cert
+      key,
+      cert
     }, argv)
 
     if (ldp.webid && ldp.auth === 'tls') {

diff --git a/lib/handlers/get.js b/lib/handlers/get.js
@@ -43,9 +43,9 @@ async function handler (req, res, next) {
 
   const options = {
     hostname: req.hostname,
-    path: path,
-    includeBody: includeBody,
-    possibleRDFType: possibleRDFType,
+    path,
+    includeBody,
+    possibleRDFType,
     range: req.headers.range,
     contentType: req.headers.accept
   }

diff --git a/lib/models/account-manager.js b/lib/models/account-manager.js
@@ -552,7 +552,7 @@ class AccountManager {
         const emailData = {
           to: userAccount.email,
           webId: userAccount.webId,
-          deleteUrl: deleteUrl
+          deleteUrl
         }
 
         return this.emailService.sendWithTemplate('delete-account', emailData)

diff --git a/lib/requests/password-reset-email-request.js b/lib/requests/password-reset-email-request.js
@@ -76,7 +76,9 @@ class PasswordResetEmailRequest extends AuthRequest {
   static post (req, res) {
     const request = PasswordResetEmailRequest.fromParams(req, res)
 
-    debug(`User '${request.username}' requested to be sent a password reset email`)
+    debug(
+      `User '${request.username}' requested to be sent a password reset email`
+    )
 
     return PasswordResetEmailRequest.handlePost(request)
   }
@@ -93,16 +95,9 @@ class PasswordResetEmailRequest extends AuthRequest {
     return Promise.resolve()
       .then(() => request.validate())
       .then(() => request.loadUser())
-      .catch((err) => {
-        if (err.code === "ACCOUNT_MISSING") {
-          this.response.render('auth/reset-link-sent')
-        } else {
-          return err;
-        }
-      })
-      .then(userAccount => request.sendResetLink(userAccount))
+      .then((userAccount) => request.sendResetLink(userAccount))
       .then(() => request.renderSuccess())
-      .catch(error => request.error(error))
+      .catch((error) => request.error(error))
   }
 
   /**
@@ -127,18 +122,17 @@ class PasswordResetEmailRequest extends AuthRequest {
   loadUser () {
     const username = this.username
 
-    return this.accountManager.accountExists(username)
-      .then(exists => {
-        if (!exists) {
-          const error = new Error("Account not found for that username")
-          error.code = "ACCOUNT_MISSING"
-          throw error
-        }
+    return this.accountManager.accountExists(username).then((exists) => {
+      if (!exists) {
+        // For security reason avoid leaking error information
+        // See: https://github.com/nodeSolidServer/node-solid-server/issues/1770
+        return this.renderSuccess()
+      }
 
-        const userData = { username }
+      const userData = { username }
 
-        return this.accountManager.userAccountFrom(userData)
-      })
+      return this.accountManager.userAccountFrom(userData)
+    })
   }
 
   /**
@@ -152,14 +146,17 @@ class PasswordResetEmailRequest extends AuthRequest {
   sendResetLink (userAccount) {
     const accountManager = this.accountManager
 
-    return accountManager.loadAccountRecoveryEmail(userAccount)
-      .then(recoveryEmail => {
+    return accountManager
+      .loadAccountRecoveryEmail(userAccount)
+      .then((recoveryEmail) => {
         userAccount.email = recoveryEmail
 
         debug('Sending recovery email to:', recoveryEmail)
 
-        return accountManager
-          .sendPasswordResetEmail(userAccount, this.returnToUrl)
+        return accountManager.sendPasswordResetEmail(
+          userAccount,
+          this.returnToUrl
+        )
       })
   }
 

diff --git a/test/integration/http-copy-test.js b/test/integration/http-copy-test.js
@@ -43,8 +43,8 @@ describe('HTTP COPY API', function () {
 
   function createOptions (method, url, user) {
     const options = {
-      method: method,
-      url: url,
+      method,
+      url,
       headers: {}
     }
     if (user) {

diff --git a/test/unit/create-account-request-test.js b/test/unit/create-account-request-test.js
@@ -107,7 +107,7 @@ describe('CreateAccountRequest', () => {
 
       const requests = invalidUsernames.map((username) => {
         const aliceData = {
-          username: username, password: '1234'
+          username, password: '1234'
         }
 
         const req = HttpMocks.createRequest({ app: { locals }, body: aliceData })

diff --git a/test/unit/password-reset-email-request-test.js b/test/unit/password-reset-email-request-test.js
@@ -101,10 +101,9 @@ describe('PasswordResetEmailRequest', () => {
 
       PasswordResetEmailRequest.post(req, res)
         .then(() => {
-          expect(PasswordResetEmailRequest.handlePost).to.have.been.called();
+          expect(PasswordResetEmailRequest.handlePost).to.have.been.called()
         })
     })
-
   })
 
   describe('validate()', () => {
@@ -178,8 +177,8 @@ describe('PasswordResetEmailRequest', () => {
       return PasswordResetEmailRequest.handlePost(request)
         .then(() => {
           expect(request.validate).to.have.been.called()
-          expect(request.loadUser).to.have.been.called();
-          expect(request.loadUser).to.throw();
+          expect(request.loadUser).to.have.been.called()
+          expect(request.loadUser).to.throw()
         }).catch(() => {
           expect(request.error).to.have.been.called()
           expect(response.render).to.have.been.calledWith('auth/reset-link-sent')
@@ -216,10 +215,11 @@ describe('PasswordResetEmailRequest', () => {
       const options = { accountManager, username }
       const request = new PasswordResetEmailRequest(options)
 
+      sinon.spy(request, 'renderSuccess')
+
       request.loadUser()
-        .catch(error => {
-          expect(error.code).to.equal('ACCOUNT_MISSING');
-          expect(error.message).to.equal('Account not found for that username')
+        .catch(() => {
+          expect(request.renderSuccess).to.have.been.called()
           done()
         })
     })

diff --git a/test/validate-turtle.js b/test/validate-turtle.js
@@ -1,4 +1,3 @@
-
 const fs = require('fs')
 const Handlebars = require('handlebars')
 const path = require('path')