From 133b28ecd1baab01f6eee51b37e7324922dded83 Mon Sep 17 00:00:00 2001 From: Zach Date: Fri, 15 Mar 2024 17:36:11 -0500 Subject: [PATCH] made changes and fixed tests --- common/js/auth-buttons.js | 2 +- common/js/index-buttons.js | 73 +++++++++---------- lib/create-server.js | 4 +- lib/handlers/get.js | 6 +- lib/models/account-manager.js | 2 +- lib/requests/password-reset-email-request.js | 45 ++++++------ test/integration/http-copy-test.js | 4 +- test/unit/create-account-request-test.js | 2 +- .../unit/password-reset-email-request-test.js | 14 ++-- test/validate-turtle.js | 1 - 10 files changed, 74 insertions(+), 79 deletions(-) diff --git a/common/js/auth-buttons.js b/common/js/auth-buttons.js index 2301f23ce..df2c1059f 100644 --- a/common/js/auth-buttons.js +++ b/common/js/auth-buttons.js @@ -39,7 +39,7 @@ // Log the user in on the client and the server async function login () { - alert(`login from this page is no more possible.\n\nYou must ask the pod owner to modify this page or remove it.`) + alert('login from this page is no more possible.\n\nYou must ask the pod owner to modify this page or remove it.') /* deprecated since inrupt/solid-auth-client const session = await auth.popupLogin() if (session) { diff --git a/common/js/index-buttons.js b/common/js/index-buttons.js index c71e10c70..69aa89d1e 100644 --- a/common/js/index-buttons.js +++ b/common/js/index-buttons.js @@ -1,44 +1,43 @@ 'use strict' -var keyname = 'SolidServerRootRedirectLink'; -function register() { - alert(2); window.location.href = "/register"; +const keyname = 'SolidServerRootRedirectLink' +function register () { + alert(2); window.location.href = '/register' } -document.addEventListener('DOMContentLoaded', async function() { - const authn = UI.authn - const authSession = UI.authn.authSession +document.addEventListener('DOMContentLoaded', async function () { + const authn = UI.authn + const authSession = UI.authn.authSession - if (!authn.currentUser()) await authn.checkUser(); - let user = authn.currentUser(); + if (!authn.currentUser()) await authn.checkUser() + const user = authn.currentUser() - // IF LOGGED IN: SET SolidServerRootRedirectLink. LOGOUT - if( user ) { - window.localStorage.setItem(keyname, user.uri); - await authSession.logout(); - } - else { - let webId = window.localStorage.getItem(keyname); + // IF LOGGED IN: SET SolidServerRootRedirectLink. LOGOUT + if (user) { + window.localStorage.setItem(keyname, user.uri) + await authSession.logout() + } else { + const webId = window.localStorage.getItem(keyname) - // IF NOT LOGGED IN AND COOKIE EXISTS: REMOVE COOKIE, HIDE WELCOME, SHOW LINK TO PROFILE - if( webId ) { - window.localStorage.removeItem(keyname); - document.getElementById('loggedIn').style.display = "block"; - document.getElementById('loggedIn').innerHTML = `

Your WebID is : ${webId}.

Visit your profile to log into your Pod.

`; - } + // IF NOT LOGGED IN AND COOKIE EXISTS: REMOVE COOKIE, HIDE WELCOME, SHOW LINK TO PROFILE + if (webId) { + window.localStorage.removeItem(keyname) + document.getElementById('loggedIn').style.display = 'block' + document.getElementById('loggedIn').innerHTML = `

Your WebID is : ${webId}.

Visit your profile to log into your Pod.

` + } - // IF NOT LOGGED IN AND COOKIE DOES NOT EXIST - // SHOW WELCOME, SHOW LOGIN BUTTON - // HIDE LOGIN BUTTON, ADD REGISTER BUTTON - else { - let loginArea = document.getElementById('loginStatusArea'); - let html = `` - let span = document.createElement("span") - span.innerHTML = html - loginArea.appendChild(span); - loginArea.appendChild(UI.login.loginStatusBox(document, null, {})) - const logInButton = loginArea.querySelectorAll('input')[1]; - logInButton.value = "Log in to see your WebID"; - const signUpButton = loginArea.querySelectorAll('input')[2]; - signUpButton.style.display = "none"; - } + // IF NOT LOGGED IN AND COOKIE DOES NOT EXIST + // SHOW WELCOME, SHOW LOGIN BUTTON + // HIDE LOGIN BUTTON, ADD REGISTER BUTTON + else { + const loginArea = document.getElementById('loginStatusArea') + const html = '' + const span = document.createElement('span') + span.innerHTML = html + loginArea.appendChild(span) + loginArea.appendChild(UI.login.loginStatusBox(document, null, {})) + const logInButton = loginArea.querySelectorAll('input')[1] + logInButton.value = 'Log in to see your WebID' + const signUpButton = loginArea.querySelectorAll('input')[2] + signUpButton.style.display = 'none' } -}) \ No newline at end of file + } +}) diff --git a/lib/create-server.js b/lib/create-server.js index d650fe45a..1b8760ef2 100644 --- a/lib/create-server.js +++ b/lib/create-server.js @@ -68,8 +68,8 @@ function createServer (argv, app) { } const credentials = Object.assign({ - key: key, - cert: cert + key, + cert }, argv) if (ldp.webid && ldp.auth === 'tls') { diff --git a/lib/handlers/get.js b/lib/handlers/get.js index b73146ce5..d7c348964 100644 --- a/lib/handlers/get.js +++ b/lib/handlers/get.js @@ -43,9 +43,9 @@ async function handler (req, res, next) { const options = { hostname: req.hostname, - path: path, - includeBody: includeBody, - possibleRDFType: possibleRDFType, + path, + includeBody, + possibleRDFType, range: req.headers.range, contentType: req.headers.accept } diff --git a/lib/models/account-manager.js b/lib/models/account-manager.js index c41cb1ade..0aada4d75 100644 --- a/lib/models/account-manager.js +++ b/lib/models/account-manager.js @@ -552,7 +552,7 @@ class AccountManager { const emailData = { to: userAccount.email, webId: userAccount.webId, - deleteUrl: deleteUrl + deleteUrl } return this.emailService.sendWithTemplate('delete-account', emailData) diff --git a/lib/requests/password-reset-email-request.js b/lib/requests/password-reset-email-request.js index af5715b85..7b11d2aa6 100644 --- a/lib/requests/password-reset-email-request.js +++ b/lib/requests/password-reset-email-request.js @@ -76,7 +76,9 @@ class PasswordResetEmailRequest extends AuthRequest { static post (req, res) { const request = PasswordResetEmailRequest.fromParams(req, res) - debug(`User '${request.username}' requested to be sent a password reset email`) + debug( + `User '${request.username}' requested to be sent a password reset email` + ) return PasswordResetEmailRequest.handlePost(request) } @@ -93,16 +95,9 @@ class PasswordResetEmailRequest extends AuthRequest { return Promise.resolve() .then(() => request.validate()) .then(() => request.loadUser()) - .catch((err) => { - if (err.code === "ACCOUNT_MISSING") { - this.response.render('auth/reset-link-sent') - } else { - return err; - } - }) - .then(userAccount => request.sendResetLink(userAccount)) + .then((userAccount) => request.sendResetLink(userAccount)) .then(() => request.renderSuccess()) - .catch(error => request.error(error)) + .catch((error) => request.error(error)) } /** @@ -127,18 +122,17 @@ class PasswordResetEmailRequest extends AuthRequest { loadUser () { const username = this.username - return this.accountManager.accountExists(username) - .then(exists => { - if (!exists) { - const error = new Error("Account not found for that username") - error.code = "ACCOUNT_MISSING" - throw error - } + return this.accountManager.accountExists(username).then((exists) => { + if (!exists) { + // For security reason avoid leaking error information + // See: https://github.com/nodeSolidServer/node-solid-server/issues/1770 + return this.renderSuccess() + } - const userData = { username } + const userData = { username } - return this.accountManager.userAccountFrom(userData) - }) + return this.accountManager.userAccountFrom(userData) + }) } /** @@ -152,14 +146,17 @@ class PasswordResetEmailRequest extends AuthRequest { sendResetLink (userAccount) { const accountManager = this.accountManager - return accountManager.loadAccountRecoveryEmail(userAccount) - .then(recoveryEmail => { + return accountManager + .loadAccountRecoveryEmail(userAccount) + .then((recoveryEmail) => { userAccount.email = recoveryEmail debug('Sending recovery email to:', recoveryEmail) - return accountManager - .sendPasswordResetEmail(userAccount, this.returnToUrl) + return accountManager.sendPasswordResetEmail( + userAccount, + this.returnToUrl + ) }) } diff --git a/test/integration/http-copy-test.js b/test/integration/http-copy-test.js index f592b13d2..9a31be748 100644 --- a/test/integration/http-copy-test.js +++ b/test/integration/http-copy-test.js @@ -43,8 +43,8 @@ describe('HTTP COPY API', function () { function createOptions (method, url, user) { const options = { - method: method, - url: url, + method, + url, headers: {} } if (user) { diff --git a/test/unit/create-account-request-test.js b/test/unit/create-account-request-test.js index 656f4c687..209588600 100644 --- a/test/unit/create-account-request-test.js +++ b/test/unit/create-account-request-test.js @@ -107,7 +107,7 @@ describe('CreateAccountRequest', () => { const requests = invalidUsernames.map((username) => { const aliceData = { - username: username, password: '1234' + username, password: '1234' } const req = HttpMocks.createRequest({ app: { locals }, body: aliceData }) diff --git a/test/unit/password-reset-email-request-test.js b/test/unit/password-reset-email-request-test.js index d46772891..245f89eda 100644 --- a/test/unit/password-reset-email-request-test.js +++ b/test/unit/password-reset-email-request-test.js @@ -101,10 +101,9 @@ describe('PasswordResetEmailRequest', () => { PasswordResetEmailRequest.post(req, res) .then(() => { - expect(PasswordResetEmailRequest.handlePost).to.have.been.called(); + expect(PasswordResetEmailRequest.handlePost).to.have.been.called() }) }) - }) describe('validate()', () => { @@ -178,8 +177,8 @@ describe('PasswordResetEmailRequest', () => { return PasswordResetEmailRequest.handlePost(request) .then(() => { expect(request.validate).to.have.been.called() - expect(request.loadUser).to.have.been.called(); - expect(request.loadUser).to.throw(); + expect(request.loadUser).to.have.been.called() + expect(request.loadUser).to.throw() }).catch(() => { expect(request.error).to.have.been.called() expect(response.render).to.have.been.calledWith('auth/reset-link-sent') @@ -216,10 +215,11 @@ describe('PasswordResetEmailRequest', () => { const options = { accountManager, username } const request = new PasswordResetEmailRequest(options) + sinon.spy(request, 'renderSuccess') + request.loadUser() - .catch(error => { - expect(error.code).to.equal('ACCOUNT_MISSING'); - expect(error.message).to.equal('Account not found for that username') + .catch(() => { + expect(request.renderSuccess).to.have.been.called() done() }) }) diff --git a/test/validate-turtle.js b/test/validate-turtle.js index a394f8e5c..5b6fbf193 100644 --- a/test/validate-turtle.js +++ b/test/validate-turtle.js @@ -1,4 +1,3 @@ - const fs = require('fs') const Handlebars = require('handlebars') const path = require('path')