Skip to content

Commit 80ab7b9

Browse files
dblythydblythy
committed
Revert "fix: remove username from verification emails"
This reverts commit 78c67d4.
1 parent c38a4a9 commit 80ab7b9

12 files changed

+216
-132
lines changed

spec/AccountLockoutPolicy.spec.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -419,7 +419,7 @@ describe('lockout with password reset option', () => {
419419
await request({
420420
method: 'POST',
421421
url: `${config.publicServerURL}/apps/test/request_password_reset`,
422-
body: `new_password=${newPassword}&token=${token}`,
422+
body: `new_password=${newPassword}&token=${token}&username=${username}`,
423423
headers: {
424424
'Content-Type': 'application/x-www-form-urlencoded',
425425
},
@@ -454,7 +454,7 @@ describe('lockout with password reset option', () => {
454454
await request({
455455
method: 'POST',
456456
url: `${config.publicServerURL}/apps/test/request_password_reset`,
457-
body: `new_password=${newPassword}&token=${token}`,
457+
body: `new_password=${newPassword}&token=${token}&username=${username}`,
458458
headers: {
459459
'Content-Type': 'application/x-www-form-urlencoded',
460460
},

spec/EmailVerificationToken.spec.js

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ describe('Email Verification Token Expiration: ', () => {
3939
}).then(response => {
4040
expect(response.status).toEqual(302);
4141
expect(response.text).toEqual(
42-
'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?appId=test'
42+
'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?username=testEmailVerifyTokenValidity&appId=test'
4343
);
4444
done();
4545
});
@@ -133,7 +133,7 @@ describe('Email Verification Token Expiration: ', () => {
133133
}).then(response => {
134134
expect(response.status).toEqual(302);
135135
expect(response.text).toEqual(
136-
'Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html'
136+
'Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html?username=testEmailVerifyTokenValidity'
137137
);
138138
done();
139139
});
@@ -392,7 +392,7 @@ describe('Email Verification Token Expiration: ', () => {
392392
}).then(response => {
393393
expect(response.status).toEqual(302);
394394
expect(response.text).toEqual(
395-
'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?appId=test'
395+
'Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html?username=testEmailVerifyTokenValidity'
396396
);
397397
done();
398398
});
@@ -445,7 +445,7 @@ describe('Email Verification Token Expiration: ', () => {
445445
}).then(response => {
446446
expect(response.status).toEqual(302);
447447
expect(response.text).toEqual(
448-
'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?appId=test'
448+
'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?username=testEmailVerifyTokenValidity&appId=test'
449449
);
450450
done();
451451
});

spec/PagesRouter.spec.js

Lines changed: 24 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,7 @@ describe('Pages Router', () => {
108108
const res = await request({
109109
method: 'POST',
110110
url: 'http://localhost:8378/1/apps/test/request_password_reset',
111-
body: `new_password=user1&token=43634643`,
111+
body: `new_password=user1&token=43634643&username=username`,
112112
headers: {
113113
'Content-Type': 'application/x-www-form-urlencoded',
114114
'X-Requested-With': 'XMLHttpRequest',
@@ -124,7 +124,7 @@ describe('Pages Router', () => {
124124
await request({
125125
method: 'POST',
126126
url: 'http://localhost:8378/1/apps/test/request_password_reset',
127-
body: `new_password=&token=132414`,
127+
body: `new_password=&token=132414&username=Johnny`,
128128
headers: {
129129
'Content-Type': 'application/x-www-form-urlencoded',
130130
'X-Requested-With': 'XMLHttpRequest',
@@ -137,12 +137,30 @@ describe('Pages Router', () => {
137137
}
138138
});
139139

140+
it('request_password_reset: responds with AJAX error on missing username', async () => {
141+
try {
142+
await request({
143+
method: 'POST',
144+
url: 'http://localhost:8378/1/apps/test/request_password_reset',
145+
body: `new_password=user1&token=43634643&username=`,
146+
headers: {
147+
'Content-Type': 'application/x-www-form-urlencoded',
148+
'X-Requested-With': 'XMLHttpRequest',
149+
},
150+
followRedirects: false,
151+
});
152+
} catch (error) {
153+
expect(error.status).not.toBe(302);
154+
expect(error.text).toEqual('{"code":200,"error":"Missing username"}');
155+
}
156+
});
157+
140158
it('request_password_reset: responds with AJAX error on missing token', async () => {
141159
try {
142160
await request({
143161
method: 'POST',
144162
url: 'http://localhost:8378/1/apps/test/request_password_reset',
145-
body: `new_password=user1&token=`,
163+
body: `new_password=user1&token=&username=Johnny`,
146164
headers: {
147165
'Content-Type': 'application/x-www-form-urlencoded',
148166
'X-Requested-With': 'XMLHttpRequest',
@@ -559,7 +577,7 @@ describe('Pages Router', () => {
559577
spyOnProperty(Page.prototype, 'defaultFile').and.returnValue(jsonPageFile);
560578

561579
const response = await request({
562-
url: `http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&locale=${exampleLocale}`,
580+
url: `http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&username=exampleUsername&locale=${exampleLocale}`,
563581
followRedirects: false,
564582
}).catch(e => e);
565583
expect(response.status).toEqual(200);
@@ -608,7 +626,7 @@ describe('Pages Router', () => {
608626
await reconfigureServer(config);
609627
const response = await request({
610628
url:
611-
'http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&locale=de-AT',
629+
'http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&username=exampleUsername&locale=de-AT',
612630
followRedirects: false,
613631
method: 'POST',
614632
});
@@ -622,7 +640,7 @@ describe('Pages Router', () => {
622640
await reconfigureServer(config);
623641
const response = await request({
624642
url:
625-
'http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&locale=de-AT',
643+
'http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&username=exampleUsername&locale=de-AT',
626644
followRedirects: false,
627645
method: 'GET',
628646
});

spec/PasswordPolicy.spec.js

Lines changed: 21 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@ describe('Password Policy: ', () => {
107107
})
108108
.then(response => {
109109
expect(response.status).toEqual(302);
110-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=[a-zA-Z0-9]+\&id=test\&/;
110+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=[a-zA-Z0-9]+\&id=test\&username=testResetTokenValidity/;
111111
expect(response.text.match(re)).not.toBe(null);
112112
done();
113113
})
@@ -622,7 +622,7 @@ describe('Password Policy: ', () => {
622622
})
623623
.then(response => {
624624
expect(response.status).toEqual(302);
625-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
625+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
626626
const match = response.text.match(re);
627627
if (!match) {
628628
fail('should have a token');
@@ -634,7 +634,7 @@ describe('Password Policy: ', () => {
634634
request({
635635
method: 'POST',
636636
url: 'http://localhost:8378/1/apps/test/request_password_reset',
637-
body: `new_password=has2init&token=${token}`,
637+
body: `new_password=has2init&token=${token}&username=user1`,
638638
headers: {
639639
'Content-Type': 'application/x-www-form-urlencoded',
640640
},
@@ -645,7 +645,7 @@ describe('Password Policy: ', () => {
645645
.then(response => {
646646
expect(response.status).toEqual(302);
647647
expect(response.text).toEqual(
648-
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html'
648+
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
649649
);
650650

651651
Parse.User.logIn('user1', 'has2init')
@@ -714,7 +714,7 @@ describe('Password Policy: ', () => {
714714
})
715715
.then(response => {
716716
expect(response.status).toEqual(302);
717-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
717+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
718718
const match = response.text.match(re);
719719
if (!match) {
720720
fail('should have a token');
@@ -726,7 +726,7 @@ describe('Password Policy: ', () => {
726726
request({
727727
method: 'POST',
728728
url: 'http://localhost:8378/1/apps/test/request_password_reset',
729-
body: `new_password=hasnodigit&token=${token}`,
729+
body: `new_password=hasnodigit&token=${token}&username=user1`,
730730
headers: {
731731
'Content-Type': 'application/x-www-form-urlencoded',
732732
},
@@ -737,7 +737,7 @@ describe('Password Policy: ', () => {
737737
.then(response => {
738738
expect(response.status).toEqual(302);
739739
expect(response.text).toEqual(
740-
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?token=${token}&id=test&error=Password%20should%20contain%20at%20least%20one%20digit.&app=passwordPolicy`
740+
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=Password%20should%20contain%20at%20least%20one%20digit.&app=passwordPolicy`
741741
);
742742

743743
Parse.User.logIn('user1', 'has 1 digit')
@@ -900,7 +900,7 @@ describe('Password Policy: ', () => {
900900
})
901901
.then(response => {
902902
expect(response.status).toEqual(302);
903-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
903+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
904904
const match = response.text.match(re);
905905
if (!match) {
906906
fail('should have a token');
@@ -912,7 +912,7 @@ describe('Password Policy: ', () => {
912912
request({
913913
method: 'POST',
914914
url: 'http://localhost:8378/1/apps/test/request_password_reset',
915-
body: `new_password=xuser12&token=${token}`,
915+
body: `new_password=xuser12&token=${token}&username=user1`,
916916
headers: {
917917
'Content-Type': 'application/x-www-form-urlencoded',
918918
},
@@ -923,7 +923,7 @@ describe('Password Policy: ', () => {
923923
.then(response => {
924924
expect(response.status).toEqual(302);
925925
expect(response.text).toEqual(
926-
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?token=${token}&id=test&error=Password%20cannot%20contain%20your%20username.&app=passwordPolicy`
926+
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=Password%20cannot%20contain%20your%20username.&app=passwordPolicy`
927927
);
928928

929929
Parse.User.logIn('user1', 'r@nd0m')
@@ -991,7 +991,7 @@ describe('Password Policy: ', () => {
991991
resolveWithFullResponse: true,
992992
});
993993
expect(response.status).toEqual(302);
994-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
994+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
995995
const match = response.text.match(re);
996996
if (!match) {
997997
fail('should have a token');
@@ -1003,7 +1003,7 @@ describe('Password Policy: ', () => {
10031003
await request({
10041004
method: 'POST',
10051005
url: 'http://localhost:8378/1/apps/test/request_password_reset',
1006-
body: `new_password=xuser12&token=${token}`,
1006+
body: `new_password=xuser12&token=${token}&username=user1`,
10071007
headers: {
10081008
'Content-Type': 'application/x-www-form-urlencoded',
10091009
'X-Requested-With': 'XMLHttpRequest',
@@ -1051,7 +1051,7 @@ describe('Password Policy: ', () => {
10511051
})
10521052
.then(response => {
10531053
expect(response.status).toEqual(302);
1054-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
1054+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
10551055
const match = response.text.match(re);
10561056
if (!match) {
10571057
fail('should have a token');
@@ -1063,7 +1063,7 @@ describe('Password Policy: ', () => {
10631063
request({
10641064
method: 'POST',
10651065
url: 'http://localhost:8378/1/apps/test/request_password_reset',
1066-
body: `new_password=uuser11&token=${token}`,
1066+
body: `new_password=uuser11&token=${token}&username=user1`,
10671067
headers: {
10681068
'Content-Type': 'application/x-www-form-urlencoded',
10691069
},
@@ -1074,7 +1074,7 @@ describe('Password Policy: ', () => {
10741074
.then(response => {
10751075
expect(response.status).toEqual(302);
10761076
expect(response.text).toEqual(
1077-
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html'
1077+
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
10781078
);
10791079

10801080
Parse.User.logIn('user1', 'uuser11')
@@ -1317,7 +1317,7 @@ describe('Password Policy: ', () => {
13171317
})
13181318
.then(response => {
13191319
expect(response.status).toEqual(302);
1320-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
1320+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
13211321
const match = response.text.match(re);
13221322
if (!match) {
13231323
fail('should have a token');
@@ -1329,7 +1329,7 @@ describe('Password Policy: ', () => {
13291329
request({
13301330
method: 'POST',
13311331
url: 'http://localhost:8378/1/apps/test/request_password_reset',
1332-
body: `new_password=uuser11&token=${token}`,
1332+
body: `new_password=uuser11&token=${token}&username=user1`,
13331333
headers: {
13341334
'Content-Type': 'application/x-www-form-urlencoded',
13351335
},
@@ -1340,7 +1340,7 @@ describe('Password Policy: ', () => {
13401340
.then(response => {
13411341
expect(response.status).toEqual(302);
13421342
expect(response.text).toEqual(
1343-
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html'
1343+
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
13441344
);
13451345

13461346
Parse.User.logIn('user1', 'uuser11')
@@ -1472,7 +1472,7 @@ describe('Password Policy: ', () => {
14721472
})
14731473
.then(response => {
14741474
expect(response.status).toEqual(302);
1475-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
1475+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
14761476
const match = response.text.match(re);
14771477
if (!match) {
14781478
fail('should have a token');
@@ -1484,7 +1484,7 @@ describe('Password Policy: ', () => {
14841484
return request({
14851485
method: 'POST',
14861486
url: 'http://localhost:8378/1/apps/test/request_password_reset',
1487-
body: `new_password=user1&token=${token}`,
1487+
body: `new_password=user1&token=${token}&username=user1`,
14881488
headers: {
14891489
'Content-Type': 'application/x-www-form-urlencoded',
14901490
},
@@ -1500,7 +1500,7 @@ describe('Password Policy: ', () => {
15001500
const token = data[1];
15011501
expect(response.status).toEqual(302);
15021502
expect(response.text).toEqual(
1503-
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?token=${token}&id=test&error=New%20password%20should%20not%20be%20the%20same%20as%20last%201%20passwords.&app=passwordPolicy`
1503+
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=New%20password%20should%20not%20be%20the%20same%20as%20last%201%20passwords.&app=passwordPolicy`
15041504
);
15051505
done();
15061506
return Promise.resolve();

spec/PublicAPI.spec.js

Lines changed: 24 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,28 @@ const request = function (url, callback) {
1010
};
1111

1212
describe('public API', () => {
13+
it('should return missing username error on ajax request without username provided', async () => {
14+
await reconfigureServer({
15+
publicServerURL: 'http://localhost:8378/1',
16+
});
17+
18+
try {
19+
await req({
20+
method: 'POST',
21+
url: 'http://localhost:8378/1/apps/test/request_password_reset',
22+
body: `new_password=user1&token=43634643&username=`,
23+
headers: {
24+
'Content-Type': 'application/x-www-form-urlencoded',
25+
'X-Requested-With': 'XMLHttpRequest',
26+
},
27+
followRedirects: false,
28+
});
29+
} catch (error) {
30+
expect(error.status).not.toBe(302);
31+
expect(error.text).toEqual('{"code":200,"error":"Missing username"}');
32+
}
33+
});
34+
1335
it('should return missing token error on ajax request without token provided', async () => {
1436
await reconfigureServer({
1537
publicServerURL: 'http://localhost:8378/1',
@@ -19,7 +41,7 @@ describe('public API', () => {
1941
await req({
2042
method: 'POST',
2143
url: 'http://localhost:8378/1/apps/test/request_password_reset',
22-
body: `new_password=user1&token=`,
44+
body: `new_password=user1&token=&username=Johnny`,
2345
headers: {
2446
'Content-Type': 'application/x-www-form-urlencoded',
2547
'X-Requested-With': 'XMLHttpRequest',
@@ -41,7 +63,7 @@ describe('public API', () => {
4163
await req({
4264
method: 'POST',
4365
url: 'http://localhost:8378/1/apps/test/request_password_reset',
44-
body: `new_password=&token=132414`,
66+
body: `new_password=&token=132414&username=Johnny`,
4567
headers: {
4668
'Content-Type': 'application/x-www-form-urlencoded',
4769
'X-Requested-With': 'XMLHttpRequest',

0 commit comments

Comments
 (0)