Dashboard API explorer

/api/user/account (GET)

Account information like email addresses is generated with faker-js it is not real user information.

await global.api.user.Account.get(req)

Returns object

{
  "accountid": "acct_7436aec6df92ea9b",
  "object": "account",
  "appid": "tests_1656038573",
  "profileid": "prof_41f48cd4fa8a1844",
  "sessionKeyNumber": 1,
  "lastSignedInAt": "2022-06-24T02:42:53.000Z",
  "owner": true,
  "ownerSince": "2022-06-24T02:42:53.000Z",
  "administrator": true,
  "administratorSince": "2022-06-24T02:42:53.000Z",
  "createdAt": "2022-06-24T02:42:53.118Z",
  "updatedAt": "2022-06-24T02:42:53.140Z"
}

Exceptions

These exceptions are thrown (NodeJS) or returned as JSON (HTTP) if you provide incorrect data or do not meet the requirements:

Exception Circumstances
invalid-account ineligible accessing account
invalid-accountid missing querystring accountid
invalid querystring accountid

NodeJS source (view on github)

const dashboard = require('../../../../index.js')

module.exports = {
  get: async (req) => {
    if (!req.query || !req.query.accountid) {
      throw new Error('invalid-accountid')
    }
    let account = await dashboard.StorageCache.get(req.query.accountid)
    if (!account) {
      let accountInfo
      try {
        accountInfo = await dashboard.Storage.Account.findOne({
          where: {
            accountid: req.query.accountid,
            appid: req.appid || global.appid
          }
        })
      } catch (error) {
      }
      if (!accountInfo) {
        throw new Error('invalid-accountid')
      }
      account = {}
      for (const field of accountInfo._options.attributes) {
        account[field] = accountInfo.get(field)
      }
      await dashboard.StorageCache.set(req.query.accountid, account)
    }
    if (req.query.accountid !== req.account.accountid) {
      throw new Error('invalid-account')
    }
    delete (account.sessionKey)
    delete (account.usernameHash)
    delete (account.passwordHash)
    return account
  }
}

Test source (view on github)

/* eslint-env mocha */
const assert = require('assert')
const TestHelper = require('../../../../test-helper.js')

describe('/api/user/account', () => {
  describe('exceptions', () => {
    describe('invalid-accountid', () => {
      it('missing querystring accountid', async () => {
        const user = await TestHelper.createUser()
        const req = TestHelper.createRequest('/api/user/account')
        req.account = user.account
        req.session = user.session
        let errorMessage
        try {
          await req.get()
        } catch (error) {
          errorMessage = error.message
        }
        assert.strictEqual(errorMessage, 'invalid-accountid')
      })

      it('invalid querystring accountid', async () => {
        const user = await TestHelper.createUser()
        const req = TestHelper.createRequest('/api/user/account?accountid=invalid')
        req.account = user.account
        req.session = user.session
        let errorMessage
        try {
          await req.get()
        } catch (error) {
          errorMessage = error.message
        }
        assert.strictEqual(errorMessage, 'invalid-accountid')
      })
    })

    describe('invalid-account', () => {
      it('ineligible accessing account', async () => {
        const user = await TestHelper.createUser()
        const user2 = await TestHelper.createUser()
        const req = TestHelper.createRequest(`/api/user/account?accountid=${user2.account.accountid}`)
        req.account = user.account
        req.session = user.session
        let errorMessage
        try {
          await req.get()
        } catch (error) {
          errorMessage = error.message
        }
        assert.strictEqual(errorMessage, 'invalid-account')
      })
    })
  })

  describe('returns', () => {
    it('object', async () => {
      const user = await TestHelper.createUser()
      const req = TestHelper.createRequest(`/api/user/account?accountid=${user.account.accountid}`)
      req.account = user.account
      req.session = user.session
      req.filename = __filename
      req.saveResponse = true
      const account = await req.get()
      assert.strictEqual(account.accountid, user.account.accountid)
    })
  })

  describe('redacts', () => {
    it('usernameHash', async () => {
      const user = await TestHelper.createUser()
      const req = TestHelper.createRequest(`/api/user/account?accountid=${user.account.accountid}`)
      req.account = user.account
      req.session = user.session
      const account = await req.get()
      assert.strictEqual(undefined, account.usernameHash)
    })

    it('passwordHash', async () => {
      const user = await TestHelper.createUser()
      const req = TestHelper.createRequest(`/api/user/account?accountid=${user.account.accountid}`)
      req.account = user.account
      req.session = user.session
      const account = await req.get()
      assert.strictEqual(undefined, account.passwordHash)
    })

    it('sessionKey', async () => {
      const user = await TestHelper.createUser()
      const req = TestHelper.createRequest(`/api/user/account?accountid=${user.account.accountid}`)
      req.account = user.account
      req.session = user.session
      const account = await req.get()
      assert.strictEqual(undefined, account.sessionKey)
    })
  })
})