/api/user/reset-account-deleted (PATCH)
Account information like email addresses is generated with faker-js it is not real user information.
await global.api.user.ResetAccountDeleted.patch(req)Returns object
{
"accountid": "acct_eaa7fa319bb25b08",
"object": "account",
"appid": "tests_1656038578",
"profileid": "prof_df5fb30c20cdea6f",
"sessionKeyNumber": 1,
"lastSignedInAt": "2022-06-24T02:42:58.000Z",
"owner": true,
"ownerSince": "2022-06-24T02:42:58.000Z",
"administrator": true,
"administratorSince": "2022-06-24T02:42:58.000Z",
"createdAt": "2022-06-24T02:42:58.555Z",
"updatedAt": "2022-06-24T02:42:58.600Z"
}Exceptions
These exceptions are thrown (NodeJS) or returned as JSON (HTTP) if you provide incorrect data or do not meet the requirements:
| Exception | Circumstances |
|---|---|
| invalid-account | credentialed account is not scheduled for deletion |
| invalid-password | missing posted password |
| invalid posted password | |
| invalid-username | missing posted username |
| invalid posted username |
NodeJS source (view on github)
const dashboard = require('../../../../index.js')
module.exports = {
auth: false,
patch: async (req) => {
if (!req.body) {
throw new Error('invalid-username')
}
if (!req.body.username) {
throw new Error('invalid-username')
}
if (!req.body.username || !req.body.username.length) {
throw new Error('invalid-username')
}
if (global.minimumUsernameLength > req.body.username.length) {
throw new Error('invalid-username-length')
}
if (!req.body.password || !req.body.password.length) {
throw new Error('invalid-password')
}
if (global.minimumPasswordLength > req.body.password.length) {
throw new Error('invalid-password-length')
}
let dashboardEncryptionKey = global.dashboardEncryptionKey
if (req.server) {
dashboardEncryptionKey = req.server.dashboardEncryptionKey || dashboardEncryptionKey
}
const usernameHash = await dashboard.Hash.sha512Hash(req.body.username, dashboardEncryptionKey)
const accountInfo = await dashboard.Storage.Account.findOne({
where: {
usernameHash,
appid: req.appid || global.appid
}
})
if (!accountInfo) {
throw new Error('invalid-username')
}
const validPassword = await dashboard.Hash.bcryptHashCompare(req.body.password, accountInfo.dataValues.passwordHash, dashboardEncryptionKey)
if (!validPassword) {
throw new Error('invalid-password')
}
const query = req.query
req.query = {
accountid: accountInfo.dataValues.accountid
}
const account = await global.api.administrator.Account.get(req)
if (!account) {
throw new Error('invalid-account')
}
if (!account.deletedAt) {
throw new Error('invalid-account')
}
if (new Date(account.deletedAt).getTime() < new Date().getTime()) {
throw new Error('invalid-account')
}
await dashboard.Storage.Account.update({
deletedAt: null
}, {
where: {
accountid: accountInfo.dataValues.accountid,
appid: req.appid || global.appid
}
})
req.account = account
req.query = {
accountid: account.accountid
}
await dashboard.StorageCache.remove(account.accountid)
const accountNow = await global.api.user.Account.get(req)
req.query = query
return accountNow
}
}
Test source (view on github)
/* eslint-env mocha */
const assert = require('assert')
const TestHelper = require('../../../../test-helper.js')
describe('/api/user/reset-account-deleted', () => {
describe('exceptions', () => {
describe('invalid-username', () => {
it('missing posted username', async () => {
const user = await TestHelper.createUser()
await TestHelper.setDeleted(user)
const req = TestHelper.createRequest('/api/user/reset-account-deleted')
req.body = {
username: '',
password: 'password'
}
let errorMessage
try {
await req.patch()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-username')
})
it('invalid posted username', async () => {
const user = await TestHelper.createUser()
await TestHelper.setDeleted(user)
const req = TestHelper.createRequest('/api/user/reset-account-deleted')
req.body = {
username: 'invalid',
password: 'password'
}
let errorMessage
try {
await req.patch()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-username')
})
})
describe('invalid-password', () => {
it('missing posted password', async () => {
const user = await TestHelper.createUser()
await TestHelper.setDeleted(user)
const req = TestHelper.createRequest('/api/user/reset-account-deleted')
req.body = {
username: 'username',
password: ''
}
let errorMessage
try {
await req.patch()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-password')
})
it('invalid posted password', async () => {
const user = await TestHelper.createUser()
await TestHelper.setDeleted(user)
const req = TestHelper.createRequest('/api/user/reset-account-deleted')
req.body = {
username: user.account.username,
password: 'invalid'
}
let errorMessage
try {
await req.patch()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-password')
})
})
describe('invalid-account', () => {
it('credentialed account is not scheduled for deletion', async () => {
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/reset-account-deleted')
req.account = user.account
req.session = user.session
req.body = {
username: user.account.username,
password: user.account.password
}
let errorMessage
try {
await req.patch()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-account')
})
})
})
describe('returns', () => {
it('object', async () => {
const user = await TestHelper.createUser()
await TestHelper.setDeleted(user)
const req = TestHelper.createRequest('/api/user/reset-account-deleted')
req.body = {
username: user.account.username,
password: user.account.password
}
req.filename = __filename
req.saveResponse = true
const accountNow = await req.patch()
assert.strictEqual(undefined, accountNow.deletedAt)
})
})
})