/api/user/reset-code (PATCH)
Account information like email addresses is generated with faker-js it is not real user information.
await global.api.user.ResetCode.patch(req)Returns object
{
"codeid": "code_362db58b79c59421",
"object": "resetCode",
"appid": "tests_1656038578",
"accountid": "acct_0050fb4fda90b191",
"createdAt": "2022-06-24T02:42:58.987Z",
"updatedAt": "2022-06-24T02:42:58.987Z"
}Exceptions
These exceptions are thrown (NodeJS) or returned as JSON (HTTP) if you provide incorrect data or do not meet the requirements:
| Exception | Circumstances |
|---|---|
| invalid-account | ineligible querystring codeid |
| invalid-reset-codeid | missing querystring codeid |
| invalid querystring codeid |
NodeJS source (view on github)
const dashboard = require('../../../../index.js')
module.exports = {
get: async (req) => {
if (!req.query || !req.query.codeid) {
throw new Error('invalid-reset-codeid')
}
let code = await dashboard.StorageCache.get(req.query.codeid)
if (!code) {
let codeInfo
if (!codeInfo) {
try {
codeInfo = await dashboard.Storage.ResetCode.findOne({
where: {
codeid: req.query.codeid,
appid: req.appid || global.appid
}
})
} catch (error) {
}
}
if (!codeInfo) {
throw new Error('invalid-reset-codeid')
}
code = {}
for (const field of codeInfo._options.attributes) {
code[field] = codeInfo.get(field)
}
await dashboard.StorageCache.set(req.query.codeid, code)
}
if (code.accountid !== req.account.accountid) {
throw new Error('invalid-account')
}
delete (code.secretCodeHash)
return code
}
}
Test source (view on github)
/* eslint-env mocha */
const assert = require('assert')
const TestHelper = require('../../../../test-helper.js')
describe('/api/user/reset-code', () => {
describe('exceptions', () => {
describe('invalid-reset-codeid', () => {
it('missing querystring codeid', async () => {
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/reset-code')
req.account = user.account
req.session = user.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-reset-codeid')
})
it('invalid querystring codeid', async () => {
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/reset-code?codeid=invalid')
req.account = user.account
req.session = user.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-reset-codeid')
})
})
describe('invalid-account', () => {
it('ineligible querystring codeid', async () => {
const user = await TestHelper.createUser()
const user2 = await TestHelper.createUser()
await TestHelper.createResetCode(user2)
const req = TestHelper.createRequest(`/api/user/reset-code?codeid=${user2.resetCode.codeid}`)
req.account = user.account
req.session = user.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-account')
})
})
})
describe('returns', () => {
it('object', async () => {
const user = await TestHelper.createUser()
await TestHelper.createResetCode(user)
const req = TestHelper.createRequest(`/api/user/reset-code?codeid=${user.resetCode.codeid}`)
req.account = user.account
req.session = user.session
req.filename = __filename
req.saveResponse = true
const codeNow = await req.get()
assert.strictEqual(codeNow.object, 'resetCode')
})
})
describe('redacts', () => {
it('secretCodeHash', async () => {
const user = await TestHelper.createUser()
await TestHelper.createResetCode(user)
const req = TestHelper.createRequest(`/api/user/reset-code?codeid=${user.resetCode.codeid}`)
req.account = user.account
req.session = user.session
const codeNow = await req.get()
assert.strictEqual(undefined, codeNow.secretCodeHash)
})
})
})