/api/user/reset-code (PATCH)
await global.api.user.ResetCode.patch(req) Located in Dashboard API
Returns object
Exceptions
These exceptions are thrown (NodeJS) or returned as JSON (HTTP) if you provide incorrect data or do not meet the requirements:
Exception | Circumstances |
---|---|
invalid querystring codeid | |
invalid-reset-codeid | missing querystring codeid |
invalid-account | ineligible querystring codeid |
NodeJS source (edit on github)
If you see a problem with the source submit a pull request on Github.
const dashboard = require('../../../../index.js')
module.exports = {
get: async (req) => {
if (!req.query || !req.query.codeid) {
throw new Error('invalid-reset-codeid')
}
let code
if (req.cacheData && req.cacheData[req.query.codeid]) {
code = req.cacheData[req.query.codeid]
} else {
code = await dashboard.Storage.read(`${req.appid}/resetCode/${req.query.codeid}`)
}
if (!code) {
throw new Error('invalid-reset-codeid')
}
try {
code = JSON.parse(code)
} catch (error) {
}
if (!code || code.object !== 'resetCode') {
throw new Error('invalid-reset-codeid')
}
if (code.accountid !== req.account.accountid) {
throw new Error('invalid-account')
}
delete (code.secretCodeHash)
return code
}
}
Test source (edit on github)
Tests perform real HTTP requests against a running Dashboard server.
/* eslint-env mocha */
const assert = require('assert')
const TestHelper = require('../../../../test-helper.js')
describe('/api/user/reset-code', () => {
describe('exceptions', () => {
describe('invalid-reset-codeid', () => {
it('missing querystring codeid', async () => {
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/reset-code')
req.account = user.account
req.session = user.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-reset-codeid')
})
it('invalid querystring codeid', async () => {
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/reset-code?codeid=invalid')
req.account = user.account
req.session = user.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-reset-codeid')
})
})
describe('invalid-account', () => {
it('ineligible querystring codeid', async () => {
const user = await TestHelper.createUser()
const user2 = await TestHelper.createUser()
await TestHelper.createResetCode(user2)
const req = TestHelper.createRequest(`/api/user/reset-code?codeid=${user2.resetCode.codeid}`)
req.account = user.account
req.session = user.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-account')
})
})
})
describe('returns', () => {
it('object', async () => {
const user = await TestHelper.createUser()
await TestHelper.createResetCode(user)
const req = TestHelper.createRequest(`/api/user/reset-code?codeid=${user.resetCode.codeid}`)
req.account = user.account
req.session = user.session
req.filename = __filename
req.saveResponse = true
const codeNow = await req.get()
assert.strictEqual(codeNow.object, 'resetCode')
})
})
describe('redacts', () => {
it('secretCodeHash', async () => {
const user = await TestHelper.createUser()
await TestHelper.createResetCode(user)
const req = TestHelper.createRequest(`/api/user/reset-code?codeid=${user.resetCode.codeid}`)
req.account = user.account
req.session = user.session
const codeNow = await req.get()
assert.strictEqual(undefined, codeNow.secretCodeHash)
})
})
})