From 0910eae31de8ed7b409654515dbd11f5c86dbf71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jes=C3=BAs=20Espino?= Date: Wed, 18 Apr 2018 22:46:10 +0200 Subject: MM-9779: Incorporate a Token into the invitations system (#8604) * Incorporate a Token into the invitations system * Adding unit tests * Fixing some api4 client tests * Removing unnecesary hash validation * Change the Hash concept on invitations with tokenId * Not send invitation if it wasn't able to create the Token * Fixing some naming problems * Changing the hash query params received from the client side * Removed unneded data param in the token usage --- api/user_test.go | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'api/user_test.go') diff --git a/api/user_test.go b/api/user_test.go index 518379305..05ec0e096 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -5,7 +5,6 @@ package api import ( "bytes" - "fmt" "image" "image/color" "io" @@ -176,21 +175,26 @@ func TestLogin(t *testing.T) { t.Fatal("Should have errored, signed up without hashed email") } + token := model.NewToken( + app.TOKEN_TYPE_TEAM_INVITATION, + model.MapToJson(map[string]string{"teamId": rteam2.Data.(*model.Team).Id, "email": user2.Email}), + ) + <-th.App.Srv.Store.Token().Save(token) props := make(map[string]string) props["email"] = user2.Email - props["id"] = rteam2.Data.(*model.Team).Id props["display_name"] = rteam2.Data.(*model.Team).DisplayName - props["time"] = fmt.Sprintf("%v", model.GetMillis()) data := model.MapToJson(props) - hash := utils.HashSha256(fmt.Sprintf("%v:%v", data, th.App.Config().EmailSettings.InviteSalt)) - ruser2, err := Client.CreateUserFromSignup(&user2, data, hash) + ruser2, err := Client.CreateUserFromSignup(&user2, data, token.Token) if err != nil { t.Fatal(err) } + if result := <-th.App.Srv.Store.Token().GetByToken(token.Token); result.Err == nil { + t.Fatal("The token must be deleted after be used") + } if _, err := Client.Login(ruser2.Data.(*model.User).Email, user2.Password); err != nil { - t.Fatal("From verified hash") + t.Fatal("From verified token") } Client.AuthToken = authToken -- cgit v1.2.3-1-g7c22