API and REST tests added to ensure complete and valid credentials are…

… supplied for verified error message to be returned - tests added as suggested and fail under previous version of User model - strongloop#931
greaterweb · Jan 5, 2015 · 70f576b · 70f576b
1 parent dc055e5
commit 70f576b
Showing 1 changed file with 26 additions and 1 deletion.
diff --git a/test/user.test.js b/test/user.test.js
@@ -7,7 +7,8 @@ var userMemory = loopback.createDataSource({
 });
 
 describe('User', function() {
-  var validCredentials = {email: '[email protected]', password: 'bar'};
+  var validCredentialsEmail = '[email protected]';
+  var validCredentials = {email: validCredentialsEmail, password: 'bar'};
   var validCredentialsEmailVerified = {email: '[email protected]', password: 'bar1', emailVerified: true};
   var validCredentialsEmailVerifiedOverREST = {email: '[email protected]', password: 'bar2', emailVerified: true};
   var validCredentialsWithTTL = {email: '[email protected]', password: 'bar', ttl: 3600};
@@ -308,6 +309,15 @@ describe('User', function() {
       User.settings.emailVerificationRequired = false;
     });
 
+    it('Require valid and complete credentials for email verification error', function(done) {
+      User.login({ email: validCredentialsEmail }, function(err, accessToken) {
+        // strongloop/loopback#931
+        // error message should be "login failed" and not "login failed as the email has not been verified"
+        assert(err && !/verified/.test(err.message), ('expecting "login failed" error message, received: "' + err.message + '"'));
+        done();
+      });
+    });
+
     it('Login a user by without email verification', function(done) {
       User.login(validCredentials, function(err, accessToken) {
         assert(err);
@@ -339,6 +349,21 @@ describe('User', function() {
         });
     });
 
+    it('Login a user over REST require complete and valid credentials for email verification error message', function(done) {
+      request(app)
+        .post('/users/login')
+        .expect('Content-Type', /json/)
+        .expect(401)
+        .send({ email: validCredentialsEmail })
+        .end(function(err, res) {
+          // strongloop/loopback#931
+          // error message should be "login failed" and not "login failed as the email has not been verified"
+          var errorResponse = res.body.error;
+          assert(errorResponse && !/verified/.test(errorResponse.message), ('expecting "login failed" error message, received: "' + errorResponse.message + '"'));
+          done();
+        });
+    });
+
     it('Login a user over REST without email verification when it is required', function(done) {
       request(app)
         .post('/users/login')