Always clear sessions when user password is updated (#3821)

* Adds repro to issue #3289 * Always clear sessions when password is updated
2017-05-16 14:13:09 -04:00
parent 9dbb89a2e4
commit 17a2d269ef
3 changed files with 23 additions and 6 deletions
--- a/spec/ParseServerRESTController.spec.js
+++ b/spec/ParseServerRESTController.spec.js
@@ -135,10 +135,7 @@ describe('ParseServerRESTController', () => {
    }).then(sessions => {
      expect(sessions.length).toBe(0);
      done();
-    }, (err) => {
-      jfail(err);
-      done();
-    });
+    }, done.fail);
  });

  it('ensures a session token is created when passing installationId != cloud', (done) => {
--- a/spec/ParseUser.spec.js
+++ b/spec/ParseUser.spec.js
@@ -2935,4 +2935,21 @@ describe('Parse.User testing', () => {
      done();
    });
  });
+
+  it('should revoke sessions when setting paswword with masterKey (#3289)', (done) => {
+    let user;
+    Parse.User.signUp('username', 'password')
+      .then((newUser) => {
+        user = newUser;
+        user.set('password', 'newPassword');
+        return user.save(null, {useMasterKey: true});
+      }).then(() => {
+        const query = new Parse.Query('_Session');
+        query.equalTo('user', user);
+        return query.find({useMasterKey: true});
+      }).then((results) => {
+        expect(results.length).toBe(0);
+        done();
+      }, done.fail);
+  });
 });