joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1001 from ParsePlatform/flovilmart.queryStringForEmailResets

Browse Source 
Properly querystring encode the parameters
This commit is contained in:
Florent Vilmart
2016-03-17 08:16:46 -04:00
parent 9624970cd0 0bd21cb808
commit 5c8ad833c7
3 changed files with 67 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
spec/ValidationAndPasswordsReset.spec.js
View File

@@ -311,7 +311,7 @@ describe("Email Verification", () => {
followRedirect: false, followRedirect: false,
}, (error, response, body) => { }, (error, response, body) => {
expect(response.statusCode).toEqual(302); expect(response.statusCode).toEqual(302);
expect(response.body).toEqual('Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html?username=zxcv'); expect(response.body).toEqual('Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html?username=user');
user.fetch() user.fetch()
.then(() => { .then(() => {
expect(user.get('emailVerified')).toEqual(true); expect(user.get('emailVerified')).toEqual(true);
@@ -342,7 +342,7 @@ describe("Email Verification", () => {
publicServerURL: "http://localhost:8378/1" publicServerURL: "http://localhost:8378/1"
}); });
user.setPassword("asdf"); user.setPassword("asdf");
user.setUsername("zxcv"); user.setUsername("user");
user.set('email', 'user@parse.com'); user.set('email', 'user@parse.com');
user.signUp(); user.signUp();
}); });
@@ -468,7 +468,7 @@ describe("Password Reset", () => {
return; return;
} }
expect(response.statusCode).toEqual(302); expect(response.statusCode).toEqual(302);
var re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=[a-zA-Z0-9]+\&id=test\&username=zxcv/; var re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=[a-zA-Z0-9]+\&id=test\&username=zxcv%2Bzxcv/;
expect(response.body.match(re)).not.toBe(null); expect(response.body.match(re)).not.toBe(null);
done(); done();
}); });
@@ -491,7 +491,7 @@ describe("Password Reset", () => {
publicServerURL: "http://localhost:8378/1" publicServerURL: "http://localhost:8378/1"
}); });
user.setPassword("asdf"); user.setPassword("asdf");
user.setUsername("zxcv"); user.setUsername("zxcv+zxcv");
user.set('email', 'user@parse.com'); user.set('email', 'user@parse.com');
user.signUp().then(() => { user.signUp().then(() => {
Parse.User.requestPasswordReset('user@parse.com', { Parse.User.requestPasswordReset('user@parse.com', {
@@ -615,4 +615,3 @@ describe("Password Reset", () => {
}); });
}) })

8
src/PromiseRouter.js
View File

@@ -176,11 +176,13 @@ function makeExpressHandler(promiseHandler) {
return res.send(result.text); return res.send(result.text);
} }
if (result.location && !result.response) {
return res.redirect(result.location);
}
if (result.location) { if (result.location) {
res.set('Location', result.location); res.set('Location', result.location);
// Override the default expressjs response
// as it double encodes %encoded chars in URL
if (!result.response) {
return res.send('Found. Redirecting to '+result.location);
}
} }
res.json(result.response); res.json(result.response);
}, (e) => { }, (e) => {

10
src/Routers/PublicAPIRouter.js
View File

@@ -4,6 +4,7 @@ import Config from '../Config';
import express from 'express'; import express from 'express';
import path from 'path'; import path from 'path';
import fs from 'fs'; import fs from 'fs';
import qs from 'querystring';
let public_html = path.resolve(__dirname, "../../public_html"); let public_html = path.resolve(__dirname, "../../public_html");
let views = path.resolve(__dirname, '../../views'); let views = path.resolve(__dirname, '../../views');
@@ -25,9 +26,10 @@ export class PublicAPIRouter extends PromiseRouter {
let userController = config.userController; let userController = config.userController;
return userController.verifyEmail(username, token).then( () => { return userController.verifyEmail(username, token).then( () => {
let params = qs.stringify({username});
return Promise.resolve({ return Promise.resolve({
status: 302, status: 302,
location: `${config.verifyEmailSuccessURL}?username=${username}` location: `${config.verifyEmailSuccessURL}?${params}`
}); });
}, ()=> { }, ()=> {
return this.invalidLink(req); return this.invalidLink(req);
@@ -71,9 +73,10 @@ export class PublicAPIRouter extends PromiseRouter {
} }
return config.userController.checkResetTokenValidity(username, token).then( (user) => { return config.userController.checkResetTokenValidity(username, token).then( (user) => {
let params = qs.stringify({token, id: config.applicationId, username, app: config.appName, });
return Promise.resolve({ return Promise.resolve({
status: 302, status: 302,
location: `${config.choosePasswordURL}?token=${token}&id=${config.applicationId}&username=${username}&app=${config.appName}` location: `${config.choosePasswordURL}?${params}`
}) })
}, () => { }, () => {
return this.invalidLink(req); return this.invalidLink(req);
@@ -104,9 +107,10 @@ export class PublicAPIRouter extends PromiseRouter {
location: config.passwordResetSuccessURL location: config.passwordResetSuccessURL
}); });
}, (err) => { }, (err) => {
let params = qs.stringify({username: username, token: token, id: config.applicationId, error:err, app:config.appName})
return Promise.resolve({ return Promise.resolve({
status: 302, status: 302,
location: `${config.choosePasswordURL}?token=${token}&id=${config.applicationId}&username=${username}&error=${err}&app=${config.appName}` location: `${config.choosePasswordURL}?${params}`
}); });
}); });