diff --git a/app/templates/server/api/user(auth)/user.model(mongooseModels).js b/app/templates/server/api/user(auth)/user.model(mongooseModels).js index 201afb4bc..008412eaf 100644 --- a/app/templates/server/api/user(auth)/user.model(mongooseModels).js +++ b/app/templates/server/api/user(auth)/user.model(mongooseModels).js @@ -102,7 +102,7 @@ var validatePresenceOf = function(value) { UserSchema .pre('save', function(next) { // Handle new/update passwords - if (this.password) { + if (this.isModified('password')) { if (!validatePresenceOf(this.password)<% if (filters.oauth) { %> && authTypes.indexOf(this.provider) === -1<% } %>) { next(new Error('Invalid password')); } diff --git a/app/templates/server/api/user(auth)/user.model(sequelizeModels).js b/app/templates/server/api/user(auth)/user.model(sequelizeModels).js index af593157a..776eafc3e 100644 --- a/app/templates/server/api/user(auth)/user.model(sequelizeModels).js +++ b/app/templates/server/api/user(auth)/user.model(sequelizeModels).js @@ -89,8 +89,9 @@ module.exports = function(sequelize, DataTypes) { }, beforeUpdate: function(user, fields, fn) { if (user.changed('password')) { - user.updatePassword(fn); + return user.updatePassword(fn); } + fn(); } }, diff --git a/app/templates/server/api/user(auth)/user.model.spec(mongooseModels).js b/app/templates/server/api/user(auth)/user.model.spec(mongooseModels).js index 16de6e2de..1aad3b25e 100644 --- a/app/templates/server/api/user(auth)/user.model.spec(mongooseModels).js +++ b/app/templates/server/api/user(auth)/user.model.spec(mongooseModels).js @@ -2,22 +2,29 @@ var app = require('../../app'); var User = require('./user.model'); - -var user = new User({ - provider: 'local', - name: 'Fake User', - email: 'test@test.com', - password: 'password' -}); +var user; +var genUser = function() { + user = new User({ + provider: 'local', + name: 'Fake User', + email: 'test@test.com', + password: 'password' + }); + return user; +}; describe('User Model', function() { before(function() { // Clear users before testing - return User.remove().exec(); + return User.removeAsync(); + }); + + beforeEach(function() { + genUser(); }); afterEach(function() { - return User.remove().exec(); + return User.removeAsync(); }); it('should begin with no users', function() { @@ -28,21 +35,38 @@ describe('User Model', function() { it('should fail when saving a duplicate user', function() { return user.saveAsync() .then(function() { - var userDup = new User(user); + var userDup = genUser(); return userDup.saveAsync(); }).should.be.rejected; }); - it('should fail when saving without an email', function() { - user.email = ''; - return user.saveAsync().should.be.rejected; + describe('#email', function() { + it('should fail when saving without an email', function() { + user.email = ''; + return user.saveAsync().should.be.rejected; + }); }); - it('should authenticate user if password is valid', function() { - user.authenticate('password').should.be.true; - }); + describe('#password', function() { + beforeEach(function() { + return user.saveAsync(); + }); + + it('should authenticate user if valid', function() { + user.authenticate('password').should.be.true; + }); - it('should not authenticate user if password is invalid', function() { - user.authenticate('blah').should.not.be.true; + it('should not authenticate user if invalid', function() { + user.authenticate('blah').should.not.be.true; + }); + + it('should remain the same hash unless the password is updated', function() { + user.name = 'Test User'; + return user.saveAsync() + .spread(function(u) { + return u.authenticate('password'); + }).should.eventually.be.true; + }); }); + }); diff --git a/app/templates/server/api/user(auth)/user.model.spec(sequelizeModels).js b/app/templates/server/api/user(auth)/user.model.spec(sequelizeModels).js index f499667cd..a7af1bd38 100644 --- a/app/templates/server/api/user(auth)/user.model.spec(sequelizeModels).js +++ b/app/templates/server/api/user(auth)/user.model.spec(sequelizeModels).js @@ -2,16 +2,17 @@ var app = require('../../app'); var User = require('../../sqldb').User; - -var userTemplate = { - provider: 'local', - name: 'Fake User', - email: 'test@test.com', - password: 'password' +var user; +var genUser = function() { + user = User.build({ + provider: 'local', + name: 'Fake User', + email: 'test@test.com', + password: 'password' + }); + return user; }; -var user = User.build(userTemplate); - describe('User Model', function() { before(function() { // Sync and clear users before testing @@ -20,6 +21,10 @@ describe('User Model', function() { }); }); + beforeEach(function() { + genUser(); + }); + afterEach(function() { return User.destroy({ where: {} }); }); @@ -32,21 +37,38 @@ describe('User Model', function() { it('should fail when saving a duplicate user', function() { return user.save() .then(function() { - var userDup = User.build(userTemplate); + var userDup = genUser(); return userDup.save(); }).should.be.rejected; }); - it('should fail when saving without an email', function() { - user.email = ''; - return user.save().should.be.rejected; + describe('#email', function() { + it('should fail when saving without an email', function() { + user.email = ''; + return user.save().should.be.rejected; + }); }); - it('should authenticate user if password is valid', function() { - user.authenticate('password').should.be.true; - }); + describe('#password', function() { + beforeEach(function() { + return user.save(); + }); + + it('should authenticate user if valid', function() { + user.authenticate('password').should.be.true; + }); - it('should not authenticate user if password is invalid', function() { - user.authenticate('blah').should.not.be.true; + it('should not authenticate user if invalid', function() { + user.authenticate('blah').should.not.be.true; + }); + + it('should remain the same hash unless the password is updated', function() { + user.name = 'Test User'; + return user.save() + .then(function(u) { + return u.authenticate('password'); + }).should.eventually.be.true; + }); }); + });