Skip to content

Commit 78c67d4

Browse files
dblythydblythy
committed
fix: remove username from verification emails
1 parent 65e5879 commit 78c67d4

12 files changed

+132
-216
lines changed

spec/AccountLockoutPolicy.spec.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -419,7 +419,7 @@ describe('lockout with password reset option', () => {
419419
await request({
420420
method: 'POST',
421421
url: `${config.publicServerURL}/apps/test/request_password_reset`,
422-
body: `new_password=${newPassword}&token=${token}&username=${username}`,
422+
body: `new_password=${newPassword}&token=${token}`,
423423
headers: {
424424
'Content-Type': 'application/x-www-form-urlencoded',
425425
},
@@ -454,7 +454,7 @@ describe('lockout with password reset option', () => {
454454
await request({
455455
method: 'POST',
456456
url: `${config.publicServerURL}/apps/test/request_password_reset`,
457-
body: `new_password=${newPassword}&token=${token}&username=${username}`,
457+
body: `new_password=${newPassword}&token=${token}`,
458458
headers: {
459459
'Content-Type': 'application/x-www-form-urlencoded',
460460
},

spec/EmailVerificationToken.spec.js

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ describe('Email Verification Token Expiration: ', () => {
3939
}).then(response => {
4040
expect(response.status).toEqual(302);
4141
expect(response.text).toEqual(
42-
'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?username=testEmailVerifyTokenValidity&appId=test'
42+
'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?appId=test'
4343
);
4444
done();
4545
});
@@ -133,7 +133,7 @@ describe('Email Verification Token Expiration: ', () => {
133133
}).then(response => {
134134
expect(response.status).toEqual(302);
135135
expect(response.text).toEqual(
136-
'Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html?username=testEmailVerifyTokenValidity'
136+
'Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html'
137137
);
138138
done();
139139
});
@@ -392,7 +392,7 @@ describe('Email Verification Token Expiration: ', () => {
392392
}).then(response => {
393393
expect(response.status).toEqual(302);
394394
expect(response.text).toEqual(
395-
'Found. Redirecting to http://localhost:8378/1/apps/verify_email_success.html?username=testEmailVerifyTokenValidity'
395+
'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?appId=test'
396396
);
397397
done();
398398
});
@@ -445,7 +445,7 @@ describe('Email Verification Token Expiration: ', () => {
445445
}).then(response => {
446446
expect(response.status).toEqual(302);
447447
expect(response.text).toEqual(
448-
'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?username=testEmailVerifyTokenValidity&appId=test'
448+
'Found. Redirecting to http://localhost:8378/1/apps/invalid_verification_link.html?appId=test'
449449
);
450450
done();
451451
});

spec/PagesRouter.spec.js

Lines changed: 6 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,7 @@ describe('Pages Router', () => {
108108
const res = await request({
109109
method: 'POST',
110110
url: 'http://localhost:8378/1/apps/test/request_password_reset',
111-
body: `new_password=user1&token=43634643&username=username`,
111+
body: `new_password=user1&token=43634643`,
112112
headers: {
113113
'Content-Type': 'application/x-www-form-urlencoded',
114114
'X-Requested-With': 'XMLHttpRequest',
@@ -124,7 +124,7 @@ describe('Pages Router', () => {
124124
await request({
125125
method: 'POST',
126126
url: 'http://localhost:8378/1/apps/test/request_password_reset',
127-
body: `new_password=&token=132414&username=Johnny`,
127+
body: `new_password=&token=132414`,
128128
headers: {
129129
'Content-Type': 'application/x-www-form-urlencoded',
130130
'X-Requested-With': 'XMLHttpRequest',
@@ -137,30 +137,12 @@ describe('Pages Router', () => {
137137
}
138138
});
139139

140-
it('request_password_reset: responds with AJAX error on missing username', async () => {
141-
try {
142-
await request({
143-
method: 'POST',
144-
url: 'http://localhost:8378/1/apps/test/request_password_reset',
145-
body: `new_password=user1&token=43634643&username=`,
146-
headers: {
147-
'Content-Type': 'application/x-www-form-urlencoded',
148-
'X-Requested-With': 'XMLHttpRequest',
149-
},
150-
followRedirects: false,
151-
});
152-
} catch (error) {
153-
expect(error.status).not.toBe(302);
154-
expect(error.text).toEqual('{"code":200,"error":"Missing username"}');
155-
}
156-
});
157-
158140
it('request_password_reset: responds with AJAX error on missing token', async () => {
159141
try {
160142
await request({
161143
method: 'POST',
162144
url: 'http://localhost:8378/1/apps/test/request_password_reset',
163-
body: `new_password=user1&token=&username=Johnny`,
145+
body: `new_password=user1&token=`,
164146
headers: {
165147
'Content-Type': 'application/x-www-form-urlencoded',
166148
'X-Requested-With': 'XMLHttpRequest',
@@ -577,7 +559,7 @@ describe('Pages Router', () => {
577559
spyOnProperty(Page.prototype, 'defaultFile').and.returnValue(jsonPageFile);
578560

579561
const response = await request({
580-
url: `http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&username=exampleUsername&locale=${exampleLocale}`,
562+
url: `http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&locale=${exampleLocale}`,
581563
followRedirects: false,
582564
}).catch(e => e);
583565
expect(response.status).toEqual(200);
@@ -626,7 +608,7 @@ describe('Pages Router', () => {
626608
await reconfigureServer(config);
627609
const response = await request({
628610
url:
629-
'http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&username=exampleUsername&locale=de-AT',
611+
'http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&locale=de-AT',
630612
followRedirects: false,
631613
method: 'POST',
632614
});
@@ -640,7 +622,7 @@ describe('Pages Router', () => {
640622
await reconfigureServer(config);
641623
const response = await request({
642624
url:
643-
'http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&username=exampleUsername&locale=de-AT',
625+
'http://localhost:8378/1/apps/test/request_password_reset?token=exampleToken&locale=de-AT',
644626
followRedirects: false,
645627
method: 'GET',
646628
});

spec/PasswordPolicy.spec.js

Lines changed: 21 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@ describe('Password Policy: ', () => {
107107
})
108108
.then(response => {
109109
expect(response.status).toEqual(302);
110-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=[a-zA-Z0-9]+\&id=test\&username=testResetTokenValidity/;
110+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=[a-zA-Z0-9]+\&id=test\&/;
111111
expect(response.text.match(re)).not.toBe(null);
112112
done();
113113
})
@@ -622,7 +622,7 @@ describe('Password Policy: ', () => {
622622
})
623623
.then(response => {
624624
expect(response.status).toEqual(302);
625-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
625+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
626626
const match = response.text.match(re);
627627
if (!match) {
628628
fail('should have a token');
@@ -634,7 +634,7 @@ describe('Password Policy: ', () => {
634634
request({
635635
method: 'POST',
636636
url: 'http://localhost:8378/1/apps/test/request_password_reset',
637-
body: `new_password=has2init&token=${token}&username=user1`,
637+
body: `new_password=has2init&token=${token}`,
638638
headers: {
639639
'Content-Type': 'application/x-www-form-urlencoded',
640640
},
@@ -645,7 +645,7 @@ describe('Password Policy: ', () => {
645645
.then(response => {
646646
expect(response.status).toEqual(302);
647647
expect(response.text).toEqual(
648-
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
648+
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html'
649649
);
650650

651651
Parse.User.logIn('user1', 'has2init')
@@ -714,7 +714,7 @@ describe('Password Policy: ', () => {
714714
})
715715
.then(response => {
716716
expect(response.status).toEqual(302);
717-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
717+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
718718
const match = response.text.match(re);
719719
if (!match) {
720720
fail('should have a token');
@@ -726,7 +726,7 @@ describe('Password Policy: ', () => {
726726
request({
727727
method: 'POST',
728728
url: 'http://localhost:8378/1/apps/test/request_password_reset',
729-
body: `new_password=hasnodigit&token=${token}&username=user1`,
729+
body: `new_password=hasnodigit&token=${token}`,
730730
headers: {
731731
'Content-Type': 'application/x-www-form-urlencoded',
732732
},
@@ -737,7 +737,7 @@ describe('Password Policy: ', () => {
737737
.then(response => {
738738
expect(response.status).toEqual(302);
739739
expect(response.text).toEqual(
740-
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=Password%20should%20contain%20at%20least%20one%20digit.&app=passwordPolicy`
740+
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?token=${token}&id=test&error=Password%20should%20contain%20at%20least%20one%20digit.&app=passwordPolicy`
741741
);
742742

743743
Parse.User.logIn('user1', 'has 1 digit')
@@ -900,7 +900,7 @@ describe('Password Policy: ', () => {
900900
})
901901
.then(response => {
902902
expect(response.status).toEqual(302);
903-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
903+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
904904
const match = response.text.match(re);
905905
if (!match) {
906906
fail('should have a token');
@@ -912,7 +912,7 @@ describe('Password Policy: ', () => {
912912
request({
913913
method: 'POST',
914914
url: 'http://localhost:8378/1/apps/test/request_password_reset',
915-
body: `new_password=xuser12&token=${token}&username=user1`,
915+
body: `new_password=xuser12&token=${token}`,
916916
headers: {
917917
'Content-Type': 'application/x-www-form-urlencoded',
918918
},
@@ -923,7 +923,7 @@ describe('Password Policy: ', () => {
923923
.then(response => {
924924
expect(response.status).toEqual(302);
925925
expect(response.text).toEqual(
926-
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=Password%20cannot%20contain%20your%20username.&app=passwordPolicy`
926+
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?token=${token}&id=test&error=Password%20cannot%20contain%20your%20username.&app=passwordPolicy`
927927
);
928928

929929
Parse.User.logIn('user1', 'r@nd0m')
@@ -991,7 +991,7 @@ describe('Password Policy: ', () => {
991991
resolveWithFullResponse: true,
992992
});
993993
expect(response.status).toEqual(302);
994-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
994+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
995995
const match = response.text.match(re);
996996
if (!match) {
997997
fail('should have a token');
@@ -1003,7 +1003,7 @@ describe('Password Policy: ', () => {
10031003
await request({
10041004
method: 'POST',
10051005
url: 'http://localhost:8378/1/apps/test/request_password_reset',
1006-
body: `new_password=xuser12&token=${token}&username=user1`,
1006+
body: `new_password=xuser12&token=${token}`,
10071007
headers: {
10081008
'Content-Type': 'application/x-www-form-urlencoded',
10091009
'X-Requested-With': 'XMLHttpRequest',
@@ -1051,7 +1051,7 @@ describe('Password Policy: ', () => {
10511051
})
10521052
.then(response => {
10531053
expect(response.status).toEqual(302);
1054-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
1054+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
10551055
const match = response.text.match(re);
10561056
if (!match) {
10571057
fail('should have a token');
@@ -1063,7 +1063,7 @@ describe('Password Policy: ', () => {
10631063
request({
10641064
method: 'POST',
10651065
url: 'http://localhost:8378/1/apps/test/request_password_reset',
1066-
body: `new_password=uuser11&token=${token}&username=user1`,
1066+
body: `new_password=uuser11&token=${token}`,
10671067
headers: {
10681068
'Content-Type': 'application/x-www-form-urlencoded',
10691069
},
@@ -1074,7 +1074,7 @@ describe('Password Policy: ', () => {
10741074
.then(response => {
10751075
expect(response.status).toEqual(302);
10761076
expect(response.text).toEqual(
1077-
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
1077+
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html'
10781078
);
10791079

10801080
Parse.User.logIn('user1', 'uuser11')
@@ -1317,7 +1317,7 @@ describe('Password Policy: ', () => {
13171317
})
13181318
.then(response => {
13191319
expect(response.status).toEqual(302);
1320-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
1320+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
13211321
const match = response.text.match(re);
13221322
if (!match) {
13231323
fail('should have a token');
@@ -1329,7 +1329,7 @@ describe('Password Policy: ', () => {
13291329
request({
13301330
method: 'POST',
13311331
url: 'http://localhost:8378/1/apps/test/request_password_reset',
1332-
body: `new_password=uuser11&token=${token}&username=user1`,
1332+
body: `new_password=uuser11&token=${token}`,
13331333
headers: {
13341334
'Content-Type': 'application/x-www-form-urlencoded',
13351335
},
@@ -1340,7 +1340,7 @@ describe('Password Policy: ', () => {
13401340
.then(response => {
13411341
expect(response.status).toEqual(302);
13421342
expect(response.text).toEqual(
1343-
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html?username=user1'
1343+
'Found. Redirecting to http://localhost:8378/1/apps/password_reset_success.html'
13441344
);
13451345

13461346
Parse.User.logIn('user1', 'uuser11')
@@ -1472,7 +1472,7 @@ describe('Password Policy: ', () => {
14721472
})
14731473
.then(response => {
14741474
expect(response.status).toEqual(302);
1475-
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&username=user1/;
1475+
const re = /http:\/\/localhost:8378\/1\/apps\/choose_password\?token=([a-zA-Z0-9]+)\&id=test\&/;
14761476
const match = response.text.match(re);
14771477
if (!match) {
14781478
fail('should have a token');
@@ -1484,7 +1484,7 @@ describe('Password Policy: ', () => {
14841484
return request({
14851485
method: 'POST',
14861486
url: 'http://localhost:8378/1/apps/test/request_password_reset',
1487-
body: `new_password=user1&token=${token}&username=user1`,
1487+
body: `new_password=user1&token=${token}`,
14881488
headers: {
14891489
'Content-Type': 'application/x-www-form-urlencoded',
14901490
},
@@ -1500,7 +1500,7 @@ describe('Password Policy: ', () => {
15001500
const token = data[1];
15011501
expect(response.status).toEqual(302);
15021502
expect(response.text).toEqual(
1503-
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?username=user1&token=${token}&id=test&error=New%20password%20should%20not%20be%20the%20same%20as%20last%201%20passwords.&app=passwordPolicy`
1503+
`Found. Redirecting to http://localhost:8378/1/apps/choose_password?token=${token}&id=test&error=New%20password%20should%20not%20be%20the%20same%20as%20last%201%20passwords.&app=passwordPolicy`
15041504
);
15051505
done();
15061506
return Promise.resolve();

spec/PublicAPI.spec.js

Lines changed: 2 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -10,28 +10,6 @@ const request = function (url, callback) {
1010
};
1111

1212
describe('public API', () => {
13-
it('should return missing username error on ajax request without username provided', async () => {
14-
await reconfigureServer({
15-
publicServerURL: 'http://localhost:8378/1',
16-
});
17-
18-
try {
19-
await req({
20-
method: 'POST',
21-
url: 'http://localhost:8378/1/apps/test/request_password_reset',
22-
body: `new_password=user1&token=43634643&username=`,
23-
headers: {
24-
'Content-Type': 'application/x-www-form-urlencoded',
25-
'X-Requested-With': 'XMLHttpRequest',
26-
},
27-
followRedirects: false,
28-
});
29-
} catch (error) {
30-
expect(error.status).not.toBe(302);
31-
expect(error.text).toEqual('{"code":200,"error":"Missing username"}');
32-
}
33-
});
34-
3513
it('should return missing token error on ajax request without token provided', async () => {
3614
await reconfigureServer({
3715
publicServerURL: 'http://localhost:8378/1',
@@ -41,7 +19,7 @@ describe('public API', () => {
4119
await req({
4220
method: 'POST',
4321
url: 'http://localhost:8378/1/apps/test/request_password_reset',
44-
body: `new_password=user1&token=&username=Johnny`,
22+
body: `new_password=user1&token=`,
4523
headers: {
4624
'Content-Type': 'application/x-www-form-urlencoded',
4725
'X-Requested-With': 'XMLHttpRequest',
@@ -63,7 +41,7 @@ describe('public API', () => {
6341
await req({
6442
method: 'POST',
6543
url: 'http://localhost:8378/1/apps/test/request_password_reset',
66-
body: `new_password=&token=132414&username=Johnny`,
44+
body: `new_password=&token=132414`,
6745
headers: {
6846
'Content-Type': 'application/x-www-form-urlencoded',
6947
'X-Requested-With': 'XMLHttpRequest',

0 commit comments

Comments
 (0)