Skip to content

Commit 28d1a8a

Browse files
flovilmartflovilmart
committed
Sends 404 when parseServerURL is not set on public pages
- throws when verifyEmail = true && publicServerURL not set
1 parent 6aa38ea commit 28d1a8a

File tree

8 files changed

+186
-41
lines changed

8 files changed

+186
-41
lines changed

spec/PublicAPI.spec.js

Lines changed: 53 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,23 @@
11

22
var request = require('request');
33

4-
54
describe("public API", () => {
6-
5+
beforeEach(done => {
6+
setServerConfiguration({
7+
serverURL: 'http://localhost:8378/1',
8+
appId: 'test',
9+
appName: 'unused',
10+
javascriptKey: 'test',
11+
dotNetKey: 'windows',
12+
clientKey: 'client',
13+
restAPIKey: 'rest',
14+
masterKey: 'test',
15+
collectionPrefix: 'test_',
16+
fileKey: 'test',
17+
publicServerURL: 'http://localhost:8378/1'
18+
});
19+
done();
20+
})
721
it("should get invalid_link.html", (done) => {
822
request('http://localhost:8378/1/apps/invalid_link.html', (err, httpResponse, body) => {
923
expect(httpResponse.statusCode).toBe(200);
@@ -31,6 +45,42 @@ describe("public API", () => {
3145
done();
3246
});
3347
});
48+
});
49+
50+
describe("public API without publicServerURL", () => {
51+
beforeEach(done => {
52+
setServerConfiguration({
53+
serverURL: 'http://localhost:8378/1',
54+
appId: 'test',
55+
appName: 'unused',
56+
javascriptKey: 'test',
57+
dotNetKey: 'windows',
58+
clientKey: 'client',
59+
restAPIKey: 'rest',
60+
masterKey: 'test',
61+
collectionPrefix: 'test_',
62+
fileKey: 'test',
63+
});
64+
done();
65+
})
66+
it("should get 404 on verify_email", (done) => {
67+
request('http://localhost:8378/1/apps/test/verify_email', (err, httpResponse, body) => {
68+
expect(httpResponse.statusCode).toBe(404);
69+
done();
70+
});
71+
});
3472

73+
it("should get 404 choose_password", (done) => {
74+
request('http://localhost:8378/1/apps/choose_password?id=test', (err, httpResponse, body) => {
75+
expect(httpResponse.statusCode).toBe(404);
76+
done();
77+
});
78+
});
3579

36-
})
80+
it("should get 404 on request_password_reset", (done) => {
81+
request('http://localhost:8378/1/apps/test/request_password_reset', (err, httpResponse, body) => {
82+
expect(httpResponse.statusCode).toBe(404);
83+
done();
84+
});
85+
});
86+
});

spec/ValidationAndPasswordsReset.spec.js

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,7 @@ describe("Email Verification", () => {
5656
fileKey: 'test',
5757
verifyUserEmails: true,
5858
emailAdapter: emailAdapter,
59+
publicServerURL: "http://localhost:8378/1"
5960
});
6061
spyOn(emailAdapter, 'sendVerificationEmail');
6162
var user = new Parse.User();
@@ -97,6 +98,7 @@ describe("Email Verification", () => {
9798
fileKey: 'test',
9899
verifyUserEmails: true,
99100
emailAdapter: emailAdapter,
101+
publicServerURL: "http://localhost:8378/1"
100102
});
101103
spyOn(emailAdapter, 'sendVerificationEmail');
102104
var user = new Parse.User();
@@ -137,6 +139,7 @@ describe("Email Verification", () => {
137139
fileKey: 'test',
138140
verifyUserEmails: true,
139141
emailAdapter: emailAdapter,
142+
publicServerURL: "http://localhost:8378/1"
140143
});
141144
spyOn(emailAdapter, 'sendVerificationEmail');
142145
var user = new Parse.User();
@@ -196,6 +199,7 @@ describe("Email Verification", () => {
196199
fileKey: 'test',
197200
verifyUserEmails: true,
198201
emailAdapter: emailAdapter,
202+
publicServerURL: "http://localhost:8378/1"
199203
});
200204
var user = new Parse.User();
201205
user.setPassword("asdf");
@@ -284,6 +288,7 @@ describe("Email Verification", () => {
284288
fileKey: 'test',
285289
verifyUserEmails: true,
286290
emailAdapter: emailAdapter,
291+
publicServerURL: "http://localhost:8378/1"
287292
});
288293
var user = new Parse.User();
289294
user.setPassword("asdf");
@@ -334,6 +339,7 @@ describe("Email Verification", () => {
334339
fileKey: 'test',
335340
verifyUserEmails: true,
336341
emailAdapter: emailAdapter,
342+
publicServerURL: "http://localhost:8378/1"
337343
});
338344
user.setPassword("asdf");
339345
user.setUsername("zxcv");
@@ -342,6 +348,25 @@ describe("Email Verification", () => {
342348
});
343349

344350
it('redirects you to invalid link if you try to verify email incorrecly', done => {
351+
setServerConfiguration({
352+
serverURL: 'http://localhost:8378/1',
353+
appId: 'test',
354+
appName: 'emailing app',
355+
javascriptKey: 'test',
356+
dotNetKey: 'windows',
357+
clientKey: 'client',
358+
restAPIKey: 'rest',
359+
masterKey: 'test',
360+
collectionPrefix: 'test_',
361+
fileKey: 'test',
362+
verifyUserEmails: true,
363+
emailAdapter: {
364+
sendVerificationEmail: () => Promise.resolve(),
365+
sendPasswordResetEmail: () => Promise.resolve(),
366+
sendMail: () => {}
367+
},
368+
publicServerURL: "http://localhost:8378/1"
369+
});
345370
request.get('http://localhost:8378/1/apps/test/verify_email', {
346371
followRedirect: false,
347372
}, (error, response, body) => {
@@ -352,6 +377,25 @@ describe("Email Verification", () => {
352377
});
353378

354379
it('redirects you to invalid link if you try to validate a nonexistant users email', done => {
380+
setServerConfiguration({
381+
serverURL: 'http://localhost:8378/1',
382+
appId: 'test',
383+
appName: 'emailing app',
384+
javascriptKey: 'test',
385+
dotNetKey: 'windows',
386+
clientKey: 'client',
387+
restAPIKey: 'rest',
388+
masterKey: 'test',
389+
collectionPrefix: 'test_',
390+
fileKey: 'test',
391+
verifyUserEmails: true,
392+
emailAdapter: {
393+
sendVerificationEmail: () => Promise.resolve(),
394+
sendPasswordResetEmail: () => Promise.resolve(),
395+
sendMail: () => {}
396+
},
397+
publicServerURL: "http://localhost:8378/1"
398+
});
355399
request.get('http://localhost:8378/1/apps/test/verify_email?token=asdfasdf&username=sadfasga', {
356400
followRedirect: false,
357401
}, (error, response, body) => {
@@ -393,6 +437,7 @@ describe("Email Verification", () => {
393437
fileKey: 'test',
394438
verifyUserEmails: true,
395439
emailAdapter: emailAdapter,
440+
publicServerURL: "http://localhost:8378/1"
396441
});
397442
user.setPassword("asdf");
398443
user.setUsername("zxcv");
@@ -443,6 +488,7 @@ describe("Password Reset", () => {
443488
fileKey: 'test',
444489
verifyUserEmails: true,
445490
emailAdapter: emailAdapter,
491+
publicServerURL: "http://localhost:8378/1"
446492
});
447493
user.setPassword("asdf");
448494
user.setUsername("zxcv");
@@ -459,6 +505,25 @@ describe("Password Reset", () => {
459505
});
460506

461507
it('redirects you to invalid link if you try to request password for a nonexistant users email', done => {
508+
setServerConfiguration({
509+
serverURL: 'http://localhost:8378/1',
510+
appId: 'test',
511+
appName: 'emailing app',
512+
javascriptKey: 'test',
513+
dotNetKey: 'windows',
514+
clientKey: 'client',
515+
restAPIKey: 'rest',
516+
masterKey: 'test',
517+
collectionPrefix: 'test_',
518+
fileKey: 'test',
519+
verifyUserEmails: true,
520+
emailAdapter: {
521+
sendVerificationEmail: () => Promise.resolve(),
522+
sendPasswordResetEmail: () => Promise.resolve(),
523+
sendMail: () => {}
524+
},
525+
publicServerURL: "http://localhost:8378/1"
526+
});
462527
request.get('http://localhost:8378/1/apps/test/request_password_reset?token=asdfasdf&username=sadfasga', {
463528
followRedirect: false,
464529
}, (error, response, body) => {
@@ -533,6 +598,7 @@ describe("Password Reset", () => {
533598
fileKey: 'test',
534599
verifyUserEmails: true,
535600
emailAdapter: emailAdapter,
601+
publicServerURL: "http://localhost:8378/1"
536602
});
537603
user.setPassword("asdf");
538604
user.setUsername("zxcv");

spec/helper.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -250,3 +250,4 @@ global.arrayContains = arrayContains;
250250
global.jequal = jequal;
251251
global.range = range;
252252
global.setServerConfiguration = setServerConfiguration;
253+
global.defaultConfiguration = defaultConfiguration;

spec/index.spec.js

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,7 @@ describe('server', () => {
5656
apiKey: 'k',
5757
domain: 'd',
5858
}),
59+
publicServerURL: 'http://localhost:8378/1'
5960
});
6061
done();
6162
});
@@ -80,6 +81,7 @@ describe('server', () => {
8081
domain: 'd',
8182
}
8283
},
84+
publicServerURL: 'http://localhost:8378/1'
8385
});
8486
done();
8587
});
@@ -104,6 +106,7 @@ describe('server', () => {
104106
domain: 'd',
105107
}
106108
},
109+
publicServerURL: 'http://localhost:8378/1'
107110
});
108111
done();
109112
});
@@ -122,6 +125,7 @@ describe('server', () => {
122125
fileKey: 'test',
123126
verifyUserEmails: true,
124127
emailAdapter: './Email/SimpleMailgunAdapter',
128+
publicServerURL: 'http://localhost:8378/1'
125129
})).toThrow('SimpleMailgunAdapter requires an API Key and domain.');
126130
done();
127131
});
@@ -145,6 +149,7 @@ describe('server', () => {
145149
domain: 'd',
146150
}
147151
},
152+
publicServerURL: 'http://localhost:8378/1'
148153
})).toThrow('SimpleMailgunAdapter requires an API Key and domain.');
149154
done();
150155
});

src/Config.js

Lines changed: 9 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -50,44 +50,34 @@ export class Config {
5050
if (typeof appName !== 'string') {
5151
throw 'An app name is required when using email verification.';
5252
}
53-
if (!process.env.TESTING && typeof publicServerURL !== 'string') {
54-
if (process.env.NODE_ENV === 'production') {
55-
throw 'A public server url is required when using email verification.';
56-
} else {
57-
console.warn("");
58-
console.warn("You should set publicServerURL to serve the public pages");
59-
console.warn("");
60-
}
53+
if (typeof publicServerURL !== 'string') {
54+
throw 'A public server url is required when using email verification.';
6155
}
6256
}
6357
}
64-
65-
get linksServerURL() {
66-
return this.publicServerURL || this.serverURL;
67-
}
68-
58+
6959
get invalidLinkURL() {
70-
return this.customPages.invalidLink || `${this.linksServerURL}/apps/invalid_link.html`;
60+
return this.customPages.invalidLink || `${this.publicServerURL}/apps/invalid_link.html`;
7161
}
7262

7363
get verifyEmailSuccessURL() {
74-
return this.customPages.verifyEmailSuccess || `${this.linksServerURL}/apps/verify_email_success.html`;
64+
return this.customPages.verifyEmailSuccess || `${this.publicServerURL}/apps/verify_email_success.html`;
7565
}
7666

7767
get choosePasswordURL() {
78-
return this.customPages.choosePassword || `${this.linksServerURL}/apps/choose_password`;
68+
return this.customPages.choosePassword || `${this.publicServerURL}/apps/choose_password`;
7969
}
8070

8171
get requestResetPasswordURL() {
82-
return `${this.linksServerURL}/apps/${this.applicationId}/request_password_reset`;
72+
return `${this.publicServerURL}/apps/${this.applicationId}/request_password_reset`;
8373
}
8474

8575
get passwordResetSuccessURL() {
86-
return this.customPages.passwordResetSuccess || `${this.linksServerURL}/apps/password_reset_success.html`;
76+
return this.customPages.passwordResetSuccess || `${this.publicServerURL}/apps/password_reset_success.html`;
8777
}
8878

8979
get verifyEmailURL() {
90-
return `${this.linksServerURL}/apps/${this.applicationId}/verify_email`;
80+
return `${this.publicServerURL}/apps/${this.applicationId}/verify_email`;
9181
}
9282
};
9383

0 commit comments

Comments
 (0)