summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--package.json3
-rw-r--r--test/user.js37
2 files changed, 39 insertions, 1 deletions
diff --git a/package.json b/package.json
index 980241f3..fdbe6130 100644
--- a/package.json
+++ b/package.json
@@ -5,9 +5,10 @@
"main": "app.js",
"license": "AGPL-3.0",
"scripts": {
- "test": "npm run-script eslint && npm run-script jsonlint && mocha",
+ "test": "npm run-script eslint && npm run-script jsonlint && npm run-script mocha-suite",
"eslint": "node_modules/.bin/eslint lib public test app.js",
"jsonlint": "find . -not -path './node_modules/*' -type f -name '*.json' -o -type f -name '*.json.example' | while read json; do echo $json ; jq . $json; done",
+ "mocha-suite": "NODE_ENV=test CMD_DB_URL=\"sqlite::memory:\" mocha --exit",
"standard": "echo 'standard is no longer being used, use `npm run eslint` instead!' && exit 1",
"dev": "webpack --config webpack.dev.js --progress --colors --watch",
"heroku-prebuild": "bin/heroku",
diff --git a/test/user.js b/test/user.js
new file mode 100644
index 00000000..6159ebfd
--- /dev/null
+++ b/test/user.js
@@ -0,0 +1,37 @@
+/* eslint-env node, mocha */
+
+'use strict'
+
+const assert = require('assert')
+
+const models = require('../lib/models')
+const User = models.User
+
+describe('User Sequelize model', function () {
+ beforeEach(() => {
+ return models.sequelize.sync({ force: true })
+ })
+
+ it('stores a password hash on creation and verifies that password', function () {
+ const userData = {
+ password: 'test123'
+ }
+ const intentionallyInvalidPassword = 'stuff'
+
+ return User.create(userData).then(u => {
+ assert(u.verifyPassword(userData.password))
+ assert(!u.verifyPassword(intentionallyInvalidPassword))
+ })
+ })
+
+ it('can cope with password stored in standard scrypt header format', function () {
+ const testKey = '736372797074000e00000008000000018c7b8c1ac273fd339badde759b3efc418bc61b776debd02dfe95989383cf9980ad21d2403dce33f4b551f5e98ce84edb792aee62600b1303ab8d4e6f0a53b0746e73193dbf557b888efc83a2d6a055a9'
+ const validPassword = 'test'
+ const intentionallyInvalidPassword = 'stuff'
+
+ const u = User.build()
+ u.setDataValue('password', testKey) // this circumvents the setter - which we don't need in this case!
+ assert(u.verifyPassword(validPassword))
+ assert(!u.verifyPassword(intentionallyInvalidPassword))
+ })
+})