diff --git a/src/controllers/authentication.js b/src/controllers/authentication.js index 3db8b26472..64823e74b7 100644 --- a/src/controllers/authentication.js +++ b/src/controllers/authentication.js @@ -97,21 +97,18 @@ function registerAndLoginUser(req, res, userData, callback) { plugins.fireHook('filter:register.interstitial', { userData: userData, interstitials: [], - }, function (err, data) { - if (err) { - return next(err); - } - - // If interstitials are found, save registration attempt into session and abort - var deferRegistration = data.interstitials.length; + }, next); + }, + function (data, next) { + // If interstitials are found, save registration attempt into session and abort + var deferRegistration = data.interstitials.length; - if (!deferRegistration) { - return next(); - } - userData.register = true; - req.session.registration = userData; - return res.json({ referrer: nconf.get('relative_path') + '/register/complete' }); - }); + if (!deferRegistration) { + return next(); + } + userData.register = true; + req.session.registration = userData; + return res.json({ referrer: nconf.get('relative_path') + '/register/complete' }); }, function (next) { user.create(userData, next); diff --git a/test/authentication.js b/test/authentication.js index 4ab15b500f..1d3651e183 100644 --- a/test/authentication.js +++ b/test/authentication.js @@ -37,6 +37,33 @@ describe('authentication', function () { }); } + function registerUser(email, username, password, callback) { + var jar = request.jar(); + request({ + url: nconf.get('url') + '/api/config', + json: true, + jar: jar, + }, function (err, response, body) { + if (err) { + return callback(err); + } + + request.post(nconf.get('url') + '/register', { + form: { + email: email, + username: username, + password: password, + }, + json: true, + jar: jar, + headers: { + 'x-csrf-token': body.csrf_token, + }, + }, function (err, response, body) { + callback(err, response, body, jar); + }); + }); + } var jar = request.jar(); var regularUid; @@ -218,6 +245,59 @@ describe('authentication', function () { }); }); + it('should fail to register if registraton is disabled', function (done) { + meta.config.registrationType = 'disabled'; + registerUser('some@user.com', 'someuser', 'somepassword', function (err, response, body) { + assert.ifError(err); + assert.equal(response.statusCode, 403); + assert.equal(body, 'Forbidden'); + done(); + }); + }); + + it('should return error if invitation is not valid', function (done) { + meta.config.registrationType = 'invite-only'; + registerUser('some@user.com', 'someuser', 'somepassword', function (err, response, body) { + meta.config.registrationType = 'normal'; + assert.ifError(err); + assert.equal(response.statusCode, 400); + assert.equal(body, '[[error:invalid-data]]'); + done(); + }); + }); + + it('should fail to register if email is falsy', function (done) { + registerUser('', 'someuser', 'somepassword', function (err, response, body) { + assert.ifError(err); + assert.equal(response.statusCode, 400); + assert.equal(body, '[[error:invalid-email]]'); + done(); + }); + }); + + it('should fail to register if username is falsy or too short', function (done) { + registerUser('some@user.com', '', 'somepassword', function (err, response, body) { + assert.ifError(err); + assert.equal(response.statusCode, 400); + assert.equal(body, '[[error:username-too-short]]'); + registerUser('some@user.com', 'a', 'somepassword', function (err, response, body) { + assert.ifError(err); + assert.equal(response.statusCode, 400); + assert.equal(body, '[[error:username-too-short]]'); + done(); + }); + }); + }); + + it('should fail to register if username is too long', function (done) { + registerUser('some@user.com', 'thisisareallylongusername', '123456', function (err, response, body) { + assert.ifError(err); + assert.equal(response.statusCode, 400); + assert.equal(body, '[[error:username-too-long]]'); + done(); + }); + }); + after(function (done) { db.emptydb(done); });