-
-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ajax password reset #5332
Ajax password reset #5332
Conversation
This does not work with the fetch API (reportedly) https://stackoverflow.com/questions/41952913/node-js-express-how-can-i-know-if-a-request-is-an-ajax-request?rq=1 |
@flovilmart |
uhm ok, can you perhaps factor so req.xhr is not all over the place? The current implementation lacks elegance.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we make the implementation a bit more elegant, right now it's kinda messy.
There are multiple avenues for that, from swapping the promise callbacks depending on the context or what I was suggesting.
Codecov Report
@@ Coverage Diff @@
## master #5332 +/- ##
=========================================
+ Coverage 93.88% 93.9% +0.01%
=========================================
Files 123 123
Lines 9012 9024 +12
=========================================
+ Hits 8461 8474 +13
+ Misses 551 550 -1
Continue to review full report at Codecov.
|
@flovilmart I believe this will do? |
Yes, i noticed, though wierdly it passes for me. Trying to figure out what's wrong. |
Am i supposed to call errors like this in src file? Must have been the source of problem. |
I am not sure what you are referring to. But the test fail, which is either because the test is malformed and the username is improperly passed, or that the implementation cannot read the user as it should. As it seems only your test is failing, I would think the test is not properly formed Sent with GitHawk |
Wait a moment, i must have been looking in the wrong place. According to this https://travis-ci.org/parse-community/parse-server/jobs/489019227 ,for example, its not only my test is failing, but a few others, that are related to the update password function that was changed in the router by my commit. This confuses a bit. |
Yes, i was confused by "Parse is undefined" in these reports and thought that I need to use Error instead of Parse.Error in src files for some reason. My bad, will revert the changes right now. |
I am pretty confident this works as intended, can you confirm? There still seem to be failure when making test related to password policy, since error handling was changed, looking into it. |
The errors are pretty straightforward in Travis logs. I seems that the changes proposed are breaking existing tests. Sent with GitHawk |
Found the error in code. Seems that tests are passing now... |
@moonion this seems very light on the test side as you only test that the call fails when you fail to provide a |
Right now i replaced the error to show neutral text about wrong username/token, similar to previous "invalid link" error, and check if the error refers to password policy, in which case i show it instead. Probably now tests cover everything in commit if i done everything right. |
Will this be enough for current merge request? |
I’ll review later before end of week Sent with GitHawk |
Thank you |
So?.. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a few nits. Looks good so far.
I'm not an expert on password reset but looks like all the success / errors are handled.
spec/PasswordPolicy.spec.js
Outdated
@@ -909,6 +909,97 @@ describe('Password Policy: ', () => { | |||
}); | |||
}); | |||
|
|||
it('Should return error when password violates Password Policy and reset through ajax', done => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you rewrite your tests using async
/ await
?
Reading this is confusing with all the nested promises.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
async / await is not used in any of the tests, and i noticed there is actually a lot of branching promises in the other tests, since .catch blocks contain specific error messages for almost each action. Is it really necessary to rewrite this test?
Thank you, will be on it next week. |
This reverts commit 68ee2c4.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
some questions @dplewis to get up to speed.
@@ -246,7 +246,7 @@ export class UserController extends AdaptableController { | |||
return this.checkResetTokenValidity(username, token) | |||
.then(user => updateUserPassword(user.objectId, password, this.config)) | |||
.catch(error => { | |||
if (error.message) { | |||
if (error && error.message) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why would we be in a catch and have no error? that seems bad.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I had the same feeling. I could back track and see what the underlying cause is.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah, we shouldn't throw without a message.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just committed a fix
@@ -90,7 +90,7 @@ export class UserController extends AdaptableController { | |||
) | |||
.then(results => { | |||
if (results.length != 1) { | |||
throw undefined; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
did a little git blame sleuthing on this one.
git show 7e868b2
note the comment that used to be there:
// Trying to verify email when not enabled
// TODO: Better error here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't even notice that.
* adapted public api route for use with ajax * Elegant error handling * Fixed error return * Public API error flow redone, tests * Fixed code to pre-build form * Public API change password return params * Reverted errors in resetPassword * Fixed querystring call * Success test on ajax password reset * Added few more routes to tests for coverage * More tests and redone error return slightly * Updated error text * Console logs removal, renamed test, added {} to if * Wrong error sent * Revert changes * Revert "Revert changes" This reverts commit 68ee2c4. * real revert of {} * nits and test fix * fix tests * throw proper error
These changes will allow more comfortable use of the password reset route, eliminating the redirects and page reloads when reaching it through ajax request.
For example, here on client side we will be able to handle the errors without reloading the page: