Permalink
Browse files

Check usernameOnly parameter in passwordMatches (#609)

* Check usernameOnly parameter in passwordMatches

* Added test for 'authenticates valid user with valid username and usernameOnly and encrypted passwords'
  • Loading branch information...
1 parent 285902f commit b3fcf2bbbaf8fd7ba40c3e242094751b610a9980 @lsohn lsohn committed with flovilmart Dec 4, 2016
Showing with 7 additions and 1 deletion.
  1. +1 −1 Parse-Dashboard/Authentication.js
  2. +6 −0 src/lib/tests/Authentication.test.js
@@ -88,7 +88,7 @@ function authenticate(userToTest, usernameOnly) {
this.validUsers.find(user => {
let isAuthenticated = false;
let usernameMatches = userToTest.name == user.user;
- let passwordMatches = this.useEncryptedPasswords ? bcrypt.compareSync(userToTest.pass, user.pass) : userToTest.pass == user.pass;
+ let passwordMatches = this.useEncryptedPasswords && !usernameOnly ? bcrypt.compareSync(userToTest.pass, user.pass) : userToTest.pass == user.pass;
if (usernameMatches && (usernameOnly || passwordMatches)) {
isAuthenticated = true;
matchingUsername = user.user;
@@ -101,4 +101,10 @@ describe('Authentication', () => {
expect(authentication.authenticate({name: 'parse.dashboard'}))
.toEqual(createAuthenticationResult(false, null, null));
});
+
+ it('authenticates valid user with valid username and usernameOnly and encrypted password', () => {
+ let authentication = new Authentication(encryptedUsers, true);
+ expect(authentication.authenticate({name: 'parse.dashboard'}, true))
+ .toEqual(createAuthenticationResult(true, 'parse.dashboard', null));
+ });
});

0 comments on commit b3fcf2b

Please sign in to comment.