diff --git a/src/person/router.js b/src/person/router.js index 6f5e742..df41eba 100644 --- a/src/person/router.js +++ b/src/person/router.js @@ -14,6 +14,9 @@ router.get('/', async ctx => { router.post('/login', async ctx => { const { email, password } = ctx.request.body + if (!email || !password) { + throw Boom.expectationFailed('require email and password', { email, password }) + } const person = await Person.unscoped().findOne({ where: { email } }) if (person) { if (person.matchPassword(password)) { @@ -22,7 +25,11 @@ router.post('/login', async ctx => { token, person: person.toSafeJSON() } + } else { + throw Boom.forbidden('wrong password') } + } else { + throw Boom.notFound('user not found') } }) diff --git a/test/person/person.spec.js b/test/person/person.spec.js index ff601b2..4f71e72 100644 --- a/test/person/person.spec.js +++ b/test/person/person.spec.js @@ -9,9 +9,32 @@ describe("router - people", () => { }) describe('/login', () => { + it('should throw on missing infomation', async () => { + const res = await app.post('/people/login') + expect(res.status).to.equal(417) + expect(res.body.message).to.equal('require email and password') + }) + + it('should throw on not existing user', async () => { + const res = await app.post('/people/login').send({ + email: 'notexist@gmail.com', + password: 'password' + }) + expect(res.status).to.equal(404) + expect(res.body.message).to.equal('user not found') + }) + + it('should throw on not matching password', async () => { + const res = await app.post('/people/login').send({ + email: 'shengning@gmail.com', + password: 'wrong password' + }) + expect(res.status).to.equal(403) + expect(res.body.message).to.equal('wrong password') + }) it('should login', async () => { - let res = await app.post('/people/login').send({ + const res = await app.post('/people/login').send({ email: 'shengning@gmail.com', password: 'password' })