fix one time use of personal agent code

dickhardt · Jan 13, 2013 · 632224c · 632224c
1 parent 14822cd
commit 632224c
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 4 deletions.
diff --git a/app/as/as.js b/app/as/as.js
@@ -88,7 +88,7 @@ function registerAgent ( req, res, next ) {
     if (e) return next( e )
     if ( passcode != profile.passcode ) {
       var err = new Error('Passcode does not match')
-      e.code = 'INVALID_PASSCODE'
+      err.code = 'INVALID_PASSCODE'
       return next( err )
     }
     var details =
@@ -118,7 +118,7 @@ function registerAgent ( req, res, next ) {
         // TBD: let listener on channel know that QR code was read successfully
 
         // async clear out data associated with the code
-        db.updateProfile( 'as', code, {}, function ( e ) {
+        db.deleteProfile( 'as', code, function ( e ) {
           if (e) console.log("Profile update error:\n", e )
         })
         return res.send( { 'result': {'token': result.token } } )

diff --git a/app/db_dev.js b/app/db_dev.js
@@ -329,9 +329,9 @@ exports.retrieveAgentFromDevice = function ( as, device, cb) {
 exports.deleteAgentFromHandle = function ( as, handle, cb) {
   var key = as + ':agent:handle:' + handle
   var device = dummyNoSql[key]
-  delete dummyNoSql[key]
+  delete dummyNoSql[key];
   key = as + ':agent:device:' + device
-  delete dummyNoSql[key]
+  delete dummyNoSql[key];
   process.nextTick( function () { cb( null ) } )
 }
 
@@ -358,6 +358,18 @@ exports.getProfile = function ( rs, di, cb ) {
   }
 }
 
+exports.deleteProfile = function ( rs, di, cb ) {
+  var key = rs + ':di:' + di + ':profile'
+    , e = null
+  if (dummyNoSql[key]) {
+    delete dummyNoSql[key]
+  } else {
+    e = new Error('unknown user')
+    e.code = "UNKNOWN_USER"
+  }
+  process.nextTick( function () { cb( e ) } )
+}
+
 
 exports.updateSeries = function ( rs, di, series, data, time, cb ) {
   if (time instanceof String) time = Date.parse(time)

diff --git a/test/api.test.js b/test/api.test.js
@@ -331,6 +331,24 @@ describe('Enrolling agent at AS', function () {
     , token = null
 
   describe('AS /register/agent', function () {
+    it('should fail', function (done) {
+      var options =
+        { url: config.baseUrl.as + '/register/agent'
+        , form: { passcode: 6666, name: nameAgent, device: device, code: code }
+        , method: 'POST'
+        }
+      fetch( options, function ( e, response, body ) {
+        should.not.exist( e )
+        should.exist( response )
+        response.statusCode.should.equal( 200 )
+        should.exist( body )
+        var r = JSON.parse( body )
+        should.exist( r )
+        r.should.have.property('error')
+        r.should.not.have.property('result')
+        done( null )
+      })
+    })
     it('should return a handle for the agent', function (done) {
       var options =
         { url: config.baseUrl.as + '/register/agent'
@@ -351,6 +369,24 @@ describe('Enrolling agent at AS', function () {
         done( null )
       })
     })
+    it('should not return a handle for the agent the second time the code is used', function (done) {
+      var options =
+        { url: config.baseUrl.as + '/register/agent'
+        , form: { passcode: passcode, name: nameAgent, device: device, code: code }
+        , method: 'POST'
+        }
+      fetch( options, function ( e, response, body ) {
+        should.not.exist( e )
+        should.exist( response )
+        response.statusCode.should.equal( 200 )
+        should.exist( body )
+        var r = JSON.parse( body )
+        should.exist( r )
+        r.should.have.property('error')
+        r.should.not.have.property('result')
+        done( null )
+      })
+    })
   })
 
   cookieJar[config.baseUrl.as] = asCookie