feat: reject on login when token is saved CMS-2640

entrecode · Feb 9, 2017 · 685f858 · 685f858
1 parent 317da0a
commit 685f858
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 3 deletions.
diff --git a/src/Accounts.js b/src/Accounts.js
@@ -129,6 +129,10 @@ export default class Accounts extends Core {
   login(email, password) {
     return Promise.resolve()
     .then(() => {
+      if (this.tokenStore.has()) {
+        throw new Error('already logged in or old token present. logout first');
+      }
+
       if (!this.clientID) {
         throw new Error('clientID must be set with Account#setClientID(clientID: string)');
       }

diff --git a/test/Account.test.js b/test/Account.test.js
@@ -100,14 +100,29 @@ describe('Accounts class', () => {
     return accounts.login('andre@entrecode.de', 'mysecret').should.eventually.be.fulfilled
     .and.notify(() => stub.restore());
   });
+  it('should reject when already logged in', () => {
+    const accounts = new Accounts();
+    accounts.tokenStore.set('eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJlbnRyZWNvZGVUZXN0IiwiaWF0IjoxNDg1NzgzNTg4LCJleHAiOjQ2NDE0NTcxODgsImF1ZCI6IlRlc3QiLCJzdWIiOiJ0ZXN0QGVudHJlY29kZS5kZSJ9.Vhrq5GR2hNz-RoAhdlnIIWHelPciBPCemEa74s7cXn8');
+    accounts.setClientID('rest');
+
+    return new Accounts().login('user', 'mysecret').should.be.rejectedWith(Error);
+  });
   it('should be rejected on unset clientID', () => {
-    new Accounts().login('user', 'mysecret').should.be.rejectedWith(Error);
+    const accounts = new Accounts();
+    accounts.tokenStore.del();
+    return accounts.login('user', 'mysecret').should.be.rejectedWith(Error);
   });
   it('should be rejected on undefined email', () => {
-    new Accounts().setClientID('rest').login(null, 'mysecret').should.be.rejectedWith(Error);
+    const accounts = new Accounts();
+    accounts.tokenStore.del();
+    accounts.setClientID('rest');
+    return accounts.login(null, 'mysecret').should.be.rejectedWith(Error);
   });
   it('should be rejected on undefined password', () => {
-    new Accounts().setClientID('rest').login('user', null).should.be.rejectedWith(Error);
+    const accounts = new Accounts();
+    accounts.tokenStore.del();
+    accounts.setClientID('rest');
+    return accounts.setClientID('rest').login('user', null).should.be.rejectedWith(Error);
   });
   it('should logout successfully', () => {
     const accounts = new Accounts();