Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(authentication-service): security issue with forget password and login api #466

Merged
merged 1 commit into from
Jan 16, 2022
Merged

fix(authentication-service): security issue with forget password and login api #466

merged 1 commit into from
Jan 16, 2022

Conversation

samarpan-b
Copy link
Contributor

@samarpan-b samarpan-b commented Jan 16, 2022
edited
Loading

BREAKING CHANGE:
response type of forget password and login api changed

Description

  1. There was no check for user belonging to client or not in login api and forget password and reset password apis
  2. Moved verification to service class
  3. Updated all test cases.
  4. Removed invalid providers from fixtures and used the actual one to increase the code coverage and proper testing
  5. Added code coverage badge to authentication-service

Fixes # (issue)

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Intermediate change (work in progress)

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

  • Test A
  • Test B

Checklist:

  • Performed a self-review of my own code
  • npm test passes on your machine
  • New tests added or existing tests modified to cover all changes
  • Code conforms with the style guide
  • API Documentation in code was updated
  • Any dependent changes have been merged and published in downstream modules

fix(authentication-service): security issue with forget password and …
d533412 
…login api

BREAKING CHANGE:
response type of forget password and login api changed

gh-0
@sonarcloud
Copy link

sonarcloud bot commented Jan 16, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@samarpan-b samarpan-b merged commit 7da5b0b into master Jan 16, 2022
@samarpan-b samarpan-b deleted the security-fix branch January 16, 2022 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akshatdubeysf akshatdubeysf akshatdubeysf approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@samarpan-b @akshatdubeysf