Added script to preload users

config_sample.json

@@ -104,6 +104,7 @@
     "*@a.com"
   ],
   "password":{
+    "validateOldPassword": false,
     "regexValidation": "(?=.*\\d)(?=.*[A-Z])(?=.*[a-z]).{8}",
     "message": "Your password must be at least 8 characters and must contain at least one capital, one lower and one number.",
     "generatedRegex": "([a-z][\\d][A-Z]){3,4}",

package.json

@@ -48,7 +48,8 @@
     "int": "DEBUG=cipherlayer* node main.js",
     "pro": "DEBUG=cipherlayer* node main.js",
     "lint": "./node_modules/.bin/gulp jshint",
-    "lint-go": "./node_modules/.bin/gulp jshint-go"
+    "lint-go": "./node_modules/.bin/gulp jshint-go",
+    "fixtures": "node scripts/add_users.js"
   },
   "repository": {
     "type": "git",

scripts/add_users.js

@@ -0,0 +1,98 @@
+var async = require('async'),
+    fs = require('fs'),
+    nock = require('nock'),
+    userMng = require('../src/managers/user'),
+    config = require('../config.json'),
+    userDao = require('../src/managers/dao.js');
+/*
+ * Objects for `async.eachSeries`
+ */
+
+// Function to apply to each fixture
+var addFixture = function(fixture, callback) {
+
+    var data = fixture;
+
+    // Define user object to be passed to userMng
+    var pin = null;
+    var profileBody = {
+        id: data._id.$oid || data._id,
+        email: data.email,
+        password: data.password || (process.env.DEFAULT_PASS ? process.env.DEFAULT_PASS : "qwerty")
+    };
+
+    if(!profileBody.id || !profileBody.email || !profileBody.password) {
+        console.log("Missing mandatory parameter(s)");
+        return callback();
+    }
+    // Nock the createUser URL
+    nock('http://' + config.private_host + ':' + config.private_port + config.passThroughEndpoint.path, { reqheaders: {
+        'Content-Type': 'application/json; charset=utf-8'
+    }})
+        .post(config.passThroughEndpoint.path)
+        .reply(201,profileBody);
+
+    // Save user data to database
+    userMng().createUser(profileBody, pin, function(err) {
+        if(err) {
+
+            if (err.err === 'auth_proxy_user_error') {
+                console.log(profileBody.email + " " + err.des);
+                return callback();
+            }
+            return callback(err);
+        }
+        console.log(profileBody.email + " added");
+        return callback();
+    });
+
+};
+
+/*
+ * Main part of the script:
+ *  - Exports the function, or
+ *  - Executes the function if running from CLI
+ */
+var runLoadFixtures = module.exports = function(fixtureFile, callback) {
+
+            console.log("running Load Fixtures");
+
+
+            async.eachSeries(fixtureFile, addFixture, callback);
+
+};
+
+if (!module.parent) { // Run as CLI command exec
+    async.series([
+
+        // Start cipherLayer components (mongodb, redis...)
+        function connect(done) {
+            userDao.connect(done);
+        },
+
+        function drop(done) {
+            if(!process.env.DROP_DB) return done();
+            console.log("Dropping database");
+            userDao.deleteAllUsers(done);
+        },
+
+        function load(done) {
+            fixtureFile = require(__dirname + '/' + '../tests/fixtures/' + 'User.json');
+            runLoadFixtures(fixtureFile,done);
+        },
+
+        function disconnect(done) {
+            userDao.disconnect(done);
+        }
+
+    ], function(err) {
+        if (err) {
+            console.error(err);
+            process.exit(1);
+        }
+
+        console.info('Fixtures loaded');
+        process.exit();
+    });
+
+}

src/cipherlayer.js

@@ -23,8 +23,7 @@ var bodyParserWrapper = require('./middlewares/bodyParserWrapper.js');
 
 var versionControl = require('version-control');
 
-var pinValidation = require('./middlewares/pinValidation.js')();
-var userAppVersion = require('./middlewares/userAppVersion.js')();
+var pinValidation = require('./middlewares/pinValidation.js');
 
 var jsonValidator = require('./managers/json_validator');
 var configSchema = require('../config_schema.json');
@@ -100,10 +99,10 @@ function startListener(publicPort, privatePort, cbk){
         require(platformsPath + filename).addRoutes(server, passport);
     });
 
-    server.get(/(.*)/,  checkAccessTokenParam, checkAuthHeader, decodeToken, permissions, findUser, pinValidation, userAppVersion, prepareOptions, platformsSetUp, printTraces, propagateRequest);
-    server.post(/(.*)/, checkAccessTokenParam, checkAuthHeader, decodeToken, permissions, findUser, pinValidation, userAppVersion, prepareOptions, platformsSetUp, printTraces, propagateRequest);
-    server.del(/(.*)/,  checkAccessTokenParam, checkAuthHeader, decodeToken, permissions, findUser, pinValidation, userAppVersion, prepareOptions, platformsSetUp, printTraces, propagateRequest);
-    server.put(/(.*)/,  checkAccessTokenParam, checkAuthHeader, decodeToken, permissions, findUser, pinValidation, userAppVersion, prepareOptions, platformsSetUp, printTraces, propagateRequest);
+    server.get(/(.*)/, checkAccessTokenParam, checkAuthHeader, decodeToken, permissions, findUser, prepareOptions, platformsSetUp, printTraces, propagateRequest, pinValidation);
+    server.post(/(.*)/, checkAccessTokenParam, checkAuthHeader, decodeToken, permissions, findUser, prepareOptions, platformsSetUp, printTraces, propagateRequest, pinValidation);
+    server.del(/(.*)/, checkAccessTokenParam, checkAuthHeader, decodeToken, permissions, findUser,prepareOptions, platformsSetUp, printTraces, propagateRequest, pinValidation);
+    server.put(/(.*)/, checkAccessTokenParam, checkAuthHeader, decodeToken, permissions, findUser, prepareOptions, platformsSetUp, printTraces, propagateRequest, pinValidation);
 
     server.use(function(req, res, next){
         debug('< ' + res.statusCode);

src/managers/user.js

@@ -312,6 +312,28 @@ function setPassword(id, body, cbk){
     }
 }
 
+function validateOldPassword(username, oldPassword, cbk) {
+
+    userDao.getAllUserFields(username, function(err, user) {
+        if (err) {
+            res.send(401, err);
+            return next();
+        }
+
+        cryptoMng.encrypt(oldPassword, function(encrypted){
+            if (user.password !== encrypted)  {
+                return cbk({
+                    err: 'invalid_old_password',
+                    des: 'invalid password',
+                    code: 401
+                });
+            }
+
+            return cbk();
+        });
+    });
+}
+
 //Aux functions
 function random (howMany, chars) {
     chars = chars || "abcdefghijklmnopqrstuwxyzABCDEFGHIJKLMNOPQRSTUWXYZ0123456789";
@@ -357,6 +379,7 @@ module.exports = function(settings) {
         setPlatformData : setPlatformData,
         createUser : createUser,
         createUserByToken : createUserByToken,
-        setPassword: setPassword
+        setPassword: setPassword,
+        validateOldPassword: validateOldPassword
     };
 };

src/middlewares/propagateRequest.js

@@ -32,6 +32,8 @@ function propagateRequest(req, res, next){
         // if url is a direct proxy request, use http-proxy
         if (useDirectProxy) {
 
+            // add user id to proxy request headers
+            req.headers['x-user-id'] = req.options.headers['x-user-id'];
             proxy.web(req, res, {
                 target: 'http://'+ config.private_host + ':' + config.private_port
             });

src/routes/user.js

@@ -138,15 +138,49 @@ function createUserByToken(req, res, next) {
     });
 }
 
-function setPassword(req, res, next){
-    if(!req.body){
-        res.send(400, {
+function checkBody(req, res, next) {
+    var err;
+    if (!req.body){
+        err = {
             err: 'invalid_body',
             des: 'The call to this url must have body.'
-        } );
+        };
+        res.send(400, err);
+        return next(false);
+    }
+
+    return next();
+}
+
+function validateOldPassword(req, res, next) {
+    var err;
+    if (!config.password.validateOldPassword) {
         return next();
     }
 
+    if (!req.body.oldPassword) {
+        err = {
+            err: 'missing_password',
+            des: 'Missing old password validation'
+        };
+        res.send(400, err);
+        return next(false);
+    }
+
+    debug('validating old password', req.user.password, req.body);
+
+    userMng().validateOldPassword(req.user.username, req.body.oldPassword, function(err){
+        if (err) {
+            res.send(401, err);
+            return next(false);
+        }
+        return next();
+    });
+
+}
+
+function setPassword(req, res, next){
+
     userMng().setPassword(req.user._id, req.body, function(err, modified){
         if (err) {
             if (!err.code ) {
@@ -170,7 +204,7 @@ function addRoutes(service){
     service.post(config.passThroughEndpoint.path, createUserEndpoint);
     service.get('/user/activate', createUserByToken);
 
-    service.put('/user/me/password', checkAccessTokenParam, checkAuthHeader, decodeToken, findUser, setPassword);
+    service.put('/user/me/password', checkAccessTokenParam, checkAuthHeader, decodeToken, checkBody, findUser, validateOldPassword, setPassword);
 
     debug('User routes added');
 }

tests/fixtures/User.json

@@ -0,0 +1,23 @@
+[
+  {
+    "_id": {"$oid": "01f0000000000000003f0004"},
+    "phone": "555-7891-2365",
+    "email": "nick@intelygenz.com",
+    "password": "1234",
+    "country": "PL"
+  },
+  {
+    "_id": {"$oid": "01f0000000000000003f0002"},
+    "phone": "555-8899-1324",
+    "email": "gustavo@intelygenz.com",
+    "password": "asdf",
+    "country": "AR"
+  },
+  {
+    "_id": {"$oid": "01f0000000000000003f0003"},
+    "phone": "555-0012-7453",
+    "email": "josemanuel@intelygenz.com",
+    "password": "abcd",
+    "country": "ES"
+  }
+]