From e80dc8ed605bbc6263bdba9d98d2780d13c65e69 Mon Sep 17 00:00:00 2001 From: Siddharth Dungarwal Date: Sat, 17 Feb 2018 13:27:37 +0530 Subject: [PATCH 1/3] Returned 403. --- routes/oneauth.js | 3 +++ services/oneauth.js | 5 +++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/routes/oneauth.js b/routes/oneauth.js index 21c963ce..90b3624c 100644 --- a/routes/oneauth.js +++ b/routes/oneauth.js @@ -22,6 +22,9 @@ router.get('/login', (req, res, next) => { } OneAuth.addAuthTokenToDb(grantCode).then((result) => { //TODO: Handle the case when grant_code is wrong + if(!result.verifiedemail) { + res.status(403).json({error: "Unverified Email"}); + } if (process.env.NODE_ENV === "production") { if (req.headers.referer.startsWith('https://hack.codingblocks.com/admin') && result.user.role_id !== 1 && result.user.role_id !== 3) { diff --git a/services/oneauth.js b/services/oneauth.js index 91a94436..d9892c8b 100644 --- a/services/oneauth.js +++ b/services/oneauth.js @@ -15,11 +15,12 @@ const Raven = require ('raven'); const addAuthTokenToDb = function(grant_code) { - let authToken, oauthId; + let authToken, oauthId, verifiedemail; return OneAuthRepo.getAuthToken(grant_code).then((result) => { authToken = result.access_token; return OneAuthRepo.getUserDetails(authToken); }).then(result => { + verifiedemail = result.verifiedemail; let userObj = {}; oauthId = userObj.oauth_id = result.id; userObj.access_token = authToken; @@ -52,7 +53,7 @@ const addAuthTokenToDb = function(grant_code) { Raven.captureException (err) }); } - return {authToken, oauthId, user: result, refreshToken: session.refreshToken}; + return {authToken, oauthId, user: result, refreshToken: session.refreshToken, verifiedemail}; }); }; From 699a61c3d1f23282951b659cec8f947c27ad34bb Mon Sep 17 00:00:00 2001 From: Siddharth Dungarwal Date: Tue, 20 Feb 2018 12:50:05 +0530 Subject: [PATCH 2/3] Returned 405. --- routes/oneauth.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/routes/oneauth.js b/routes/oneauth.js index 90b3624c..e3695f8f 100644 --- a/routes/oneauth.js +++ b/routes/oneauth.js @@ -23,7 +23,8 @@ router.get('/login', (req, res, next) => { OneAuth.addAuthTokenToDb(grantCode).then((result) => { //TODO: Handle the case when grant_code is wrong if(!result.verifiedemail) { - res.status(403).json({error: "Unverified Email"}); + res.status(405).json({error: "Unverified Email"}); + return; } if (process.env.NODE_ENV === "production") { if (req.headers.referer.startsWith('https://hack.codingblocks.com/admin') && From 15e4fdf2e49ba1c889144c928dab55c05c7162ee Mon Sep 17 00:00:00 2001 From: Siddharth Dungarwal Date: Tue, 20 Feb 2018 15:21:07 +0530 Subject: [PATCH 3/3] Variable Name Changed. --- routes/oneauth.js | 2 +- services/oneauth.js | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/routes/oneauth.js b/routes/oneauth.js index e3695f8f..abd618c6 100644 --- a/routes/oneauth.js +++ b/routes/oneauth.js @@ -22,7 +22,7 @@ router.get('/login', (req, res, next) => { } OneAuth.addAuthTokenToDb(grantCode).then((result) => { //TODO: Handle the case when grant_code is wrong - if(!result.verifiedemail) { + if(!result.verifiedEmail) { res.status(405).json({error: "Unverified Email"}); return; } diff --git a/services/oneauth.js b/services/oneauth.js index d9892c8b..7aa476bf 100644 --- a/services/oneauth.js +++ b/services/oneauth.js @@ -15,12 +15,12 @@ const Raven = require ('raven'); const addAuthTokenToDb = function(grant_code) { - let authToken, oauthId, verifiedemail; + let authToken, oauthId, verifiedEmail; return OneAuthRepo.getAuthToken(grant_code).then((result) => { authToken = result.access_token; return OneAuthRepo.getUserDetails(authToken); }).then(result => { - verifiedemail = result.verifiedemail; + verifiedEmail = result.verifiedemail; let userObj = {}; oauthId = userObj.oauth_id = result.id; userObj.access_token = authToken; @@ -53,7 +53,7 @@ const addAuthTokenToDb = function(grant_code) { Raven.captureException (err) }); } - return {authToken, oauthId, user: result, refreshToken: session.refreshToken, verifiedemail}; + return {authToken, oauthId, user: result, refreshToken: session.refreshToken, verifiedEmail}; }); };