store.UpdateVerifyTokenString

2022-07-31 12:26:03 -04:00 · 2022-07-31 12:26:03 -04:00 · 2dd3019b08
commit 2dd3019b08
parent eabfa9d54c
2 changed files with 72 additions and 6 deletions
--- a/store/account_test.go
+++ b/store/account_test.go
@ -156,7 +156,6 @@ func TestStoreGetUserIdAccountNotExists(t *testing.T) {

 	email, password := auth.Email("abc@example.com"), auth.Password("123")

-	// Check that there's no user id for email and password first
 	if userId, err := s.GetUserId(email, password); err != ErrWrongCredentials || userId != 0 {
 		t.Fatalf(`GetUserId error for nonexistant account: wanted "%+v", got "%+v. userId: %v"`, ErrWrongCredentials, err, userId)
 	}
@ -246,7 +245,7 @@ func TestStoreAccountEmptyFields(t *testing.T) {
 }

 // Test GetClientSaltSeed for existing account
-func TestStoreGetClientSaltSeedAccountSuccess(t *testing.T) {
+func TestStoreGetClientSaltSeedAccountExists(t *testing.T) {
 	s, sqliteTmpFile := StoreTestInit(t)
 	defer StoreTestCleanup(sqliteTmpFile)

@ -272,8 +271,52 @@ func TestStoreGetClientSaltSeedAccountNotExists(t *testing.T) {

 	email := auth.Email("abc@example.com")

-	// Check that there's no user id for email and password first
 	if seed, err := s.GetClientSaltSeed(email); err != ErrWrongCredentials || seed != "" {
 		t.Fatalf(`GetClientSaltSeed error for nonexistant account: wanted "%+v", got "%+v. seed: %v"`, ErrWrongCredentials, err, seed)
 	}
 }
+
+// Test UpdateVerifyTokenString for existing account
+func TestUpdateVerifyTokenStringSuccess(t *testing.T) {
+	s, sqliteTmpFile := StoreTestInit(t)
+	defer StoreTestCleanup(sqliteTmpFile)
+
+	verifyTokenString1 := auth.VerifyTokenString("00000000000000000000000000000000")
+	time1 := time.Time{}
+
+	_, email, password, createdSeed := makeTestUser(t, &s, verifyTokenString1, &time1)
+
+	// we're not testing normalization features so we'll just use this here
+	normEmail := email.Normalize()
+
+	// Check that the token updates for the email, irrespective of the case of
+	// the characters in the email.
+	lowerEmail := auth.Email(strings.ToLower(string(email)))
+	upperEmail := auth.Email(strings.ToUpper(string(email)))
+
+	verifyTokenString2 := auth.VerifyTokenString("abcd1234abcd1234abcd1234abcd1234")
+	verifyTokenString3 := auth.VerifyTokenString("ef095678ef095678ef095678ef095678")
+	approxVerifyExpiration := time.Now().Add(time.Hour * 24 * 2).UTC()
+
+	if err := s.UpdateVerifyTokenString(lowerEmail, verifyTokenString2); err != nil {
+		t.Fatalf("Unexpected error in UpdateVerifyTokenString: err: %+v", err)
+	}
+	expectAccountMatch(t, &s, normEmail, email, password, createdSeed, verifyTokenString2, &approxVerifyExpiration)
+
+	if err := s.UpdateVerifyTokenString(upperEmail, verifyTokenString3); err != nil {
+		t.Fatalf("Unexpected error in UpdateVerifyTokenString: err: %+v", err)
+	}
+	expectAccountMatch(t, &s, normEmail, email, password, createdSeed, verifyTokenString3, &approxVerifyExpiration)
+}
+
+// Test UpdateVerifyTokenString for nonexisting email
+func TestStoreUpdateVerifyTokenStringAccountNotExists(t *testing.T) {
+	s, sqliteTmpFile := StoreTestInit(t)
+	defer StoreTestCleanup(sqliteTmpFile)
+
+	email := auth.Email("abc@example.com")
+
+	if err := s.UpdateVerifyTokenString(email, "abcd1234abcd1234abcd1234abcd1234"); err != ErrWrongCredentials {
+		t.Fatalf(`UpdateVerifyTokenString error for nonexistant account: wanted "%+v", got "%+v."`, ErrWrongCredentials, err)
+	}
+}
--- a/store/store.go
+++ b/store/store.go
@ -34,6 +34,11 @@ var (
 	ErrNotVerified      = fmt.Errorf("User account is not verified")
 )

+const (
+	AuthTokenLifespan   = time.Hour * 24 * 14
+	VerifyTokenLifespan = time.Hour * 24 * 2
+)
+
 // For test stubs
 type StoreInterface interface {
 	SaveToken(*auth.AuthToken) error
@ -209,10 +214,11 @@ func (s *Store) updateToken(authToken *auth.AuthToken, experation time.Time) (er
 func (s *Store) SaveToken(token *auth.AuthToken) (err error) {
 	// TODO: For psql, do upsert here instead of separate insertToken and updateToken functions
 	//       Actually it may even be available for SQLite?
+	//       But not for wallet, it probably makes sense to keep that separate because of the sequence variable

 	// TODO - Should we auto-delete expired tokens?

-	expiration := time.Now().UTC().Add(time.Hour * 24 * 14)
+	expiration := time.Now().UTC().Add(AuthTokenLifespan)

 	// This is most likely not the first time calling this function for this
 	// device, so there's probably already a token in there.
@ -380,7 +386,7 @@ func (s *Store) CreateAccount(email auth.Email, password auth.Password, seed aut
 	var verifyExpiration *time.Time
 	if len(verifyToken) > 0 {
 		verifyExpiration = new(time.Time)
-		*verifyExpiration = time.Now().UTC().Add(time.Hour * 24 * 2)
+		*verifyExpiration = time.Now().UTC().Add(VerifyTokenLifespan)
 	}

 	// userId auto-increments
@ -398,7 +404,24 @@ func (s *Store) CreateAccount(email auth.Email, password auth.Password, seed aut
 	return
 }

-func (s *Store) UpdateVerifyTokenString(auth.Email, auth.VerifyTokenString) (err error) {
+func (s *Store) UpdateVerifyTokenString(email auth.Email, verifyTokenString auth.VerifyTokenString) (err error) {
+	expiration := time.Now().UTC().Add(VerifyTokenLifespan)
+
+	res, err := s.db.Exec(
+		"UPDATE accounts SET verify_token=?, verify_expiration=? WHERE normalized_email=?",
+		verifyTokenString, expiration, email.Normalize(),
+	)
+	if err != nil {
+		return
+	}
+
+	numRows, err := res.RowsAffected()
+	if err != nil {
+		return
+	}
+	if numRows == 0 {
+		err = ErrWrongCredentials
+	}
 	return
 }