diff --git a/app/models/user.js b/app/models/user.js index daf9b2ad89..d726835960 100755 --- a/app/models/user.js +++ b/app/models/user.js @@ -4,6 +4,7 @@ var mongoose = require('mongoose'), Schema = mongoose.Schema, crypto = require('crypto'), + scrypt = require('scrypt'), _ = require('underscore'), authTypes = ['github', 'twitter', 'facebook', 'google']; @@ -14,10 +15,9 @@ var mongoose = require('mongoose'), var UserSchema = new Schema({ name: String, email: String, - username: String, + username: {type: String, unique: true}, provider: String, hashed_password: String, - salt: String, facebook: {}, twitter: {}, github: {}, @@ -29,7 +29,6 @@ var UserSchema = new Schema({ */ UserSchema.virtual('password').set(function(password) { this._password = password; - this.salt = this.makeSalt(); this.hashed_password = this.encryptPassword(password); }).get(function() { return this._password; @@ -92,18 +91,9 @@ UserSchema.methods = { * @api public */ authenticate: function(plainText) { - return this.encryptPassword(plainText) === this.hashed_password; + return scrypt.verifyHashSync(this.hashed_password, plainText); }, - /** - * Make salt - * - * @return {String} - * @api public - */ - makeSalt: function() { - return Math.round((new Date().valueOf() * Math.random())) + ''; - }, /** * Encrypt password @@ -114,8 +104,10 @@ UserSchema.methods = { */ encryptPassword: function(password) { if (!password) return ''; - return crypto.createHmac('sha1', this.salt).update(password).digest('hex'); + var maxtime = 0.1; + return scrypt.passwordHashSync(password, maxtime); + //return crypto.createHmac('sha1', this.salt).update(password).digest('hex'); } }; -mongoose.model('User', UserSchema); \ No newline at end of file +mongoose.model('User', UserSchema); diff --git a/config/express.js b/config/express.js index 0a2d2a291b..dc72f4c981 100755 --- a/config/express.js +++ b/config/express.js @@ -7,9 +7,9 @@ var express = require('express'), helpers = require('view-helpers'), config = require('./config'); -module.exports = function(app, passport) { +module.exports = function(app, passport, db) { app.set('showStackError', true); - + app.locals.pretty = true; //Should be placed before express.static app.use(express.compress({ filter: function(req, res) { @@ -46,7 +46,7 @@ module.exports = function(app, passport) { app.use(express.session({ secret: 'MEAN', store: new mongoStore({ - url: config.db, + db: db.connection.db, collection: 'sessions' }) })); @@ -87,4 +87,4 @@ module.exports = function(app, passport) { }); }); -}; \ No newline at end of file +}; diff --git a/gruntfile.js b/gruntfile.js index 35bf3dc2b5..b2f9712e64 100644 --- a/gruntfile.js +++ b/gruntfile.js @@ -27,7 +27,11 @@ module.exports = function(grunt) { options: { livereload: true } - } + }, + test: { + files: '*', + tasks: ['test'] + } }, jshint: { all: ['gruntfile.js', 'public/js/**/*.js', 'test/**/*.js', 'app/**/*.js'] @@ -60,6 +64,11 @@ module.exports = function(grunt) { reporter: 'spec' }, src: ['test/**/*.js'] + }, + env: { + test: { + NODE_ENV: 'test' + } } }); @@ -69,6 +78,7 @@ module.exports = function(grunt) { grunt.loadNpmTasks('grunt-mocha-test'); grunt.loadNpmTasks('grunt-nodemon'); grunt.loadNpmTasks('grunt-concurrent'); + grunt.loadNpmTasks('grunt-env'); //Making grunt default to force in order not to break the project. grunt.option('force', true); @@ -77,5 +87,5 @@ module.exports = function(grunt) { grunt.registerTask('default', ['jshint', 'concurrent']); //Test task. - grunt.registerTask('test', ['mochaTest']); + grunt.registerTask('test', ['env:test', 'mochaTest']); }; diff --git a/package.json b/package.json index b824b662a1..dcde034bed 100755 --- a/package.json +++ b/package.json @@ -36,7 +36,14 @@ "forever": "latest", "bower": "latest", "grunt": "latest", +<<<<<<< HEAD "grunt-cli": "latest" +======= + "grunt-cli": "latest", + "grunt-env": "latest", + "grunt-bower-task": "latest", + "scrypt": "latest" +>>>>>>> 71365db8398cfc2c1d40aceef4cb25927109eb10 }, "devDependencies": { "supertest": "latest", diff --git a/server.js b/server.js index 947264c73b..455d77c16f 100755 --- a/server.js +++ b/server.js @@ -44,7 +44,7 @@ require('./config/passport')(passport); var app = express(); //express settings -require('./config/express')(app, passport); +require('./config/express')(app, passport, db); //Bootstrap routes require('./config/routes')(app, passport, auth); diff --git a/test/article/model.js b/test/article/model.js index e31351abae..86b8d1d1a3 100644 --- a/test/article/model.js +++ b/test/article/model.js @@ -52,7 +52,14 @@ describe('', function() { }); afterEach(function(done) { + Article.remove({}); + User.remove({}); + done(); + }); + after(function(done){ + Article.remove().exec(); + User.remove().exec(); done(); }); }); -}); \ No newline at end of file +}); diff --git a/test/user/model.js b/test/user/model.js index 4919b7b543..d72c14eb48 100644 --- a/test/user/model.js +++ b/test/user/model.js @@ -19,15 +19,33 @@ describe('', function() { username: 'user', password: 'password' }); + user2 = new User({ + name: 'Full name', + email: 'test@test.com', + username: 'user', + password: 'password' + }); done(); }); describe('Method Save', function() { + it('should begin with no users', function(done){ + User.find({}, function(err,users){ + users.should.have.length(0); + done(); + }); + }); + it('should be able to save whithout problems', function(done) { - return user.save(function(err) { - should.not.exist(err); - done(); + user.save(done); + }); + + it('should fail to save an existing user again', function(done) { + user.save(); + return user2.save(function(err){ + should.exist(err); + done(); }); }); @@ -41,7 +59,8 @@ describe('', function() { }); after(function(done) { + User.remove().exec(); done(); }); }); -}); \ No newline at end of file +});