thegameofcode · luismesas · Apr 15, 2016 · Apr 11, 2016 · Apr 11, 2016 · Apr 11, 2016
diff --git a/config_sample.json b/config_sample.json
@@ -112,7 +112,8 @@
 			"expireInSec": 86400
 		},
 		"scheme": "my-scheme",
-		"redirectProtocol": "https"
+		"redirectProtocol": "https",
+		"errOnUserExists" : true
 	},
 	"externalServices": {
 		"notifications": {

diff --git a/src/managers/user.js b/src/managers/user.js
@@ -236,15 +236,37 @@ function createUserByToken(token, cbk) {
 					}
 
 					if (foundUser) {
-						return cbk({
-							err: 'auth_proxy_error',
-							des: 'user already exists',
-							code: 403
-						});
-					}
+						if (_settings.emailVerification.errOnUserExists === false) {
+							//do not return an error when the user already exists
+							//this allow the redirect flow for user activation to continue properly
+							//insted of returning a JSON error
+							const data = {};
+							if (foundUser.roles) {
+								data.roles = foundUser.roles;
+							}
 
-					delete(body[_settings.passThroughEndpoint.password]);
-					createUserPrivateCall(body, user, cbk);
+							tokenMng.createBothTokens(foundUser._id, data, function (err, tokens) {
+								if (err) {
+									log.error({err}, 'error creating tokens');
+									return cbk({
+										err: err.message,
+										code: 409
+									});
+								}
+								tokens.expiresIn = _settings.accessToken.expiration * 60;
+								return cbk(null, tokens);
+							});
+						} else {
+							return cbk({
+								err: 'auth_proxy_error',
+								des: 'user already exists',
+								code: 403
+							});
+						}
+					} else {
+						delete(body[_settings.passThroughEndpoint.password]);
+						createUserPrivateCall(body, user, cbk);
+					}
 				});
 			});
 		});
@@ -433,50 +455,47 @@ function validateOldPassword(username, oldPassword, cbk) {
 }
 
 function isValidDomain(email, cbk) {
-	let validDomain = false;
 
-	const domainsInConfig = (_settings.allowedDomains && _settings.allowedDomains.length);
+	// settings overrides realms configuration
+	if (_settings.allowedDomains) {
+		for (let i = 0; i < _settings.allowedDomains.length; i++) {
+			const domain = _settings.allowedDomains[i];
+
+			// wildcard
+			const check = domain.replace(/\*/g, '.*');
+			const match = email.match(check);
+			if ((match !== null && email === match[0])) {
+				return cbk(true);
+			}
+		}
+	}
 
+	// if domain is not override on settings, we look for db realms
 	daoMng.getRealms(function (err, realms) {
 		if (err) {
-			return cbk();
+			log.error({err}, 'error finding realms in db');
+			return cbk(false);
 		}
 
-		if ((!realms || !realms.length) && !domainsInConfig) {
-			return cbk(true);
+		if ((!realms || !realms.length)) {
+			return cbk(false);
 		}
 
-		async.eachSeries(realms, function (realm, next) {
-			if (validDomain || !realm.allowedDomains || !realm.allowedDomains.length) {
-				return next();
+		for (let realm in realms) {
+			if (!realm.allowedDomains || !realm.allowedDomains.length) {
+				continue;
 			}
 
-			async.eachSeries(realm.allowedDomains, function (domain, more) {
-				if (validDomain) {
-					return more();
-				}
-
+			for (let domain in realm.allowedDomains) {
 				// wildcard
 				const check = domain.replace(/\*/g, '.*');
 				const match = email.match(check);
-				validDomain = (match !== null && email === match[0]);
-				more();
-			}, next);
-		}, function () {
-			if (!validDomain) {
-				// Check domains in config file
-				for (let i = 0; i < _settings.allowedDomains.length; i++) {
-					const domain = _settings.allowedDomains[i];
-
-					// wildcard
-					const check = domain.replace(/\*/g, '.*');
-					const match = email.match(check);
-					validDomain = (match !== null && email === match[0]);
-					if (validDomain) break;
+				if (match !== null && email === match[0]) {
+					return cbk(true);
 				}
 			}
-			return cbk(validDomain);
-		});
+		}
+		return cbk(false);
 	});
 }
 

diff --git a/tests-unit/managerUser.js b/tests-unit/managerUser.js
@@ -54,7 +54,7 @@ const configSettings = {
 	}
 };
 
-function validatePwd (clear, crypted, cbk) {
+function validatePwd(clear, crypted, cbk) {
 	const cryptoMng = crypto(config.password);
 	cryptoMng.verify(clear, crypted, function (err) {
 		assert.equal(err, undefined);
@@ -646,6 +646,51 @@ describe('user Manager', function () {
 				});
 			});
 		});
+
+		it('Call sent 2 times with error on user exists deactivated', function (done) {
+			const testsConfigSettings = _.clone(configSettings);
+			testsConfigSettings.phoneVerification = null;
+			testsConfigSettings.emailVerification.errOnUserExists = false;
+
+			const transactionId = '1a2b3c4d5e6f';
+
+			const bodyData = {
+				country: 'US',
+				lastName: 'lastName',
+				phone: '111111111',
+				company: '',
+				password: 'valid_password',
+				firstName: 'firstName',
+				email: `valid${config.allowedDomains && config.allowedDomains[0] ? config.allowedDomains[0].replace('*', '') : ''}`,
+				transactionId
+			};
+
+			redisMng.insertKeyValue(redisKey.replace('{username}', bodyData.email), transactionId, redisExp, function (err, value) {
+				assert.equal(err, null);
+				assert.equal(value, transactionId);
+
+				ciphertoken.createToken(tokenSettings, bodyData.email, null, bodyData, function (err, token) {
+					if (err) {
+						return done(err);
+					}
+
+					nock(`http://${config.private_host}:${config.private_port}`)
+						.post(config.passThroughEndpoint.path)
+						.reply(201, {id: expectedUserId});
+
+					userMng(testsConfigSettings).createUserByToken(token, function (err, tokens) {
+						assert.equal(err, null);
+						assert.notEqual(tokens, null);
+
+						userMng(testsConfigSettings).createUserByToken(token, function (err, tokens) {
+							assert.equal(err, null);
+							assert.notEqual(tokens, null);
+							return done();
+						});
+					});
+				});
+			});
+		});
 	});
 
 	describe('Set user password', function () {
@@ -686,66 +731,66 @@ describe('user Manager', function () {
 
 			userDao.addUser(expectedUser, function (err, createdUser) {
 				async.series([
-						function (next) {
-							const newPassword = {
-								password: 'newpassword'
-							};
-
-							userMng().setPassword(createdUser._id, newPassword, function (err, result) {
-								assert.notEqual(err, null);
-								assert.deepEqual(err, expectedError);
-								assert.equal(result, undefined);
-								return next();
-							});
-						},
-						function (next) {
-							const newPassword = {
-								password: 'newPASSWORD'
-							};
-
-							userMng().setPassword(createdUser._id, newPassword, function (err, result) {
-								assert.notEqual(err, null);
-								assert.deepEqual(err, expectedError);
-								assert.equal(result, undefined);
-								return next();
-							});
-						},
-						function (next) {
-							const newPassword = {
-								password: 'new111111'
-							};
-
-							userMng().setPassword(createdUser._id, newPassword, function (err, result) {
-								assert.notEqual(err, null);
-								assert.deepEqual(err, expectedError);
-								assert.equal(result, undefined);
-								return next();
-							});
-						},
-						function (next) {
-							const newPassword = {
-								password: 'NEWPA55W0RD'
-							};
-
-							userMng().setPassword(createdUser._id, newPassword, function (err, result) {
-								assert.notEqual(err, null);
-								assert.deepEqual(err, expectedError);
-								assert.equal(result, undefined);
-								return next();
-							});
-						},
-						function (next) {
-							const newPassword = {
-								password: 'n3wPas5W0rd'
-							};
-
-							userMng().setPassword(createdUser._id, newPassword, function (err, result) {
-								assert.equal(err, null);
-								assert.equal(result, 1);
-								return next();
-							});
-						}
-					], done);
+					function (next) {
+						const newPassword = {
+							password: 'newpassword'
+						};
+
+						userMng().setPassword(createdUser._id, newPassword, function (err, result) {
+							assert.notEqual(err, null);
+							assert.deepEqual(err, expectedError);
+							assert.equal(result, undefined);
+							return next();
+						});
+					},
+					function (next) {
+						const newPassword = {
+							password: 'newPASSWORD'
+						};
+
+						userMng().setPassword(createdUser._id, newPassword, function (err, result) {
+							assert.notEqual(err, null);
+							assert.deepEqual(err, expectedError);
+							assert.equal(result, undefined);
+							return next();
+						});
+					},
+					function (next) {
+						const newPassword = {
+							password: 'new111111'
+						};
+
+						userMng().setPassword(createdUser._id, newPassword, function (err, result) {
+							assert.notEqual(err, null);
+							assert.deepEqual(err, expectedError);
+							assert.equal(result, undefined);
+							return next();
+						});
+					},
+					function (next) {
+						const newPassword = {
+							password: 'NEWPA55W0RD'
+						};
+
+						userMng().setPassword(createdUser._id, newPassword, function (err, result) {
+							assert.notEqual(err, null);
+							assert.deepEqual(err, expectedError);
+							assert.equal(result, undefined);
+							return next();
+						});
+					},
+					function (next) {
+						const newPassword = {
+							password: 'n3wPas5W0rd'
+						};
+
+						userMng().setPassword(createdUser._id, newPassword, function (err, result) {
+							assert.equal(err, null);
+							assert.equal(result, 1);
+							return next();
+						});
+					}
+				], done);
 			});
 		});
 	});