fix issue for duplicate user

Makefile

@@ -25,5 +25,9 @@ lib-cov:
 	@rm -fr ./$@
 	@jscoverage models $@
 
+coverage:
+	jscoverage --no-highlight lib lib-cov
+	@NODE_ENV=test EXAMPLE_COV=1 ./node_modules/.bin/mocha  -R html-cov > coverage.html
+	rm -rf lib-cov
 
 .PHONY: test-cov test test-all test-unit clean test-cov lib-cov

controllers/auth.js

@@ -98,18 +98,18 @@ exports.login_post=function(req, res, next) {
 
   try{
     check(req.body.email,"Le format de l'email est invalide").isEmail();
-    check(req.body.provider).len(3, 64);
-    check(req.body.password).len(4, 64);
+    check(req.body.provider,"Erreur interne de format [provider]").len(3, 64);
+    check(req.body.password,"Le passowrd est invalide").len(6, 64);
   }catch(err){  
-    // console.log(err.stack)    
+    console.log("ERROR",err.message)    
     return res.send(400, err.message);
   }  
 
   //res.json({info:"hello"});
   passport.authenticate('local', function(err, user, info) {
 
       if (err) { 
-        return res.send(400,err); 
+        return res.send(400,errorHelper(err)); 
       }
       if (!user) { 
         return res.send(400,"L'utilisateur ou le mot de passe est incorrect"); 
@@ -132,6 +132,7 @@ exports.login_post=function(req, res, next) {
 
 	    /* account is not valid */
 	    if (!user.isAdmin() && !user.status){
+        console.log("ERROR","Votre compte est désactivé")    
 	      return res.send(401,"Votre compte est désactivé");
 	    }
 
@@ -162,25 +163,26 @@ exports.register_post= function(req, res) {
       check(req.body.email,"Le format de l'email est invalide").isEmail();
       check(req.body.firstname,"Le format du nom est invalide").len(3, 64);
       check(req.body.lastname,"Le format de prénom est invalide").len(3, 64);
-      check(req.body.password,"Le passowrd est invalide").len(3, 64);
+      check(req.body.password,"Le passowrd est invalide").len(6, 64);
     }catch(err){
-      console.log("[register] ", err.message)
+      console.log("ERROR [register] ", err.message)
       return res.send(400, err.message);
     }  
 
 		db.model('Users')
 		.register(req.param('email'),req.param('firstname'),req.param('lastname'),req.param('password'),req.param('confirm'),
 		  function(err,user){
         if(err&&err.code==11000){
-          console.log("[register] ", "Cet adresse email est déjà utilisée")
+          console.log("ERROR [register] ", "Cet adresse email est déjà utilisée")
           return res.send(400,"Cet adresse email est déjà utilisée");    
         }else
 		    if (err){
+          console.log("ERROR",errorHelper(err))    
           return res.send(400,errorHelper(err));    
 		    }
 
         if (!user){
-          console.log("[register] Ooooppss!!")
+          console.log("ERROR","[register] Ooooppss!!")
           return res.send(400,"Erreur inconnue lors de la création du compte");    
         }
         //

models/users.js

@@ -140,34 +140,45 @@ UserSchema.pre("save",function(next, done) {
 //}, 'Invalid gender');
 
 UserSchema.statics.findOrCreate=function(u,callback){
-	var Users=this.model('Users');
+	var Users=this.model('Users'),
+      criteria={};
 
-  //TODO this is a simple implementation that auth persona to match local email 
-  if (u.provider==='persona'){
-    var persona= delete u.provider;
+  // find by id
+  if(u.id){
+    criteria.id=u.id
   }
-  Users.findOne(u, function(err, user){
+
+  //find by email
+  if(u['email.address']){
+    criteria['email.address']=u['email.address']
+  }
+
+  Users.findOne(criteria, function(err, user){
     if(!user){
+      //
+      // user should be created
       if (u.provider==='local'){
-        return callback("The system can not automaticaly create user for local provider");
+        return callback("L'utilisateur ne peut pas être créer automatiquement");
       }
 
       if (!u.id && u['email.address']){
         //
         // this question is essential but it need a promise
         // db.model('Sequences').nextUser(function(uid){
         //})
-  
+
         u.id=u['email.address'].hash()
         u["email.status"]=true;
       }
-      if(persona){u['provider']='persona'}
       var newuser=new Users(u);
       newuser.save(function(err){
         //if ( err && err.code === 11000 )
         callback(err,newuser);
       });
     }else{
+      if(u.provider&&(user.provider!==u.provider)){
+        return callback("L'identifiant est déja utilisé par le provider "+user.provider, null);  
+      }
       callback(err, user);
     }
   });
@@ -373,39 +384,48 @@ UserSchema.statics.authenticate=function(email, password, callback) {
 
 
 UserSchema.statics.register = function(email, first, last, password, confirm, callback){
-	var Users=this.model('Users');
+	var Users=this.model('Users'),
+      uid=email.hash(new Date());
 	//error("TODO, we cannot register a user without matching a common provider (twitter, google, fb, flickr)");
 
 	if (password !==confirm){
-	  callback(("password confirmation is not identical"));
+	  callback(("la confirmation du mot de passe n'est pas correcte"));
 	  return;
 	}
 
-	//hash password (see virtual methods )
-	//var pwd=require('crypto').createHash('sha1').update(password).digest("hex");
-
+  // verifiy duplicity
+  Users.findOne({'email.address':email}).exec(function(e,u){
+    if(u){
+      return callback("Cet utilisateur existe déjà")
+    }
+
+    //hash password (see virtual methods )
+    //var pwd=require('crypto').createHash('sha1').update(password).digest("hex");
 
-  /* The name of this user, suitable for display.*/
-  //FIXME email.hash() should be replaced by (id++)+10000000
-	// create a new customer
-	var user=new Users({
-	    id:email.hash(new Date()),
-      displayName:first+" "+last, 
-      name: {
-          familyName: last,
-          givenName: first
-      },
-      email:{address:email,status:new Date()},
-			provider:"local",
-			password:password,
-			created:new Date()
-	});
-
-	//save it
-	user.save(function(err){	  
-	  //FIXME manage the duplicate address ( err && err.code === 11000 )
-		callback(err, user);
-	});
+
+    /* The name of this user, suitable for display.*/
+    //FIXME email.hash() should be replaced by (id++)+10000000
+    // create a new customer
+    var user=new Users({
+        id:uid,
+        displayName:first+" "+last, 
+        name: {
+            familyName: last,
+            givenName: first
+        },
+        email:{address:email,status:new Date()},
+        provider:"local",
+        password:password,
+        created:new Date()
+    });
+
+    //save it
+    user.save(function(err){    
+      //FIXME manage the duplicate address ( err && err.code === 11000 )
+      callback(err, user);
+    });
+
+  })
 };
 
 UserSchema.statics.updateStatus=function(id, status,callback){

package.json

@@ -31,7 +31,8 @@
     "passport-persona": "~0.1.7",
     "passport-google-oauth": "~0.1.5",
     "connect-mongo": "~0.4.1",
-    "method-override": "~2.1.3"
+    "method-override": "~2.1.3",
+    "mocha-lcov-reporter": "0.0.1"
   },
   "devDependencies": {
     "mocha": "1.x",

test/api.users.addresses.js

@@ -38,14 +38,15 @@ describe("api.users.addresses", function(){
       email:"[email protected]",
       firstname:"first",
       lastname:"last",
-      password:"12345",
-      confirm:"12345"
+      password:"123456",
+      confirm:"123456"
     };
 
     request(app)
       .post('/register')
       .send(r)
       .end(function(err,res){      
+        console.log(err)
         res.should.have.status(200);
         done();        
       });
@@ -57,7 +58,7 @@ describe("api.users.addresses", function(){
   it('POST /login return 200',function(done){  
     request(app)
       .post('/login')
-      .send({ email:"[email protected]", provider:'local', password:'12345' })
+      .send({ email:"[email protected]", provider:'local', password:'123456' })
       .end(function(err,res){
         res.should.have.status(200);
         res.body.email.address.should.equal("[email protected]");

test/api.users.create.js

@@ -44,8 +44,8 @@ describe("api.users.create", function(){
       email:"[email protected]",
       firstname:"first",
       lastname:"last",
-      password:"12345",
-      confirm:"12345"
+      password:"123456",
+      confirm:"123456"
     };
 
     request(app)
@@ -62,8 +62,8 @@ describe("api.users.create", function(){
       email:"[email protected]",
       firstname:"first",
       lastname:"last",
-      password:"12345",
-      confirm:"12345"
+      password:"123456",
+      confirm:"123456"
     };
 
     request(app)
@@ -75,12 +75,12 @@ describe("api.users.create", function(){
       });
   });
 
-  it('POST /register confirmation password should return 400 ',function(done){
+  it('POST /register with wrong confirmation password should return 400 ',function(done){
     var r={
       email:"[email protected]",
       firstname:"first",
       lastname:"last",
-      password:"12345",
+      password:"123456",
       confirm:"123"
     };
 
@@ -93,8 +93,9 @@ describe("api.users.create", function(){
       });
   });
 
-  it('POST /register without mail should return 400 ',function(done){
+  it('POST /register short password should return 400 ',function(done){
     var r={
+      email:"[email protected]",
       firstname:"first",
       lastname:"last",
       password:"12345",
@@ -110,6 +111,23 @@ describe("api.users.create", function(){
       });
   });
 
+  it('POST /register without mail should return 400 ',function(done){
+    var r={
+      firstname:"first",
+      lastname:"last",
+      password:"123456",
+      confirm:"123456"
+    };
+
+    request(app)
+      .post('/register')
+      .send(r)
+      .end(function(err,res){      
+        res.should.have.status(400);
+        done();        
+      });
+  });
+
   it('POST /register without data should return 400 ',function(done){
     request(app)
       .post('/register')
@@ -123,7 +141,7 @@ describe("api.users.create", function(){
   it('POST /login return 200',function(done){  
     request(app)
       .post('/login')
-      .send({ email:"[email protected]", provider:'local', password:'12345' })
+      .send({ email:"[email protected]", provider:'local', password:'123456' })
       .end(function(err,res){
         res.should.have.status(200);
         res.body.email.address.should.equal("[email protected]");