Fix session creation for auto-login when resetting password #465
Conversation
|
I've verified that this PR fixes the reported problem, however I'm also noticing that the pre/post handlers are not being run for this case. Can we refactor the code to handle those cases as well? I know it may touch many files, but it seems like we can consolidate a lot of this. |
1 similar comment
|
@robertjd The latest changes are now pushed. |
typerandom
force-pushed
the
fix-password-reset-autologin
branch
from
860a79d to
7248ca7
Compare
| return done(err); | ||
| } | ||
|
|
||
| var preLoginHandlerFormData = fixture.preLoginHandlerFormData; |
There was a problem hiding this comment.
The intention of this test case is to assert that the developer can end the response inside of their preLoginHandler, and that their response will be the final one.
These modifications don't assert that code path anymore, because the preLoginHandlerInterceptResponseTestFixture has been modified to always call next(), so we aren't testing a custom response by the developer anymore. This test should be reverted back to it's original intent.
There was a problem hiding this comment.
Okay, I see. I'll fix that!
|
Thanks @typerandom ! This looks great and I've verified that it solves the original issue. I do have one issue with a test change, please see my inline comments. In sum: we need to make sure that we have a test case that asserts the developer's ability to end the response from inside their handler, preventing the rest of the next() handlers from running. I'd like to address this test issue before we merge. |
|
@robertjd I saw your comment and I'll fix the code/test before we continue. |
typerandom
force-pushed
the
fix-password-reset-autologin
branch
from
762273c to
f7e0708
Compare
|
@robertjd This is fixed now. |
Fixes so that a session cookie is created when
web.changePassword.autoLoginis enabled and you're resetting the password for an account.How to verify
/and logged in.Fixes #164