diff --git a/config/env/default.js b/config/env/default.js index 105aa154b6..cc09ea42f6 100644 --- a/config/env/default.js +++ b/config/env/default.js @@ -10,6 +10,8 @@ module.exports = { port: process.env.PORT || 3000, templateEngine: 'swig', // Session details + // session expiration is set by default to 24 hours + sessionExpiration: 24 * (60 * 1000), // sessionSecret should be changed for security measures and concerns sessionSecret: 'MEAN', // sessionKey is set to the generic sessionId key used by PHP applications diff --git a/config/lib/express.js b/config/lib/express.js index ca4313eb2d..854344068f 100644 --- a/config/lib/express.js +++ b/config/lib/express.js @@ -114,6 +114,9 @@ module.exports.initSession = function (app, db) { app.use(session({ saveUninitialized: true, resave: true, + cookie: { + maxAge: config.sessionExpiration + }, secret: config.sessionSecret, key: config.sessionKey, store: new MongoStore({ diff --git a/modules/users/tests/server/user.server.model.tests.js b/modules/users/tests/server/user.server.model.tests.js index f7a276173d..6c61a0a22a 100644 --- a/modules/users/tests/server/user.server.model.tests.js +++ b/modules/users/tests/server/user.server.model.tests.js @@ -155,6 +155,261 @@ describe('User Model Unit Tests:', function () { }); + describe("User E-mail Validation Tests", function() { + it('should not allow invalid email address - "123"', function (done) { + var _user = new User(user); + + _user.email = '123'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should not allow invalid email address - "123@123"', function (done) { + var _user = new User(user); + + _user.email = '123@123'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should not allow invalid email address - "123.com"', function (done) { + var _user = new User(user); + + _user.email = '123.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should not allow invalid email address - "@123.com"', function (done) { + var _user = new User(user); + + _user.email = '@123.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should not allow invalid email address - "abc@abc@abc.com"', function (done) { + var _user = new User(user); + + _user.email = 'abc@abc@abc.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should not allow invalid characters in email address - "abc~@#$%^&*()ef=@abc.com"', function (done) { + var _user = new User(user); + + _user.email = 'abc~@#$%^&*()ef=@abc.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should not allow space characters in email address - "abc def@abc.com"', function (done) { + var _user = new User(user); + + _user.email = 'abc def@abc.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should not allow single quote characters in email address - "abc\'def@abc.com"', function (done) { + var _user = new User(user); + + _user.email = 'abc\'def@abc.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should not allow doudble quote characters in email address - "abc\"def@abc.com"', function (done) { + var _user = new User(user); + + _user.email = 'abc\"def@abc.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should not allow double dotted characters in email address - "abcdef@abc..com"', function (done) { + var _user = new User(user); + + _user.email = 'abcdef@abc..com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should allow valid email address - "abc@abc.com"', function (done) { + var _user = new User(user); + + _user.email = 'abc@abc.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should allow valid email address - "abc+def@abc.com"', function (done) { + var _user = new User(user); + + _user.email = 'abc+def@abc.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should allow valid email address - "abc.def@abc.com"', function (done) { + var _user = new User(user); + + _user.email = 'abc.def@abc.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + it('should allow valid email address - "abc-def@abc.com"', function (done) { + var _user = new User(user); + + _user.email = 'abc-def@abc.com'; + _user.save(function (err) { + if (!err) { + _user.remove(function (err_remove) { + should.not.exist(err_remove); + done(); + }); + } else { + should.exist(err); + done(); + } + }); + + }); + + }); + after(function (done) { User.remove().exec(done); });