Register vaildation failed
Opened this issue · 18 comments
I have been using superlogin for almost 2 years without any issue. Over the last few weeks, the register functionality seems to have stopped working without any modification.
I have created a new vagrant box and set up couchdb, and superlogin from scratch, and am getting the very same error.
Using postman I get the following reponse when posting all values:
{ "error": "Validation failed", "validationErrors": { "email": [ "Email can't be blank" ], "username": [ "Username can't be blank" ], "password": [ "Password can't be blank" ], "confirmPassword": [ "Confirm password can't be blank" ] }, "status": 400 }
My script.js file looks like this:
var express = require('express');
var http = require('http');
var bodyParser = require('body-parser');
var logger = require('morgan');
var cors = require('cors');
var SuperLogin = require('superlogin');
var app = express();
app.set('port', process.env.PORT || 3000);
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cors());
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header('Access-Control-Allow-Methods', 'DELETE,POST, PUT');
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
var config = {
dbServer: {
protocol: 'http://',
host: 'localhost:5984',
user: '',
password: '',
userDB: 'sl-users',
couchAuthDB: '_users'
},
mailer: {
fromEmail: 'gmail.user@gmail.com',
options: {
service: 'Gmail',
auth: {
user: 'gmail.user@gmail.com',
pass: 'userpass'
}
}
},
security: {
maxFailedLogins: 3,
lockoutTime: 600,
tokenLife: 86400,
loginOnRegistration: true,
},
userDBs: {
defaultDBs: {
private: ['defaultdbname']
}
},
providers: {
local: true
}
}
// Initialize SuperLogin
var superlogin = new SuperLogin(config);
// Mount SuperLogin's routes to our app
app.use('/auth', superlogin.router);
app.listen(app.get('port'));
console.log("App listening on " + app.get('port'));
Same error, any word on this?
Okay, so first, this github's repo is different from what is downloaded via:
npm install --save superlogin@latest
,
For whatever reason... If you have a local Redis and CouchDB server setup, download the repo directly and try running the tests.
Second, see if you have pouchdb-seed-design@0.3.0
, if so, there's a few things you have to change.
(Colin screwed-up his design-doc parsing by accident in that version.)
superlogin-master/test/ddocs/test.js
:
module.exports = {
test: {
views: {
mytest: {
map: function (doc) {
emit(doc._id);
}
}
}
}
};
superlogin-master/designDocs
:
module.exports = {
auth: {
views: {
email: {
map: function(doc) {
if(doc.email) {
emit(doc.email, null);
} else if(doc.unverifiedEmail.email) {
emit(doc.unverifiedEmail.email, null);
}
}
},
username: {
map: function(doc) {
emit(doc._id, null);
}
},
verifyEmail: {
map: function(doc) {
if(doc.unverifiedEmail && doc.unverifiedEmail.token) {
emit(doc.unverifiedEmail.token, null);
}
}
},
emailUsername: {
map: function(doc) {
emit(doc._id, null);
if(doc.email) {
emit(doc.email, null);
} else if(doc.unverifiedEmail.email) {
emit(doc.unverifiedEmail.email, null);
}
}
},
passwordReset: {
map: function(doc) {
if(doc.forgotPassword && doc.forgotPassword.token) {
emit(doc.forgotPassword.token, null);
}
}
},
session: {
map: function(doc) {
if(doc.session) {
for(var key in doc.session) {
if(doc.session.hasOwnProperty(key)) {
emit(key, doc._id);
}
}
}
}
},
expiredKeys: {
map: function(doc) {
if(doc.session) {
for(var key in doc.session) {
if(doc.session.hasOwnProperty(key) && doc.session[key].expires) {
emit(doc.session[key].expires, {key: key, user: doc._id});
}
}
}
}
}
}
}
};
superlogin-master/lib/util
: (Look for Object.keys(providers).forEach(function(provider) {
)
Object.keys(providers).forEach(function(provider) {
ddoc.auth.views[provider] = {
"map": ddocTemplate.replace(new RegExp('%PROVIDER%', 'g'), provider)
};
And that should do it.
I'm not sure how active this repo is, but when I have time I'll submit a pull request, or possibly fork this.
Let me know if this helped, @georgemccann :)
Here's a fork with changes implemented: https://github.com/PhilLaFayette/superlogin
Having this issue with your fork @PhilLaFayette :
{
"error": "Validation failed",
"validationErrors": {
"message": "[object Object]",
"stack": "Error: [object Object]\n at /home/james/Documents/proj/node_modules/superlogin/lib/user.js:71:15\n at <anonymous>\n at process._tickCallback (internal/process/next_tick.js:188:7)"
},
"status": 400
}
Hm. @JamesHealdUK I will investigate tomorrow. I remember this cropping up.
EDIT: Also, what's your node and npm version numbers?
EDIT#2: Also, do you have a local copy of both Redis, and CouchDB going? My fault for not specifying, if that indeed is the case.
EDIT#3: Okay, so I just looked into it now. Try adding pertinent DB info to env.sh, and running that script, before doing npm test
, It just worked for me with a fresh clone.
EDIT#4: Remember to delete any existing 'uncleaned' test users and database(s) from your couch/fauxton DB
EDIT#5: Also, try password-protecting your Redis instance, restarting the service, updating the pass in env.sh, and try again.
Lol. That should do it.
I'm trying to understand whether Superlogin is well supported and whether I should use it in my app.
I've got the same issue "Registration validation failed" issue as noted here and it would seem like a critical issue that needs an immediate fix but the author isn't fixing this issue which was reported in February 2018 and it's now December 2018....hmmm...not a good sign.
Maybe I should be looking for an alternative solution...Anyone know of one that solves the same problems but is properly maintained?
Given my concerns above I reached out to Colin Skow on twitter to see if he was still actively maintaining SuperLogin. Here is his response:
I am open to turning the repository over to new maintainers if there is interest. I open source many of the tools I create, but don't have the time to support them all. Apologies.
I'm hoping some qualified individuals will be willing to pick up SuperLogin and maintain it. It'd be a shame to see it fall into disrepair.
Cheers.
Warning: I wouldn't use this in any live project at all. There's lots of npm vulnerabilities and using superlogin allowed a bitcoin miner to be installed on my server.
Someone has released a fixed version for this on NPM if you search for it. I can't remember the package unfortunately as I finished the project some time ago now.
I use AWS and have cloudwatch on the go. The CPU usage started to hit 100% and crash the server after a couple of weeks of deploying the app.
The virus that was installed was particularly foul, as it was able to change it's name to stop you from killing the tasks. I had to destroy the server, and rebuild with the fixed version with updated npm packages.
I'd really look into alternatives to superlogin.
@PhilLaFayette FYI I tried the cloned version you built to correct this issue but it failed to correct the issue for me. I'm getting the same failed results.
Are the files you noted in your first post the corrected file changes that you made to your clone? It wasn't clear...you just listed them but didn't say what you had fixed or if these were just the errant files? Can you clarify?
You stated:
superlogin-master/lib/util: (Look for Object.keys(providers).forEach(function(provider) {)
Again unclear...you say "Look for"...Are you trying to say this is what's wrong with the file or what?
In your post in response to @JamesHealdUK you stated:
EDIT#2: Also, do you have a local copy of both Redis, and CouchDB going? My fault for not specifying, if that indeed is the case.
I presume you were trying to say you need a local copy of CouchDB and Redis? If so is it really necessary to use Redis?
EDIT#3: Okay, so I just looked into it now. Try adding pertinent DB info to env.sh, and running that script, before doing npm test, It just worked for me with a fresh clone.
What "pertinent DB info" are you referring to? I see that there is COUCH_USER = 'sladmin' and COUCH_PASS="sladminpass". Do we need to change these to match accounts info for our local couchDB?
EDIT#4: Remember to delete any existing 'uncleaned' test users and database(s) from your couch/fauxton DB
Not sure what you mean by 'uncleaned' test users?
Thanks
@jetamartin This is the npm package I used https://www.npmjs.com/package/@sensu/superlogin
This one seems to be clean and stable and I haven't had any problems with it.
Hey @jetamartin,
hope you haven't lost all hope yet. I just found myself in the same situation that you were describing, where @sensu/superlogin
throws the same validation error upon signup as the the current npm version of superlogin.
For me, installing @PhilLaFayette's version with
npm i https://github.com/PhilLaFayette/superlogin/tarball/master
fixed it. Hope it does for you as well, or some other person that stumbles upon this.
@jetamartin have you found any solution. Here same issue tried all suggesion from comments.