Set the correct status code for User.login

Raymond Feng · Raymond Feng · commit 89aa3595f537 · 2014-02-28T13:19:52.000-08:00
See #118
diff --git a/lib/models/user.js b/lib/models/user.js
@@ -149,11 +149,14 @@ User.login = function (credentials, include, fn) {
   } else if(credentials.username) {
     query.username = credentials.username;
   } else {
-    return fn(new Error('must provide username or email'));
+    var err = new Error('username or email is required');
+    err.statusCode = 400;
+    return fn(err);
   }
   
   this.findOne({where: query}, function(err, user) {
     var defaultError = new Error('login failed');
+    defaultError.statusCode = 401;
     
     if(err) {
       debug('An error is reported from User.findOne: %j', err);
diff --git a/test/user.test.js b/test/user.test.js
@@ -9,6 +9,9 @@ var userMemory = loopback.createDataSource({
 
 describe('User', function(){
   var validCredentials = {email: 'foo@bar.com', password: 'bar'};
+  var invalidCredentials = {email: 'foo1@bar.com', password: 'bar1'};
+  var incompleteCredentials = {password: 'bar1'};
+
   beforeEach(function() {
     User = loopback.User.extend('user');
     User.email = loopback.Email.extend('email');
@@ -135,6 +138,40 @@ describe('User', function(){
         });
     });
 
+    it('Login a user over REST by providing invalid credentials', function(done) {
+      request(app)
+        .post('/users/login')
+        .expect('Content-Type', /json/)
+        .expect(401)
+        .send(invalidCredentials)
+        .end(function(err, res){
+          done();
+        });
+    });
+
+    it('Login a user over REST by providing incomplete credentials', function(done) {
+      request(app)
+        .post('/users/login')
+        .expect('Content-Type', /json/)
+        .expect(400)
+        .send(incompleteCredentials)
+        .end(function(err, res){
+          done();
+        });
+    });
+
+    it('Login a user over REST with the wrong Content-Type', function(done) {
+      request(app)
+        .post('/users/login')
+        .set('Content-Type', null)
+        .expect('Content-Type', /json/)
+        .expect(400)
+        .send(validCredentials)
+        .end(function(err, res){
+          done();
+        });
+    });
+
     it('Returns current user when `include` is `USER`', function(done) {
       request(app)
         .post('/users/login?include=USER')
