diff --git a/src/routes/test/simpleauth-test.js b/src/routes/test/simpleauth-test.js index 6bf053859..0453c0b58 100644 --- a/src/routes/test/simpleauth-test.js +++ b/src/routes/test/simpleauth-test.js @@ -324,6 +324,38 @@ describe('SimpleAuth API', function () { }); }); + it('succeeds for allowed app with email', function (done) { + var body = { + clientId: CLIENT_2.id, + username: EMAIL, + password: PASSWORD + }; + + superagent.post(SIMPLE_AUTH_ORIGIN + '/api/v1/login') + .send(body) + .end(function (error, result) { + expect(error).to.be(null); + expect(result.statusCode).to.equal(200); + expect(result.body.accessToken).to.be.a('string'); + expect(result.body.user).to.be.an('object'); + expect(result.body.user.id).to.be.a('string'); + expect(result.body.user.username).to.be.a('string'); + expect(result.body.user.email).to.be.a('string'); + expect(result.body.user.displayName).to.be.a('string'); + expect(result.body.user.admin).to.be.a('boolean'); + + superagent.get(SERVER_URL + '/api/v1/profile') + .query({ access_token: result.body.accessToken }) + .end(function (error, result) { + expect(error).to.be(null); + expect(result.body).to.be.an('object'); + expect(result.body.username).to.eql(USERNAME); + + done(); + }); + }); + }); + it('succeeds for app without accessRestriction', function (done) { var body = { clientId: CLIENT_3.id, diff --git a/src/simpleauth.js b/src/simpleauth.js index ca8c5d419..621bf474b 100644 --- a/src/simpleauth.js +++ b/src/simpleauth.js @@ -39,7 +39,8 @@ function loginLogic(clientId, username, password, callback) { // only allow simple auth clients if (clientObject.type !== clientdb.TYPE_SIMPLE_AUTH) return callback(new ClientsError(ClientsError.INVALID_CLIENT)); - user.verify(username, password, function (error, userObject) { + var authFunction = (username.indexOf('@') === -1) ? user.verify : user.verifyWithEmail; + authFunction(username, password, function (error, userObject) { if (error) return callback(error); apps.get(clientObject.appId, function (error, appObject) {