Merge pull request #312 from supertokens/fix/dashboard-update-password

fix: Fix issue with dashboard throwing an error when updating the user's password

Author: rishabhpoddar

CHANGELOG.md

@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [0.12.9] - 2023-07-26
+
+- Fixes an issue where updating the user's password from the user management dashboard would result in a crash when using the thirdpartyemailpassword recipe (https://github.com/supertokens/supertokens-golang/issues/311)
+
 ## [0.12.8] - 2023-07-10
 
 - Adds additional tests for session verification

recipe/dashboard/api/userdetails/userPasswordPut.go

@@ -126,9 +126,9 @@ func UserPasswordPut(apiInterface dashboardmodels.APIInterface, options dashboar
 		}, nil
 	}
 
-	var passwordField epmodels.TypeInputFormField
+	var passwordField epmodels.NormalisedFormField
 
-	for _, value := range thirdpartyemailpassword.GetRecipeInstance().Config.SignUpFeature.FormFields {
+	for _, value := range thirdpartyemailpassword.GetRecipeInstance().GetEmailPasswordRecipe().Config.SignUpFeature.FormFields {
 		if value.ID == "password" {
 			passwordField = value
 		}

recipe/dashboard/api/userdetails/userPut.go

@@ -96,9 +96,9 @@ func updateEmailForRecipeId(recipeId string, userId string, email string) (updat
 	}
 
 	if recipeId == "thirdpartyemailpassword" {
-		var emailField epmodels.TypeInputFormField
+		var emailField epmodels.NormalisedFormField
 
-		for _, value := range thirdpartyemailpassword.GetRecipeInstance().Config.SignUpFeature.FormFields {
+		for _, value := range thirdpartyemailpassword.GetRecipeInstance().GetEmailPasswordRecipe().Config.SignUpFeature.FormFields {
 			if value.ID == "email" {
 				emailField = value
 			}

recipe/dashboard/userPasswordPut_test.go

@@ -0,0 +1,88 @@
+package dashboard
+
+import (
+	"github.com/stretchr/testify/assert"
+	"github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+	"github.com/supertokens/supertokens-golang/recipe/thirdpartyemailpassword"
+	"github.com/supertokens/supertokens-golang/supertokens"
+	"github.com/supertokens/supertokens-golang/test/unittesting"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+)
+
+/**
+- Initialise with thirdpartyemailpassword and provide no custom form fields
+- Create an emailpassword user using the thirdpartyemailpassword recipe
+- Try to change the password of the user
+- Should result in no errors
+- Sign in with new password
+- Should result in no errors and same user should be returned
+*/
+func TestThatUpdatingPasswordWithNoSignUpFeatureInTPEPWorks(t *testing.T) {
+	config := supertokens.TypeInput{
+		OnSuperTokensAPIError: func(err error, req *http.Request, res http.ResponseWriter) {
+			print(err)
+		},
+		Supertokens: &supertokens.ConnectionInfo{
+			ConnectionURI: "http://localhost:8080",
+		},
+		AppInfo: supertokens.AppInfo{
+			APIDomain:     "api.supertokens.io",
+			AppName:       "SuperTokens",
+			WebsiteDomain: "supertokens.io",
+		},
+		RecipeList: []supertokens.Recipe{
+			thirdpartyemailpassword.Init(nil),
+			Init(&dashboardmodels.TypeInput{
+				ApiKey: "testapikey",
+			}),
+		},
+	}
+
+	BeforeEach()
+	unittesting.StartUpST("localhost", "8080")
+	defer AfterEach()
+	err := supertokens.Init(config)
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	mux := http.NewServeMux()
+	testServer := httptest.NewServer(supertokens.Middleware(mux))
+	defer testServer.Close()
+
+	signupResponse, err := thirdpartyemailpassword.EmailPasswordSignUp("testing@supertokens.com", "abcd1234")
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	assert.NotNil(t, signupResponse.OK)
+
+	userId := signupResponse.OK.User.ID
+
+	req, err := http.NewRequest(http.MethodPut, testServer.URL+"/auth/dashboard/api/user/password", strings.NewReader(`{"userId": "`+userId+`", "newPassword": "newabcd1234"}`))
+
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	req.Header.Set("Authorization", "Bearer testapikey")
+	res, err := http.DefaultClient.Do(req)
+
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	assert.Equal(t, http.StatusOK, res.StatusCode)
+
+	signInResponse, err := thirdpartyemailpassword.EmailPasswordSignIn("testing@supertokens.com", "newabcd1234")
+
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	assert.NotNil(t, signInResponse.OK)
+	assert.Equal(t, signInResponse.OK.User.ID, userId)
+}

recipe/dashboard/userPut_test.go

@@ -0,0 +1,88 @@
+package dashboard
+
+import (
+	"github.com/stretchr/testify/assert"
+	"github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+	"github.com/supertokens/supertokens-golang/recipe/thirdpartyemailpassword"
+	"github.com/supertokens/supertokens-golang/supertokens"
+	"github.com/supertokens/supertokens-golang/test/unittesting"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+)
+
+/**
+- Initialise with thirdpartyemailpassword and provide no custom form fields
+- Create an emailpassword user using the thirdpartyemailpassword recipe
+- Try to change the password of the user
+- Should result in no errors
+- Sign in with new password
+- Should result in no errors and same user should be returned
+*/
+func TestThatUpdatingEmailWithNoSignUpFeatureInTPEPWorks(t *testing.T) {
+	config := supertokens.TypeInput{
+		OnSuperTokensAPIError: func(err error, req *http.Request, res http.ResponseWriter) {
+			print(err)
+		},
+		Supertokens: &supertokens.ConnectionInfo{
+			ConnectionURI: "http://localhost:8080",
+		},
+		AppInfo: supertokens.AppInfo{
+			APIDomain:     "api.supertokens.io",
+			AppName:       "SuperTokens",
+			WebsiteDomain: "supertokens.io",
+		},
+		RecipeList: []supertokens.Recipe{
+			thirdpartyemailpassword.Init(nil),
+			Init(&dashboardmodels.TypeInput{
+				ApiKey: "testapikey",
+			}),
+		},
+	}
+
+	BeforeEach()
+	unittesting.StartUpST("localhost", "8080")
+	defer AfterEach()
+	err := supertokens.Init(config)
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	mux := http.NewServeMux()
+	testServer := httptest.NewServer(supertokens.Middleware(mux))
+	defer testServer.Close()
+
+	signupResponse, err := thirdpartyemailpassword.EmailPasswordSignUp("testing@supertokens.com", "abcd1234")
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	assert.NotNil(t, signupResponse.OK)
+
+	userId := signupResponse.OK.User.ID
+
+	req, err := http.NewRequest(http.MethodPut, testServer.URL+"/auth/dashboard/api/user", strings.NewReader(`{"userId": "`+userId+`", "firstName": "", "lastName": "", "phone": "", "email": "testing2@supertokens.com", "recipeId": "emailpassword"}`))
+
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	req.Header.Set("Authorization", "Bearer testapikey")
+	res, err := http.DefaultClient.Do(req)
+
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	assert.Equal(t, http.StatusOK, res.StatusCode)
+
+	signInResponse, err := thirdpartyemailpassword.EmailPasswordSignIn("testing2@supertokens.com", "abcd1234")
+
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	assert.NotNil(t, signInResponse.OK)
+	assert.Equal(t, signInResponse.OK.User.ID, userId)
+}

recipe/thirdpartyemailpassword/recipe.go

@@ -34,13 +34,14 @@ import (
 const RECIPE_ID = "thirdpartyemailpassword"
 
 type Recipe struct {
-	RecipeModule        supertokens.RecipeModule
-	Config              tpepmodels.TypeNormalisedInput
-	emailPasswordRecipe *emailpassword.Recipe
-	thirdPartyRecipe    *thirdparty.Recipe
-	RecipeImpl          tpepmodels.RecipeInterface
-	APIImpl             tpepmodels.APIInterface
-	EmailDelivery       emaildelivery.Ingredient
+	RecipeModule           supertokens.RecipeModule
+	Config                 tpepmodels.TypeNormalisedInput
+	emailPasswordRecipe    *emailpassword.Recipe
+	thirdPartyRecipe       *thirdparty.Recipe
+	RecipeImpl             tpepmodels.RecipeInterface
+	APIImpl                tpepmodels.APIInterface
+	EmailDelivery          emaildelivery.Ingredient
+	GetEmailPasswordRecipe func() *emailpassword.Recipe
 }
 
 var singletonInstance *Recipe
@@ -100,6 +101,10 @@ func MakeRecipe(recipeId string, appInfo supertokens.NormalisedAppinfo, config *
 		r.emailPasswordRecipe = emailPasswordInstance
 	}
 
+	r.GetEmailPasswordRecipe = func() *emailpassword.Recipe {
+		return r.emailPasswordRecipe
+	}
+
 	if len(verifiedConfig.Providers) > 0 {
 		if thirdPartyInstance == nil {
 			thirdPartyConfig := &tpmodels.TypeInput{

supertokens/constants.go

@@ -21,7 +21,7 @@ const (
 )
 
 // VERSION current version of the lib
-const VERSION = "0.12.8"
+const VERSION = "0.12.9"
 
 var (
 	cdiSupported = []string{"2.21"}