}, function (e, r, b) { if (e) { return done(e); } r.statusCode.should.equal(errors.forbidden().status); should.exist(b); should.exist(b.code); should.exist(b.message); b.code.should.equal(errors.forbidden().data.code); done(); });
}, function (err, client) { if (err) { log.error('clients:find-one', err); return next(errors.serverError()); } if (!client) { return next(errors.unauthorized()); } var location = req.body.location; var to = client.to; if (to.indexOf(location) === -1) { return next(errors.forbidden()); } Tokens.findOne({ user: req.user.id, client: client.id }, function (err, token) { if (err) { log.error('tokens:find-one', err); return next(errors.serverError()); } var expires; if (token) { expires = token.accessibility(); if (expires > MIN_ACCESSIBILITY) { res.send({ id: token.id, access_token: token.access, refresh_token: token.refresh, expires_in: expires }); return; } } model.create(req.ctx, function (err, token) { if (err) { log.error('tokens:create', err); return next(errors.serverError()); } res.send({ id: token.id, access_token: token.access, refresh_token: token.refresh, expires_in: token.accessible }); }); }); });
serandi.update(Users)(req, res, function (err) { if (err) { return next(err); } var data = req.body; if (data.email !== req.user.email) { return next(errors.forbidden()); } if (!data.password) { return next(); } serandi.otp({ name: 'accounts-update', user: req.ctx.id })(req, res, next); });