Merge pull request #847 from fintura/check-password

BridgeAR · BridgeAR · commit eea9d2af7615 · 2015-09-16T05:20:43.000+02:00
Check that the password is from type string
diff --git a/index.js b/index.js
@@ -252,7 +252,7 @@ RedisClient.prototype.on_connect = function () {
 
     this.init_parser();
 
-    if (this.auth_pass) {
+    if (typeof this.auth_pass === 'string') {
         this.do_auth();
     } else {
         this.emit("connect");
@@ -935,6 +935,16 @@ RedisClient.prototype.select = RedisClient.prototype.SELECT = function (db, call
 
 // Stash auth for connect and reconnect. Send immediately if already connected.
 RedisClient.prototype.auth = RedisClient.prototype.AUTH = function (pass, callback) {
+    if (typeof pass !== 'string') {
+        var err = new Error('The password has to be of type "string"');
+        err.command_used = 'AUTH';
+        if (callback) {
+            callback(err);
+        } else {
+            this.emit('error', err);
+        }
+        return;
+    }
     this.auth_pass = pass;
     this.auth_callback = callback;
     debug("Saving auth as " + this.auth_pass);
diff --git a/test/auth.spec.js b/test/auth.spec.js
@@ -48,12 +48,12 @@ describe("client authentication", function () {
                 client.auth(auth + 'bad');
             });
 
-            it("returns an error when auth is bad with a callback", function (done) {
+            it("returns an error when auth is bad (empty string) with a callback", function (done) {
                 if (helper.redisProcess().spawnFailed()) this.skip();
 
                 client = redis.createClient.apply(redis.createClient, args);
 
-                client.auth(auth + 'bad', function (err, res) {
+                client.auth('', function (err, res) {
                     assert.strictEqual(err.command_used, 'AUTH');
                     assert.ok(/ERR invalid password/.test(err.message));
                     done();
@@ -122,6 +122,30 @@ describe("client authentication", function () {
                     }
                 });
             });
+
+            it('should return an error if the password is not of type string and a callback has been provided', function (done) {
+                if (helper.redisProcess().spawnFailed()) this.skip();
+
+                client = redis.createClient.apply(redis.createClient, args);
+                client.auth(undefined, function(err, res) {
+                    assert.strictEqual(err.message, 'The password has to be of type "string"');
+                    assert.strictEqual(err.command_used, 'AUTH');
+                    assert.strictEqual(res, undefined);
+                    done();
+                });
+            });
+
+            it('should emit an error if the password is not of type string and no callback has been provided', function (done) {
+                if (helper.redisProcess().spawnFailed()) this.skip();
+
+                client = redis.createClient.apply(redis.createClient, args);
+                client.on('error', function (err) {
+                    assert.strictEqual(err.message, 'The password has to be of type "string"');
+                    assert.strictEqual(err.command_used, 'AUTH');
+                    done();
+                });
+                client.auth(234567);
+            });
         });
     });
 
