all files / express-stormpath/lib/helpers/ sanitize-form-data.js

75% Statements 6/8
66.67% Branches 4/6
100% Functions 1/1
75% Lines 6/8
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29                          10×       10×     10×       10×    
'use strict';
 
/**
 * Removes all password data from existing user-submitted form data.
 *
 * This is useful because when a user incorrectly logs in, or registers for a
 * website, we should return all form data to the templates so it can have the
 * pre-filled values populated -- EXCEPT for the password information.  This
 * ensures a password is never sent BACK to a browser.
 *
 * @param {Object} formData - The user supplied form data.
 * @returns {Object} The sanitized form data.
 */
module.exports = function (data) {
  Iif (typeof data !== 'object') {
    throw new Error('Missing data argument.');
  }
 
  if ('password' in data) {
    delete data['password'];
  }
 
  Iif ('confirmPassword' in data) {
    delete data['confirmPassword'];
  }
 
  return data;
};