breaking: remove socket.io/flags.js

refactor: helpers.loginUser returns a single object {jar, csrf_token}

src/routes/write/flags.js

@@ -11,7 +11,6 @@ module.exports = function () {
 	const middlewares = [middleware.ensureLoggedIn];
 
 	setupApiRoute(router, 'post', '/', [...middlewares], controllers.write.flags.create);
-	// setupApiRoute(router, 'delete', ...); // does not exist
 
 	setupApiRoute(router, 'get', '/:flagId', [...middlewares, middleware.assert.flag], controllers.write.flags.get);
 	setupApiRoute(router, 'put', '/:flagId', [...middlewares, middleware.assert.flag], controllers.write.flags.update);

src/socket.io/flags.js

@@ -1,52 +0,0 @@
-'use strict';
-
-const sockets = require('.');
-const api = require('../api');
-
-const SocketFlags = module.exports;
-
-SocketFlags.create = async function (socket, data) {
-	sockets.warnDeprecated(socket, 'POST /api/v3/flags');
-	const response = await api.flags.create(socket, data);
-	if (response) {
-		return response.flagId;
-	}
-};
-
-SocketFlags.update = async function (socket, data) {
-	sockets.warnDeprecated(socket, 'PUT /api/v3/flags/:flagId');
-	if (!data || !(data.flagId && data.data)) { // check only req'd in socket.io
-		throw new Error('[[error:invalid-data]]');
-	}
-
-	// Old socket method took input directly from .serializeArray(), v3 expects fully-formed obj.
-	let payload = {
-		flagId: data.flagId,
-	};
-	payload = data.data.reduce((memo, cur) => {
-		memo[cur.name] = cur.value;
-		return memo;
-	}, payload);
-
-	return await api.flags.update(socket, payload);
-};
-
-SocketFlags.appendNote = async function (socket, data) {
-	sockets.warnDeprecated(socket, 'POST /api/v3/flags/:flagId/notes');
-	if (!data || !(data.flagId && data.note)) {
-		throw new Error('[[error:invalid-data]]');
-	}
-
-	return await api.flags.appendNote(socket, data);
-};
-
-SocketFlags.deleteNote = async function (socket, data) {
-	sockets.warnDeprecated(socket, 'DELETE /api/v3/flags/:flagId/notes/:datetime');
-	if (!data || !(data.flagId && data.datetime)) {
-		throw new Error('[[error:invalid-data]]');
-	}
-
-	return await api.flags.deleteNote(socket, data);
-};
-
-require('../promisify')(SocketFlags);

src/socket.io/index.js

@@ -171,9 +171,10 @@ async function onMessage(socket, payload) {
 }
 
 function requireModules() {
-	const modules = ['admin', 'categories', 'groups', 'meta', 'modules',
+	const modules = [
-		'notifications', 'plugins', 'posts', 'topics', 'user', 'blacklist',
+		'admin', 'categories', 'groups', 'meta', 'modules',
-		'flags', 'uploads',
+		'notifications', 'plugins', 'posts', 'topics', 'user',
+		'blacklist', 'uploads',
 	];
 
 	modules.forEach((module) => {

test/api.js

@@ -208,7 +208,7 @@ describe('API', async () => {
 		});
 
 		// All tests run as admin user
-		jar = await helpers.loginUser('admin', '123456');
+		({ jar } = await helpers.loginUser('admin', '123456'));
 
 		// Retrieve CSRF token using cookie, to test Write API
 		const config = await request({
@@ -457,7 +457,7 @@ describe('API', async () => {
 				it('should successfully re-login if needed', async () => {
 					const reloginPaths = ['PUT /users/{uid}/password', 'DELETE /users/{uid}/sessions/{uuid}'];
 					if (reloginPaths.includes(`${method.toUpperCase()} ${path}`)) {
-						jar = await helpers.loginUser('admin', '123456');
+						({ jar } = await helpers.loginUser('admin', '123456'));
 						const sessionUUIDs = await db.getObject('uid:1:sessionUUID:sessionId');
 						mocks.delete['/users/{uid}/sessions/{uuid}'][1].example = Object.keys(sessionUUIDs).pop();
 

test/authentication.js

@@ -187,14 +187,12 @@ describe('authentication', () => {
 	});
 
 	it('should regenerate the session identifier on successful login', async () => {
-		const login = util.promisify(helpers.loginUser);
-		const logout = util.promisify(helpers.logoutUser);
 		const matchRegexp = /express\.sid=s%3A(.+?);/;
 		const { hostname, path } = url.parse(nconf.get('url'));
 
 		const sid = String(jar._jar.store.idx[hostname][path]['express.sid']).match(matchRegexp)[1];
-		await logout(jar);
+		await helpers.logoutUser(jar);
-		const newJar = await login('regular', 'regularpwd');
+		const newJar = (await helpers.loginUser('regular', 'regularpwd')).jar;
 		const newSid = String(newJar._jar.store.idx[hostname][path]['express.sid']).match(matchRegexp)[1];
 
 		assert.notStrictEqual(newSid, sid);

test/controllers-admin.js

@@ -36,7 +36,7 @@ describe('Admin Controllers', () => {
 				user.create({ username: 'admin', password: 'barbar' }, next);
 			},
 			regularUid: function (next) {
-				user.create({ username: 'regular' }, next);
+				user.create({ username: 'regular', password: 'regularpwd' }, next);
 			},
 			regular2Uid: function (next) {
 				user.create({ username: 'regular2' }, next);
@@ -66,9 +66,9 @@ describe('Admin Controllers', () => {
 	});
 
 	it('should 403 if user is not admin', (done) => {
-		helpers.loginUser('admin', 'barbar', (err, _jar) => {
+		helpers.loginUser('admin', 'barbar', (err, data) => {
 			assert.ifError(err);
-			jar = _jar;
+			jar = data.jar;
 			request(`${nconf.get('url')}/admin`, { jar: jar }, (err, res, body) => {
 				assert.ifError(err);
 				assert.equal(res.statusCode, 403);
@@ -602,14 +602,11 @@ describe('Admin Controllers', () => {
 
 	describe('mods page', () => {
 		let moderatorJar;
-
+		let regularJar;
-		before((done) => {
+		before(async () => {
-			helpers.loginUser('moderator', 'modmod', (err, _jar) => {
+			moderatorJar = (await helpers.loginUser('moderator', 'modmod')).jar;
-				assert.ifError(err);
+			regularJar = (await helpers.loginUser('regular', 'regularpwd')).jar;
-				moderatorJar = _jar;
+			await groups.join(`cid:${cid}:privileges:moderate`, moderatorUid);
-
-				groups.join(`cid:${cid}:privileges:moderate`, moderatorUid, done);
-			});
 		});
 
 		it('should error with no privileges', (done) => {
@@ -652,42 +649,69 @@ describe('Admin Controllers', () => {
 		});
 
 		it('should error when you attempt to flag a privileged user\'s post', async () => {
-			const socketFlags = require('../src/socket.io/flags');
+			const { res, body } = await helpers.request('post', '/api/v3/flags', {
-			const oldValue = meta.config['min:rep:flag'];
+				json: true,
-			try {
+				jar: regularJar,
-				await socketFlags.create({ uid: regularUid }, { id: pid, type: 'post', reason: 'spam' });
+				form: {
-			} catch (err) {
+					id: pid,
-				assert.strictEqual(err.message, '[[error:cant-flag-privileged]]');
+					type: 'post',
-			}
+					reason: 'spam',
+				},
+			});
+			assert.strictEqual(res.statusCode, 400);
+			assert.strictEqual(body.status.code, 'bad-request');
+			assert.strictEqual(body.status.message, 'You are not allowed to flag the profiles or content of privileged users (moderators/global moderators/admins)');
 		});
 
-		it('should error with not enough reputation to flag', (done) => {
+		it('should error with not enough reputation to flag', async () => {
-			const socketFlags = require('../src/socket.io/flags');
 			const oldValue = meta.config['min:rep:flag'];
 			meta.config['min:rep:flag'] = 1000;
-			socketFlags.create({ uid: regularUid }, { id: regularPid, type: 'post', reason: 'spam' }, (err) => {
+			const { res, body } = await helpers.request('post', '/api/v3/flags', {
-				assert.strictEqual(err.message, '[[error:not-enough-reputation-to-flag]]');
+				json: true,
-				meta.config['min:rep:flag'] = oldValue;
+				jar: regularJar,
-				done();
+				form: {
+					id: regularPid,
+					type: 'post',
+					reason: 'spam',
+				},
 			});
+			assert.strictEqual(res.statusCode, 400);
+			assert.strictEqual(body.status.code, 'bad-request');
+			assert.strictEqual(body.status.message, 'You do not have enough reputation to flag this post');
+
+			meta.config['min:rep:flag'] = oldValue;
 		});
 
-		it('should return flag details', (done) => {
+		it('should return flag details', async () => {
-			const socketFlags = require('../src/socket.io/flags');
 			const oldValue = meta.config['min:rep:flag'];
 			meta.config['min:rep:flag'] = 0;
-			socketFlags.create({ uid: regularUid }, { id: regularPid, type: 'post', reason: 'spam' }, (err, flagId) => {
+			const result = await helpers.request('post', '/api/v3/flags', {
+				json: true,
+				jar: regularJar,
+				form: {
+					id: regularPid,
+					type: 'post',
+					reason: 'spam',
+				},
+			});
 			meta.config['min:rep:flag'] = oldValue;
-				assert.ifError(err);
+
-				request(`${nconf.get('url')}/api/flags/${flagId}`, { jar: moderatorJar, json: true }, (err, res, body) => {
+			const flagsResult = await helpers.request('get', `/api/flags`, {
-					assert.ifError(err);
+				json: true,
-					assert(body);
+				jar: moderatorJar,
+			});
+
+			assert(flagsResult.body);
+			assert(Array.isArray(flagsResult.body.flags));
+			const { flagId } = flagsResult.body.flags[0];
+
+			const { body } = await helpers.request('get', `/api/flags/${flagId}`, {
+				json: true,
+				jar: moderatorJar,
+			});
 			assert(body.reports);
 			assert(Array.isArray(body.reports));
 			assert.strictEqual(body.reports[0].reporter.username, 'regular');
-					done();
-				});
-			});
 		});
 	});
 
@@ -724,16 +748,9 @@ describe('Admin Controllers', () => {
 		let userJar;
 		let uid;
 		const privileges = require('../src/privileges');
-		before((done) => {
+		before(async () => {
-			user.create({ username: 'regularjoe', password: 'barbar' }, (err, _uid) => {
+			uid = await user.create({ username: 'regularjoe', password: 'barbar' });
-				assert.ifError(err);
+			userJar = (await helpers.loginUser('regularjoe', 'barbar')).jar;
-				uid = _uid;
-				helpers.loginUser('regularjoe', 'barbar', (err, _jar) => {
-					assert.ifError(err);
-					userJar = _jar;
-					done();
-				});
-			});
 		});
 
 		it('should allow normal user access to admin pages', async function () {

test/controllers.js

@@ -853,17 +853,11 @@ describe('Controllers', () => {
 		let jar;
 		let csrf_token;
 
-		before((done) => {
+		before(async () => {
-			user.create({ username: 'revokeme', password: 'barbar' }, (err, _uid) => {
+			uid = await user.create({ username: 'revokeme', password: 'barbar' });
-				assert.ifError(err);
+			const login = await helpers.loginUser('revokeme', 'barbar');
-				uid = _uid;
+			jar = login.jar;
-				helpers.loginUser('revokeme', 'barbar', (err, _jar, _csrf_token) => {
+			csrf_token = login.csrf_token;
-					assert.ifError(err);
-					jar = _jar;
-					csrf_token = _csrf_token;
-					done();
-				});
-			});
 		});
 
 		it('should fail to revoke session with missing uuid', (done) => {
@@ -1081,12 +1075,8 @@ describe('Controllers', () => {
 
 	describe('account pages', () => {
 		let jar;
-		before((done) => {
+		before(async () => {
-			helpers.loginUser('foo', 'barbar', (err, _jar) => {
+			({ jar } = await helpers.loginUser('foo', 'barbar'));
-				assert.ifError(err);
-				jar = _jar;
-				done();
-			});
 		});
 
 		it('should redirect to account page with logged in user', (done) => {
@@ -1449,8 +1439,9 @@ describe('Controllers', () => {
 		it('should return false if user can not edit user', (done) => {
 			user.create({ username: 'regularJoe', password: 'barbar' }, (err) => {
 				assert.ifError(err);
-				helpers.loginUser('regularJoe', 'barbar', (err, jar) => {
+				helpers.loginUser('regularJoe', 'barbar', (err, data) => {
 					assert.ifError(err);
+					const { jar } = data;
 					request(`${nconf.get('url')}/api/user/foo/info`, { jar: jar, json: true }, (err, res) => {
 						assert.ifError(err);
 						assert.equal(res.statusCode, 403);
@@ -1518,8 +1509,9 @@ describe('Controllers', () => {
 		});
 
 		it('should increase profile view', (done) => {
-			helpers.loginUser('regularJoe', 'barbar', (err, jar) => {
+			helpers.loginUser('regularJoe', 'barbar', (err, data) => {
 				assert.ifError(err);
+				const { jar } = data;
 				request(`${nconf.get('url')}/api/user/foo`, { jar: jar }, (err, res) => {
 					assert.ifError(err);
 					assert.equal(res.statusCode, 200);
@@ -1706,12 +1698,8 @@ describe('Controllers', () => {
 
 	describe('post redirect', () => {
 		let jar;
-		before((done) => {
+		before(async () => {
-			helpers.loginUser('foo', 'barbar', (err, _jar) => {
+			({ jar } = await helpers.loginUser('foo', 'barbar'));
-				assert.ifError(err);
-				jar = _jar;
-				done();
-			});
 		});
 
 		it('should 404 for invalid pid', (done) => {
@@ -1966,12 +1954,8 @@ describe('Controllers', () => {
 
 	describe('category', () => {
 		let jar;
-		before((done) => {
+		before(async () => {
-			helpers.loginUser('foo', 'barbar', (err, _jar) => {
+			({ jar } = await helpers.loginUser('foo', 'barbar'));
-				assert.ifError(err);
-				jar = _jar;
-				done();
-			});
 		});
 
 		it('should return 404 if cid is not a number', (done) => {
@@ -2238,12 +2222,8 @@ describe('Controllers', () => {
 
 	describe('unread', () => {
 		let jar;
-		before((done) => {
+		before(async () => {
-			helpers.loginUser('foo', 'barbar', (err, _jar) => {
+			({ jar } = await helpers.loginUser('foo', 'barbar'));
-				assert.ifError(err);
-				jar = _jar;
-				done();
-			});
 		});
 
 		it('should load unread page', (done) => {
@@ -2305,21 +2285,10 @@ describe('Controllers', () => {
 		let csrf_token;
 		let jar;
 
-		before((done) => {
+		before(async () => {
-			helpers.loginUser('foo', 'barbar', (err, _jar) => {
+			const login = await helpers.loginUser('foo', 'barbar');
-				assert.ifError(err);
+			jar = login.jar;
-				jar = _jar;
+			csrf_token = login.csrf_token;
-
-				request({
-					url: `${nconf.get('url')}/api/config`,
-					json: true,
-					jar: jar,
-				}, (err, response, body) => {
-					assert.ifError(err);
-					csrf_token = body.csrf_token;
-					done();
-				});
-			});
 		});
 
 		it('should load the composer route', (done) => {

test/feeds.js

@@ -127,12 +127,8 @@ describe('feeds', () => {
 	describe('private feeds and tokens', () => {
 		let jar;
 		let rssToken;
-		before((done) => {
+		before(async () => {
-			helpers.loginUser('foo', 'barbar', (err, _jar) => {
+			({ jar } = await helpers.loginUser('foo', 'barbar'));
-				assert.ifError(err);
-				jar = _jar;
-				done();
-			});
 		});
 
 		it('should load feed if its not private', (done) => {

test/flags.js

@@ -451,20 +451,20 @@ describe('Flags', () => {
 		});
 
 		it('should rescind notification if flag is resolved', async () => {
-			const SocketFlags = require('../src/socket.io/flags');
+			const flagsAPI = require('../src/api/flags');
 			const result = await Topics.post({
 				cid: category.cid,
 				uid: uid3,
 				title: 'Topic to flag',
 				content: 'This is flaggable content',
 			});
-			const flagId = await SocketFlags.create({ uid: uid1 }, { type: 'post', id: result.postData.pid, reason: 'spam' });
+			const flagObj = await flagsAPI.create({ uid: uid1 }, { type: 'post', id: result.postData.pid, reason: 'spam' });
 			await sleep(2000);
 
 			let userNotifs = await User.notifications.getAll(adminUid);
 			assert(userNotifs.includes(`flag:post:${result.postData.pid}`));
 
-			await Flags.update(flagId, adminUid, {
+			await Flags.update(flagObj.flagId, adminUid, {
 				state: 'resolved',
 			});
 
@@ -554,34 +554,22 @@ describe('Flags', () => {
 			});
 		});
 
-		it('should not error if user blocked target', (done) => {
+		it('should not error if user blocked target', async () => {
-			const SocketFlags = require('../src/socket.io/flags');
+			const apiFlags = require('../src/api/flags');
-			let reporterUid;
+			const reporterUid = await User.create({ username: 'reporter' });
-			let reporteeUid;
+			const reporteeUid = await User.create({ username: 'reportee' });
-			async.waterfall([
+			await User.blocks.add(reporteeUid, reporterUid);
-				function (next) {
+			const data = await Topics.post({
-					User.create({ username: 'reporter' }, next);
-				},
-				function (uid, next) {
-					reporterUid = uid;
-					User.create({ username: 'reportee' }, next);
-				},
-				function (uid, next) {
-					reporteeUid = uid;
-					User.blocks.add(reporteeUid, reporterUid, next);
-				},
-				function (next) {
-					Topics.post({
 				cid: 1,
 				uid: reporteeUid,
 				title: 'Another topic',
 				content: 'This is flaggable content',
-					}, next);
+			});
-				},
+			await apiFlags.create({ uid: reporterUid }, {
-				function (data, next) {
+				type: 'post',
-					SocketFlags.create({ uid: reporterUid }, { type: 'post', id: data.postData.pid, reason: 'spam' }, next);
+				id: data.postData.pid,
-				},
+				reason: 'spam',
-			], done);
+			});
 		});
 
 		it('should send back error if reporter does not exist', (done) => {
@@ -704,20 +692,14 @@ describe('Flags', () => {
 	});
 
 	describe('(v3 API)', () => {
-		const SocketFlags = require('../src/socket.io/flags');
 		let pid;
 		let tid;
 		let jar;
 		let csrfToken;
 		before(async () => {
-			const login = util.promisify(helpers.loginUser);
+			const login = await helpers.loginUser('testUser2', 'abcdef');
-			jar = await login('testUser2', 'abcdef');
+			jar = login.jar;
-			const config = await request({
+			csrfToken = login.csrf_token;
-				url: `${nconf.get('url')}/api/config`,
-				json: true,
-				jar: jar,
-			});
-			csrfToken = config.csrf_token;
 
 			const result = await Topics.post({
 				cid: 1,
@@ -787,7 +769,8 @@ describe('Flags', () => {
 					title: 'private topic',
 					content: 'private post',
 				});
-				const jar3 = await util.promisify(helpers.loginUser)('unprivileged', 'abcdef');
+				const login = await helpers.loginUser('unprivileged', 'abcdef');
+				const jar3 = login.jar;
 				const config = await request({
 					url: `${nconf.get('url')}/api/config`,
 					json: true,

test/helpers/index.js

@@ -20,6 +20,18 @@ helpers.getCsrfToken = async (jar) => {
 	return token;
 };
 
+helpers.request = async function (method, uri, options) {
+	const csrf_token = await helpers.getCsrfToken(options.jar);
+	return new Promise((resolve, reject) => {
+		options.headers = options.headers || {};
+		options.headers['x-csrf-token'] = csrf_token;
+		request[method](`${nconf.get('url')}${uri}`, options, (err, res, body) => {
+			if (err) reject(err);
+			else resolve({ res, body });
+		});
+	});
+};
+
 helpers.loginUser = function (username, password, callback) {
 	const jar = request.jar();
 
@@ -46,7 +58,7 @@ helpers.loginUser = function (username, password, callback) {
 			if (err || res.statusCode !== 200) {
 				return callback(err || new Error('[[error:invalid-response]]'));
 			}
-			callback(null, jar, body.csrf_token);
+			callback(null, { jar, csrf_token: body.csrf_token });
 		});
 	});
 };

test/messaging.js

@@ -793,12 +793,8 @@ describe('Messaging Library', () => {
 
 	describe('logged in chat controller', () => {
 		let jar;
-		before((done) => {
+		before(async () => {
-			helpers.loginUser('herp', 'derpderp', (err, _jar) => {
+			({ jar } = await helpers.loginUser('herp', 'derpderp'));
-				assert.ifError(err);
-				jar = _jar;
-				done();
-			});
 		});
 
 		it('should return chats page data', (done) => {
@@ -833,9 +829,9 @@ describe('Messaging Library', () => {
 		});
 
 		it('should return 404 if user is not in room', (done) => {
-			helpers.loginUser('baz', 'quuxquux', (err, jar) => {
+			helpers.loginUser('baz', 'quuxquux', (err, data) => {
 				assert.ifError(err);
-				request(`${nconf.get('url')}/api/user/baz/chats/${roomId}`, { json: true, jar: jar }, (err, response) => {
+				request(`${nconf.get('url')}/api/user/baz/chats/${roomId}`, { json: true, jar: data.jar }, (err, response) => {
 					assert.ifError(err);
 					assert.equal(response.statusCode, 404);
 					done();

test/posts.js

@@ -390,11 +390,9 @@ describe('Post\'s', () => {
 					privileges.categories.rescind(['groups:posts:view_deleted'], cid, 'Global Moderators', next);
 				},
 				function (next) {
-					helpers.loginUser('global mod', '123456', (err, _jar) => {
+					helpers.loginUser('global mod', '123456', (err, data) => {
 						assert.ifError(err);
-						const jar = _jar;
+						request(`${nconf.get('url')}/api/topic/${tid}`, { jar: data.jar, json: true }, (err, res, body) => {
-
-						request(`${nconf.get('url')}/api/topic/${tid}`, { jar: jar, json: true }, (err, res, body) => {
 							assert.ifError(err);
 							assert.equal(body.posts[1].content, '[[topic:post_is_deleted]]');
 							privileges.categories.give(['groups:posts:view_deleted'], cid, 'Global Moderators', next);
@@ -1050,8 +1048,8 @@ describe('Post\'s', () => {
 		});
 
 		it('should load queued posts', (done) => {
-			helpers.loginUser('globalmod', 'globalmodpwd', (err, _jar) => {
+			helpers.loginUser('globalmod', 'globalmodpwd', (err, data) => {
-				jar = _jar;
+				jar = data.jar;
 				assert.ifError(err);
 				request(`${nconf.get('url')}/api/post-queue`, { jar: jar, json: true }, (err, res, body) => {
 					assert.ifError(err);

test/topics.js

@@ -38,8 +38,9 @@ describe('Topic\'s', () => {
 		adminUid = await User.create({ username: 'admin', password: '123456' });
 		fooUid = await User.create({ username: 'foo' });
 		await groups.join('administrators', adminUid);
-		adminJar = await helpers.loginUser('admin', '123456');
+		const adminLogin = await helpers.loginUser('admin', '123456');
-		csrf_token = (await requestType('get', `${nconf.get('url')}/api/config`, { json: true, jar: adminJar })).body.csrf_token;
+		adminJar = adminLogin.jar;
+		csrf_token = adminLogin.csrf_token;
 
 		categoryObj = await categories.create({
 			name: 'Test Category',

test/topics/thumbs.js

@@ -47,24 +47,12 @@ describe('Topic thumbs', () => {
 		adminUid = await user.create({ username: 'admin', password: '123456' });
 		fooUid = await user.create({ username: 'foo', password: '123456' });
 		await groups.join('administrators', adminUid);
-		({ adminJar, adminCSRF } = await new Promise((resolve, reject) => {
+		const adminLogin = await helpers.loginUser('admin', '123456');
-			helpers.loginUser('admin', '123456', (err, adminJar, adminCSRF) => {
+		adminJar = adminLogin.jar;
-				if (err) {
+		adminCSRF = adminLogin.csrf_token;
-					return reject(err);
+		const fooLogin = await helpers.loginUser('foo', '123456');
-				}
+		fooJar = fooLogin.jar;
-
+		fooCSRF = fooLogin.csrf_token;
-				resolve({ adminJar, adminCSRF });
-			});
-		}));
-		({ fooJar, fooCSRF } = await new Promise((resolve, reject) => {
-			helpers.loginUser('foo', '123456', (err, fooJar, fooCSRF) => {
-				if (err) {
-					return reject(err);
-				}
-
-				resolve({ fooJar, fooCSRF });
-			});
-		}));
 
 		categoryObj = await categories.create({
 			name: 'Test Category',

test/uploads.js

@@ -68,13 +68,9 @@ describe('Upload Controllers', () => {
 		let jar;
 		let csrf_token;
 
-		before((done) => {
+		before(async () => {
-			helpers.loginUser('malicioususer', 'herpderp', (err, _jar, _csrf_token) => {
+			({ jar, csrf_token } = await helpers.loginUser('malicioususer', 'herpderp'));
-				assert.ifError(err);
+			await privileges.global.give(['groups:upload:post:file'], 'registered-users');
-				jar = _jar;
-				csrf_token = _csrf_token;
-				privileges.global.give(['groups:upload:post:file'], 'registered-users', done);
-			});
 		});
 
 		it('should fail if the user exceeds the upload rate limit threshold', (done) => {
@@ -110,14 +106,10 @@ describe('Upload Controllers', () => {
 		let jar;
 		let csrf_token;
 
-		before((done) => {
+		before(async () => {
 			meta.config.uploadRateLimitThreshold = 1000;
-			helpers.loginUser('regular', 'zugzug', (err, _jar, _csrf_token) => {
+			({ jar, csrf_token } = await helpers.loginUser('regular', 'zugzug'));
-				assert.ifError(err);
+			await privileges.global.give(['groups:upload:post:file'], 'registered-users');
-				jar = _jar;
-				csrf_token = _csrf_token;
-				privileges.global.give(['groups:upload:post:file'], 'registered-users', done);
-			});
 		});
 
 		it('should upload an image to a post', (done) => {
@@ -286,7 +278,6 @@ describe('Upload Controllers', () => {
 		});
 
 		it('should delete users uploads if account is deleted', (done) => {
-			let jar;
 			let uid;
 			let url;
 			const file = require('../src/file');
@@ -299,8 +290,8 @@ describe('Upload Controllers', () => {
 					uid = _uid;
 					helpers.loginUser('uploader', 'barbar', next);
 				},
-				function (jar, csrf_token, next) {
+				function (data, next) {
-					helpers.uploadFile(`${nconf.get('url')}/api/post/upload`, path.join(__dirname, '../test/files/test.png'), {}, jar, csrf_token, next);
+					helpers.uploadFile(`${nconf.get('url')}/api/post/upload`, path.join(__dirname, '../test/files/test.png'), {}, data.jar, data.csrf_token, next);
 				},
 				function (res, body, next) {
 					assert(body && body.status && body.response && body.response.images);
@@ -328,25 +319,11 @@ describe('Upload Controllers', () => {
 		let regularJar;
 		let regular_csrf_token;
 
-		before((done) => {
+		before(async () => {
-			async.parallel([
+			({ jar, csrf_token} = await helpers.loginUser('admin', 'barbar'));
-				function (next) {
+			const regularLogin = await helpers.loginUser('regular', 'zugzug');
-					helpers.loginUser('admin', 'barbar', (err, _jar, _csrf_token) => {
+			regularJar = regularLogin.jar;
-						assert.ifError(err);
+			regular_csrf_token = regularLogin.csrf_token;
-						jar = _jar;
-						csrf_token = _csrf_token;
-						next();
-					});
-				},
-				function (next) {
-					helpers.loginUser('regular', 'zugzug', (err, _jar, _csrf_token) => {
-						assert.ifError(err);
-						regularJar = _jar;
-						regular_csrf_token = _csrf_token;
-						next();
-					});
-				},
-			], done);
 		});
 
 		it('should upload site logo', (done) => {

test/user.js

@@ -820,8 +820,7 @@ describe('User', () => {
 
 			await User.email.confirmByUid(uid);
 
-			const _jar = await helpers.loginUser('updateprofile', '123456');
+			({ jar } = await helpers.loginUser('updateprofile', '123456'));
-			jar = _jar;
 		});
 
 		it('should return error if data is invalid', (done) => {
@@ -1948,9 +1947,9 @@ describe('User', () => {
 				gdpr_consent: true,
 			}, (err) => {
 				assert.ifError(err);
-				helpers.loginUser('admin', '123456', (err, jar) => {
+				helpers.loginUser('admin', '123456', (err, data) => {
 					assert.ifError(err);
-					request(`${nconf.get('url')}/api/admin/manage/registration`, { jar: jar, json: true }, (err, res, body) => {
+					request(`${nconf.get('url')}/api/admin/manage/registration`, { jar: data.jar, json: true }, (err, res, body) => {
 						assert.ifError(err);
 						assert.equal(body.users[0].username, 'rejectme');
 						assert.equal(body.users[0].email, '<script>alert("ok")<script>reject@me.com');
@@ -2080,9 +2079,9 @@ describe('User', () => {
 			let jar;
 
 			before((done) => {
-				helpers.loginUser('notAnInviter', COMMON_PW, (err, _jar) => {
+				helpers.loginUser('notAnInviter', COMMON_PW, (err, data) => {
 					assert.ifError(err);
-					jar = _jar;
+					jar = data.jar;
 
 					request({
 						url: `${nconf.get('url')}/api/config`,
@@ -2116,9 +2115,9 @@ describe('User', () => {
 			let jar;
 
 			before((done) => {
-				helpers.loginUser('inviter', COMMON_PW, (err, _jar) => {
+				helpers.loginUser('inviter', COMMON_PW, (err, data) => {
 					assert.ifError(err);
-					jar = _jar;
+					jar = data.jar;
 
 					request({
 						url: `${nconf.get('url')}/api/config`,
@@ -2218,9 +2217,9 @@ describe('User', () => {
 			let jar;
 
 			before((done) => {
-				helpers.loginUser('adminInvite', COMMON_PW, (err, _jar) => {
+				helpers.loginUser('adminInvite', COMMON_PW, (err, data) => {
 					assert.ifError(err);
-					jar = _jar;
+					jar = data.jar;
 
 					request({
 						url: `${nconf.get('url')}/api/config`,
@@ -2369,9 +2368,9 @@ describe('User', () => {
 			let jar;
 
 			before((done) => {
-				helpers.loginUser('inviter', COMMON_PW, (err, _jar) => {
+				helpers.loginUser('inviter', COMMON_PW, (err, data) => {
 					assert.ifError(err);
-					jar = _jar;
+					jar = data.jar;
 
 					request({
 						url: `${nconf.get('url')}/api/config`,
@@ -2518,14 +2517,7 @@ describe('User', () => {
 				username: 'regularUser',
 				password: COMMON_PW,
 			});
-			jar = await new Promise((resolve, reject) => {
+			({ jar } = await helpers.loginUser('regularUser', COMMON_PW));
-				helpers.loginUser('regularUser', COMMON_PW, async (err, _jar) => {
-					if (err) {
-						reject(err);
-					}
-					resolve(_jar);
-				});
-			});
 		});
 
 		after((done) => {
@@ -2818,7 +2810,7 @@ describe('User', () => {
 			assert.ifError(err);
 			const oldValue = meta.config.minimumPasswordStrength;
 			meta.config.minimumPasswordStrength = 3;
-			helpers.loginUser('weakpwd', '123456', (err, jar, csrfs_token) => {
+			helpers.loginUser('weakpwd', '123456', (err) => {
 				assert.ifError(err);
 				meta.config.minimumPasswordStrength = oldValue;
 				done();