added store unit test for user.GetByAuth and added password length checking in api.login

api/user.go

@@ -370,6 +370,12 @@ func Login(c *Context, w http.ResponseWriter, r *http.Request, user *model.User,
 func login(c *Context, w http.ResponseWriter, r *http.Request) {
 	props := model.MapFromJson(r.Body)
 
+	if len(props["password"]) == 0 {
+		c.Err = model.NewAppError("login", "Password field must not be blank", "")
+		c.Err.StatusCode = http.StatusForbidden
+		return
+	}
+
 	var user *model.User
 	if len(props["id"]) != 0 {
 		user = LoginById(c, w, r, props["id"], props["password"], props["device_id"])

store/sql_user_store_test.go

@@ -236,6 +236,25 @@ func TestUserStoreGetByEmail(t *testing.T) {
 	}
 }
 
+func TestUserStoreGetByAuthData(t *testing.T) {
+	Setup()
+
+	u1 := model.User{}
+	u1.TeamId = model.NewId()
+	u1.Email = model.NewId()
+	u1.AuthData = "123"
+	u1.AuthService = "service"
+	Must(store.User().Save(&u1))
+
+	if err := (<-store.User().GetByAuth(u1.TeamId, u1.AuthData, u1.AuthService)).Err; err != nil {
+		t.Fatal(err)
+	}
+
+	if err := (<-store.User().GetByAuth("", "", "")).Err; err == nil {
+		t.Fatal("Should have failed because of missing auth data")
+	}
+}
+
 func TestUserStoreGetByUsername(t *testing.T) {
 	Setup()