Code review for Ookma

code.cfm

function index( event, rc, prc ){
    prc.pageTitle = "Reset Password";
    
    if( isEmpty( rc?.user ) || isEmpty( rc?.token ) ) {
        return event.setView( "resetpassword/malformedurl" );
    }
    
    var rows = getInstance( "User" ).firstWhere( "id", rc.user );
    if( isNull( rows ) ) {
        return event.setView( "resetpassword/malformedurl" );
    }
    
    if( compare(rows.getToken(), rc.token) != 0 ) {
        return event.setView( "resetpassword/expiredtoken" );
    }
    
    if ( rows.getExpiration() > now() ) {
        return event.setView( "resetpassword/index" );
    }
    
    return event.setView( "resetpassword/expiredtoken" );
}

testCases.cfm

describe("Tests for default route", () => {
    describe("bad request cases", () => {
        describe("malformedurl cases" , () => {}
            describe("Tests for user and token", () => {})
                it("it responds with malformedurl if the user is missing", () => {
                })
                
                it("it responds with malformedurl if the user is empty", () => {
                })
                
                it("it responds with malformedurl if the token is missing", () => {
                })
                
                it("it responds with malformedurl if the token is empty", () => {
                })
            })
            
            it("it responds with malformedurl if the user is not found", () => {
            })
        })
        
        describe("Expired token cases", () => {
            it("it responds with expiredtoken if the rows token is not the same as the request token", () => {
            })
            
            it("it responds with expiredtoken if the rows token after now", () => {
            })
        })
    })
    
    it("it responds with restpassword when the token and user are valid", () => {
    })
})