tracman-server/config/routes/settings.js

'use strict';

const slug = require('slug'),
	xss = require('xss'),
	mw = require('../middleware.js'),
	User = require('../models.js').user,
	mail = require('../mail.js'),
	env = require('../env.js'),
	router = require('express').Router();


// Settings form
router.route('/')
	.all(mw.ensureAuth, function(req,res,next){
		next();
	})
	
	// Get settings form
	.get(function(req,res,next){
		User.findById(req.user, function(err,user){
			if (err){ mw.throwErr(err,req); }
			res.render('settings');
		});
	})
	
	// Set new settings
	.post(function(req,res,next){
		User.findByIdAndUpdate(req.user, {$set:{
			name: xss(req.body.name),
			slug: slug(xss(req.body.slug)),
			email: req.body.email,
			settings: {
				units: req.body.units,
				defaultMap: req.body.map,
				defaultZoom: req.body.zoom,
				showSpeed: (req.body.showSpeed)?true:false,
				showAlt: (req.body.showAlt)?true:false,
				showStreetview: (req.body.showStreet)?true:false
			}
		}}, function(err, user){
			if (err) { mw.throwErr(err,req); }
			else { req.flash('success', 'Settings updated.  '); }
			res.redirect('/settings');
		});		
	})

	// Delete user account
	.delete(function(req,res,next){
		User.findByIdAndRemove( req.user,
			function(err) {
				if (err) {
					mw.throwErr(err,req);
				} else { 
					req.flash('success', 'Your account has been deleted.  ');
				}
				res.redirect('/');
			}
		);
	});


// Set password
router.route('/password/')
	.all(mw.ensureAuth,function(req,res,next){
		next();
	})
	
	// Email user a token, proceed at /password/:token
	.get(function(req,res,next){

		// Create token for password change
		req.user.createToken(function(err,token){
			if (err){ next(err); }
			
			// Confirm password change request by email. 
			mail.send({
				to: mail.to(req.user),
				from: mail.from,
				subject: 'Request to change your Tracman password',
				text: mail.text(`A request has been made to change your tracman password.  If you did not initiate this request, please contact support at keith@tracman.org.  \n\nTo change your password, follow this link:\n${env.url}/settings/password/${token}. \n\nThis request will expire in 1 hour. `),
				html: mail.html(`<p>A request has been made to change your tracman password.  If you did not initiate this request, please contact support at <a href="mailto:keith@tracman.org">keith@tracman.org</a>.  </p><p>To change your password, follow this link:<br><a href="${env.url}/settings/password/${token}">${env.url}/settings/password/${token}</a>. </p><p>This request will expire in 1 hour. </p>`)
			}).catch(function(err){
				mw.throwErr(err,req);
			}).then(function(){
				
				// Alert user to check email.  
				req.flash('success',`An email has been sent to <u>${req.user.email}</u>.  Check your inbox to complete your password change. `);
				res.redirect( (req.isAuthenticated)?'/settings':'/login' );
				
			});
			
		});
		
	});
router.route('/password/:token')
	
	// Check token
	.all(function(req,res,next){
		User
			.findOne({'auth.passToken': req.params.token})
			.where('auth.tokenExpires').gt(Date.now())
			//TODO: Add own promise libary
			.exec((err, user) => {
				if (err) { mw.throwErr(err,req); }
				if (!user) {
					req.flash('danger', 'Password reset token is invalid or has expired. ');
					res.redirect( (req.isAuthenticated)?'/settings':'/login' );
				} else {
					res.locals.passwordUser = user;
					next();
				}
			});
	})

	// Show password change form
	.get(function(req,res){
		res.render('password');
	})
	
	.post(function(req,res,next){
		
		// Validate matching passwords
		if (req.body.password!==req.body.repassword) {
			mw.throwErr( new Error('Passwords do not match. '), req );
		} else {
		
			//TODO: Add logic for new users
			
			// Delete token
			res.locals.passwordUser.auth.passToken = undefined;
			res.locals.passwordUser.auth.tokenExpires = undefined;
			
			// Create hash
			res.locals.passwordUser.generateHash(req.body.password, function(err,hash){
				if (err){ mw.throwErr(err); }
				else {
					
					// Save new password to db
					res.locals.passwordUser.auth.password = hash;
					res.locals.passwordUser.save( function(err){
						if (err){ mw.throwErr(err,req); }
						else {
							req.flash('success', 'Password set.  You can use it to log in now. ');
						}
					});
					
				}
			});
			
		}
		
		res.redirect('/login');
		
	});


// Tracman pro
router.route('/pro')
	.all(mw.ensureAuth, function(req,res,next){
		next();
	})
	
	// Get info about pro
	.get(function(req,res,next){
		res.render('pro');
	})
	
	// Join Tracman pro
	.post(function(req,res){
		User.findByIdAndUpdate(req.user.id,
			{$set:{ isPro:true }},
			function(err, user){
				if (err){ mw.throwErr(err,req); }
				else { req.flash('success','You have been signed up for pro. '); }
				res.redirect('/map');
			}
		);
	});
	
module.exports = router;
Added files for new login 2017-04-11 19:38:07 -06:00			`'use strict';`

			`const slug = require('slug'),`
			`xss = require('xss'),`
			`mw = require('../middleware.js'),`
			`User = require('../models.js').user,`
			`mail = require('../mail.js'),`
			`env = require('../env.js'),`
			`router = require('express').Router();`


			`// Settings form`
			`router.route('/')`
			`.all(mw.ensureAuth, function(req,res,next){`
			`next();`
			`})`

			`// Get settings form`
			`.get(function(req,res,next){`
Added ability to change password 2017-04-12 11:41:27 -06:00			`User.findById(req.user, function(err,user){`
			`if (err){ mw.throwErr(err,req); }`
Added files for new login 2017-04-11 19:38:07 -06:00			`res.render('settings');`
			`});`
			`})`

			`// Set new settings`
			`.post(function(req,res,next){`
Added ability to change password 2017-04-12 11:41:27 -06:00			`User.findByIdAndUpdate(req.user, {$set:{`
Added files for new login 2017-04-11 19:38:07 -06:00			`name: xss(req.body.name),`
			`slug: slug(xss(req.body.slug)),`
			`email: req.body.email,`
			`settings: {`
			`units: req.body.units,`
			`defaultMap: req.body.map,`
			`defaultZoom: req.body.zoom,`
			`showSpeed: (req.body.showSpeed)?true:false,`
			`showAlt: (req.body.showAlt)?true:false,`
			`showStreetview: (req.body.showStreet)?true:false`
			`}`
			`}}, function(err, user){`
Added ability to change password 2017-04-12 11:41:27 -06:00			`if (err) { mw.throwErr(err,req); }`
Added files for new login 2017-04-11 19:38:07 -06:00			`else { req.flash('success', 'Settings updated. '); }`
			`res.redirect('/settings');`
			`});`
			`})`

			`// Delete user account`
			`.delete(function(req,res,next){`
Added ability to change password 2017-04-12 11:41:27 -06:00			`User.findByIdAndRemove( req.user,`
Added files for new login 2017-04-11 19:38:07 -06:00			`function(err) {`
Added ability to change password 2017-04-12 11:41:27 -06:00			`if (err) {`
			`mw.throwErr(err,req);`
Added files for new login 2017-04-11 19:38:07 -06:00			`} else {`
			`req.flash('success', 'Your account has been deleted. ');`
			`}`
Added ability to change password 2017-04-12 11:41:27 -06:00			`res.redirect('/');`
Added files for new login 2017-04-11 19:38:07 -06:00			`}`
			`);`
			`});`


			`// Set password`
Added ability to change password 2017-04-12 11:41:27 -06:00			`router.route('/password/')`
Added files for new login 2017-04-11 19:38:07 -06:00			`.all(mw.ensureAuth,function(req,res,next){`
			`next();`
			`})`

Added ability to change password 2017-04-12 11:41:27 -06:00			`// Email user a token, proceed at /password/:token`
Added files for new login 2017-04-11 19:38:07 -06:00			`.get(function(req,res,next){`
Added ability to change password 2017-04-12 11:41:27 -06:00
			`// Create token for password change`
Added files for new login 2017-04-11 19:38:07 -06:00			`req.user.createToken(function(err,token){`
Added ability to change password 2017-04-12 11:41:27 -06:00			`if (err){ next(err); }`

			`// Confirm password change request by email.`
			`mail.send({`
			`to: mail.to(req.user),`
			`from: mail.from,`
			`subject: 'Request to change your Tracman password',`
			text: mail.text(`A request has been made to change your tracman password. If you did not initiate this request, please contact support at keith@tracman.org. \n\nTo change your password, follow this link:\n${env.url}/settings/password/${token}. \n\nThis request will expire in 1 hour. `),
			html: mail.html(`<p>A request has been made to change your tracman password. If you did not initiate this request, please contact support at <a href="mailto:keith@tracman.org">keith@tracman.org</a>. </p><p>To change your password, follow this link:<br><a href="${env.url}/settings/password/${token}">${env.url}/settings/password/${token}</a>. </p><p>This request will expire in 1 hour. </p>`)
			`}).catch(function(err){`
			`mw.throwErr(err,req);`
			`}).then(function(){`

			`// Alert user to check email.`
			req.flash('success',`An email has been sent to <u>${req.user.email}</u>. Check your inbox to complete your password change. `);
			`res.redirect( (req.isAuthenticated)?'/settings':'/login' );`

			`});`

			`});`

			`});`
			`router.route('/password/:token')`

			`// Check token`
			`.all(function(req,res,next){`
			`User`
			`.findOne({'auth.passToken': req.params.token})`
			`.where('auth.tokenExpires').gt(Date.now())`
			`//TODO: Add own promise libary`
			`.exec((err, user) => {`
			`if (err) { mw.throwErr(err,req); }`
			`if (!user) {`
			`req.flash('danger', 'Password reset token is invalid or has expired. ');`
			`res.redirect( (req.isAuthenticated)?'/settings':'/login' );`
			`} else {`
			`res.locals.passwordUser = user;`
			`next();`
			`}`
			`});`
			`})`

			`// Show password change form`
			`.get(function(req,res){`
			`res.render('password');`
			`})`

			`.post(function(req,res,next){`

			`// Validate matching passwords`
			`if (req.body.password!==req.body.repassword) {`
			`mw.throwErr( new Error('Passwords do not match. '), req );`
			`} else {`

			`//TODO: Add logic for new users`

			`// Delete token`
			`res.locals.passwordUser.auth.passToken = undefined;`
			`res.locals.passwordUser.auth.tokenExpires = undefined;`

			`// Create hash`
			`res.locals.passwordUser.generateHash(req.body.password, function(err,hash){`
			`if (err){ mw.throwErr(err); }`
			`else {`

			`// Save new password to db`
			`res.locals.passwordUser.auth.password = hash;`
			`res.locals.passwordUser.save( function(err){`
			`if (err){ mw.throwErr(err,req); }`
			`else {`
			`req.flash('success', 'Password set. You can use it to log in now. ');`
			`}`
			`});`

			`}`
			`});`

			`}`

			`res.redirect('/login');`

Added files for new login 2017-04-11 19:38:07 -06:00			`});`


			`// Tracman pro`
Added ability to change password 2017-04-12 11:41:27 -06:00			`router.route('/pro')`
			`.all(mw.ensureAuth, function(req,res,next){`
Added files for new login 2017-04-11 19:38:07 -06:00			`next();`
			`})`

			`// Get info about pro`
			`.get(function(req,res,next){`
Added ability to change password 2017-04-12 11:41:27 -06:00			`res.render('pro');`
Added files for new login 2017-04-11 19:38:07 -06:00			`})`

			`// Join Tracman pro`
			`.post(function(req,res){`
Added ability to change password 2017-04-12 11:41:27 -06:00			`User.findByIdAndUpdate(req.user.id,`
Added files for new login 2017-04-11 19:38:07 -06:00			`{$set:{ isPro:true }},`
			`function(err, user){`
Added ability to change password 2017-04-12 11:41:27 -06:00			`if (err){ mw.throwErr(err,req); }`
Added files for new login 2017-04-11 19:38:07 -06:00			`else { req.flash('success','You have been signed up for pro. '); }`
			`res.redirect('/map');`
			`}`
			`);`
			`});`

			`module.exports = router;`