2017-04-11 19:38:07 -06:00
'use strict' ;
const slug = require ( 'slug' ) ,
xss = require ( 'xss' ) ,
mw = require ( '../middleware.js' ) ,
User = require ( '../models.js' ) . user ,
mail = require ( '../mail.js' ) ,
env = require ( '../env.js' ) ,
router = require ( 'express' ) . Router ( ) ;
// Settings form
router . route ( '/' )
2017-04-13 16:53:18 -06:00
. all ( mw . ensureAuth , ( req , res , next ) => {
2017-04-11 19:38:07 -06:00
next ( ) ;
2017-04-13 16:53:18 -06:00
} )
2017-04-11 19:38:07 -06:00
// Get settings form
2017-04-13 16:53:18 -06:00
. get ( ( req , res , next ) => {
User . findById ( req . user , ( err , user ) => {
2017-04-12 11:41:27 -06:00
if ( err ) { mw . throwErr ( err , req ) ; }
2017-04-11 19:38:07 -06:00
res . render ( 'settings' ) ;
2017-04-13 16:53:18 -06:00
} ) ;
} )
2017-04-11 19:38:07 -06:00
// Set new settings
2017-04-13 16:53:18 -06:00
. post ( ( req , res , next ) => {
2017-04-12 11:41:27 -06:00
User . findByIdAndUpdate ( req . user , { $set : {
2017-04-11 19:38:07 -06:00
name : xss ( req . body . name ) ,
slug : slug ( xss ( req . body . slug ) ) ,
email : req . body . email ,
settings : {
units : req . body . units ,
defaultMap : req . body . map ,
defaultZoom : req . body . zoom ,
showSpeed : ( req . body . showSpeed ) ? true : false ,
showAlt : ( req . body . showAlt ) ? true : false ,
showStreetview : ( req . body . showStreet ) ? true : false
}
2017-04-13 16:53:18 -06:00
} } , ( err , user ) => {
if ( err ) {
mw . throwErr ( err , req ) ;
res . redirect ( '/settings' ) ;
}
else {
req . flash ( 'success' , 'Settings updated. ' ) ;
res . redirect ( '/settings' ) ;
}
} ) ;
} )
2017-04-11 19:38:07 -06:00
// Delete user account
2017-04-13 16:53:18 -06:00
. delete ( ( req , res , next ) => {
User . findByIdAndRemove ( req . user , ( err ) => {
if ( err ) {
mw . throwErr ( err , req ) ;
res . redirect ( '/settings' ) ;
} else {
req . flash ( 'success' , 'Your account has been deleted. ' ) ;
2017-04-12 11:41:27 -06:00
res . redirect ( '/' ) ;
2017-04-11 19:38:07 -06:00
}
2017-04-13 16:53:18 -06:00
} ) ;
} ) ;
2017-04-11 19:38:07 -06:00
// Set password
2017-04-12 11:41:27 -06:00
router . route ( '/password/' )
2017-04-13 16:53:18 -06:00
. all ( mw . ensureAuth , ( req , res , next ) => {
2017-04-11 19:38:07 -06:00
next ( ) ;
2017-04-13 16:53:18 -06:00
} )
2017-04-12 11:41:27 -06:00
// Email user a token, proceed at /password/:token
2017-04-13 16:53:18 -06:00
. get ( ( req , res , next ) => {
2017-04-12 11:41:27 -06:00
// Create token for password change
2017-04-13 16:53:18 -06:00
req . user . createToken ( ( err , token ) => {
2017-04-12 11:41:27 -06:00
if ( err ) { next ( err ) ; }
2017-04-13 16:53:18 -06:00
// Confirm password change request by email.
2017-04-12 11:41:27 -06:00
mail . send ( {
to : mail . to ( req . user ) ,
from : mail . from ,
subject : 'Request to change your Tracman password' ,
text : mail . text ( ` A request has been made to change your tracman password. If you did not initiate this request, please contact support at keith@tracman.org. \n \n To change your password, follow this link: \n ${ env . url } /settings/password/ ${ token } . \n \n This request will expire in 1 hour. ` ) ,
html : mail . html ( ` <p>A request has been made to change your tracman password. If you did not initiate this request, please contact support at <a href="mailto:keith@tracman.org">keith@tracman.org</a>. </p><p>To change your password, follow this link:<br><a href=" ${ env . url } /settings/password/ ${ token } "> ${ env . url } /settings/password/ ${ token } </a>. </p><p>This request will expire in 1 hour. </p> ` )
2017-04-13 16:53:18 -06:00
} ) . catch ( err => {
2017-04-12 11:41:27 -06:00
mw . throwErr ( err , req ) ;
2017-04-13 16:53:18 -06:00
res . redirect ( '/login#login' ) ;
} ) . then ( ( ) => {
// Alert user to check email.
2017-04-12 11:41:27 -06:00
req . flash ( 'success' , ` An email has been sent to <u> ${ req . user . email } </u>. Check your inbox to complete your password change. ` ) ;
2017-04-13 16:53:18 -06:00
res . redirect ( '/login#login' ) ;
2017-04-12 11:41:27 -06:00
} ) ;
2017-04-13 16:53:18 -06:00
} ) ;
} ) ;
2017-04-12 11:41:27 -06:00
router . route ( '/password/:token' )
2017-04-13 16:53:18 -06:00
2017-04-12 11:41:27 -06:00
// Check token
2017-04-13 16:53:18 -06:00
. all ( ( req , res , next ) => {
2017-04-12 11:41:27 -06:00
User
. findOne ( { 'auth.passToken' : req . params . token } )
. where ( 'auth.tokenExpires' ) . gt ( Date . now ( ) )
2017-04-13 16:59:46 -06:00
. catch ( ( err ) => {
mw . throwErr ( err , req ) ;
} )
. then ( ( user ) => {
2017-04-12 11:41:27 -06:00
if ( ! user ) {
req . flash ( 'danger' , 'Password reset token is invalid or has expired. ' ) ;
res . redirect ( ( req . isAuthenticated ) ? '/settings' : '/login' ) ;
} else {
res . locals . passwordUser = user ;
next ( ) ;
}
} ) ;
2017-04-13 16:53:18 -06:00
} )
2017-04-12 11:41:27 -06:00
// Show password change form
2017-04-13 16:53:18 -06:00
. get ( ( req , res ) => {
2017-04-12 11:41:27 -06:00
res . render ( 'password' ) ;
2017-04-13 16:53:18 -06:00
} )
. post ( ( req , res , next ) => {
2017-04-13 16:59:46 -06:00
2017-04-13 16:53:18 -06:00
//TODO: Validate password
2017-04-13 16:59:46 -06:00
2017-04-13 16:53:18 -06:00
// Delete token
res . locals . passwordUser . auth . passToken = undefined ;
res . locals . passwordUser . auth . tokenExpires = undefined ;
2017-04-13 16:59:46 -06:00
2017-04-13 16:53:18 -06:00
// Create hash
res . locals . passwordUser . generateHash ( req . body . password , ( err , hash ) => {
if ( err ) { mw . throwErr ( err , req ) ; }
else {
2017-04-13 16:59:46 -06:00
2017-04-13 16:53:18 -06:00
// Save new password to db
res . locals . passwordUser . auth . password = hash ;
res . locals . passwordUser . save ( ( err ) => {
if ( err ) {
mw . throwErr ( err , req ) ;
res . redirect ( '/login#signup' ) ;
}
else {
req . flash ( 'success' , 'Password set. You can use it to log in now. ' ) ;
res . redirect ( '/login#login' ) ;
}
} ) ;
2017-04-13 16:59:46 -06:00
2017-04-13 16:53:18 -06:00
}
} ) ;
2017-04-13 16:59:46 -06:00
2017-04-13 16:53:18 -06:00
} ) ;
2017-04-11 19:38:07 -06:00
// Tracman pro
2017-04-12 11:41:27 -06:00
router . route ( '/pro' )
2017-04-13 16:53:18 -06:00
. all ( mw . ensureAuth , ( req , res , next ) => {
2017-04-11 19:38:07 -06:00
next ( ) ;
2017-04-13 16:53:18 -06:00
} )
2017-04-11 19:38:07 -06:00
// Get info about pro
2017-04-13 16:53:18 -06:00
. get ( ( req , res , next ) => {
2017-04-12 11:41:27 -06:00
res . render ( 'pro' ) ;
2017-04-13 16:53:18 -06:00
} )
2017-04-11 19:38:07 -06:00
// Join Tracman pro
2017-04-13 16:53:18 -06:00
. post ( ( req , res ) => {
2017-04-12 11:41:27 -06:00
User . findByIdAndUpdate ( req . user . id ,
2017-04-11 19:38:07 -06:00
{ $set : { isPro : true } } ,
2017-04-13 16:53:18 -06:00
( err , user ) => {
2017-04-12 11:41:27 -06:00
if ( err ) { mw . throwErr ( err , req ) ; }
2017-04-11 19:38:07 -06:00
else { req . flash ( 'success' , 'You have been signed up for pro. ' ) ; }
res . redirect ( '/map' ) ;
}
) ;
2017-04-13 16:53:18 -06:00
} ) ;
2017-04-11 19:38:07 -06:00
module . exports = router ;