Validated emails at /signup
parent
f51ec1308d
commit
3809daa999
145
config/auth.js
145
config/auth.js
|
@ -68,84 +68,93 @@ module.exports = (app, passport) => {
|
|||
|
||||
}
|
||||
|
||||
// Validate email
|
||||
req.checkBody('email', 'Please enter a valid email address.').isEmail();
|
||||
req.sanitizeBody('email').normalizeEmail({remove_dots:false});
|
||||
|
||||
// Check if somebody already has that email
|
||||
User.findOne({'email':req.body.email}, (err,user)=>{
|
||||
if (err){ mw.throwErr(err,req); }
|
||||
|
||||
// User already exists
|
||||
if (user && user.auth.password) {
|
||||
req.flash('warning','A user with that email already exists! If you forgot your password, you can <a href="/login/forgot">reset it here</a>.');
|
||||
res.redirect('/login#login');
|
||||
next();
|
||||
}
|
||||
|
||||
// User exists but hasn't created a password yet
|
||||
else if (user) {
|
||||
// Send another token (or the same one if it hasn't expired)
|
||||
sendToken(user);
|
||||
}
|
||||
|
||||
// Create user
|
||||
else {
|
||||
User.findOne({'email':req.body.email})
|
||||
.then( (user)=>{
|
||||
|
||||
user = new User();
|
||||
user.created = Date.now();
|
||||
user.email = req.body.email;
|
||||
user.slug = slug(user.email.substring(0, user.email.indexOf('@')));
|
||||
// User already exists
|
||||
if (user && user.auth.password) {
|
||||
req.flash('warning','A user with that email already exists! If you forgot your password, you can <a href="/login/forgot">reset it here</a>.');
|
||||
res.redirect('/login#login');
|
||||
next();
|
||||
}
|
||||
|
||||
// Generate unique slug
|
||||
let slug = new Promise((resolve,reject) => {
|
||||
(function checkSlug(s,cb){
|
||||
|
||||
User.findOne({slug:s})
|
||||
.catch((err)=>{
|
||||
mw.throwErr(err,req);
|
||||
})
|
||||
.then((existingUser)=>{
|
||||
// User exists but hasn't created a password yet
|
||||
else if (user) {
|
||||
// Send another token (or the same one if it hasn't expired)
|
||||
sendToken(user);
|
||||
}
|
||||
|
||||
// Create user
|
||||
else {
|
||||
|
||||
user = new User();
|
||||
user.created = Date.now();
|
||||
user.email = req.body.email;
|
||||
user.slug = slug(user.email.substring(0, user.email.indexOf('@')));
|
||||
|
||||
// Generate unique slug
|
||||
let slug = new Promise((resolve,reject) => {
|
||||
(function checkSlug(s,cb){
|
||||
|
||||
// Slug in use: generate a random one and retry
|
||||
if (existingUser){
|
||||
crypto.randomBytes(6, (err,buf)=>{
|
||||
if (err) { mw.throwErr(err,req); }
|
||||
s = buf.toString('hex');
|
||||
checkSlug(s,cb);
|
||||
});
|
||||
}
|
||||
|
||||
// Unique slug: proceed
|
||||
else { cb(s); }
|
||||
User.findOne({slug:s})
|
||||
.catch((err)=>{
|
||||
mw.throwErr(err,req);
|
||||
})
|
||||
.then((existingUser)=>{
|
||||
|
||||
// Slug in use: generate a random one and retry
|
||||
if (existingUser){
|
||||
crypto.randomBytes(6, (err,buf)=>{
|
||||
if (err) { mw.throwErr(err,req); }
|
||||
s = buf.toString('hex');
|
||||
checkSlug(s,cb);
|
||||
});
|
||||
}
|
||||
|
||||
// Unique slug: proceed
|
||||
else { cb(s); }
|
||||
|
||||
});
|
||||
|
||||
})(user.slug, (newSlug)=>{
|
||||
user.slug = newSlug;
|
||||
resolve();
|
||||
});
|
||||
|
||||
})(user.slug, (newSlug)=>{
|
||||
user.slug = newSlug;
|
||||
resolve();
|
||||
});
|
||||
});
|
||||
|
||||
// Generate sk32
|
||||
let sk32 = new Promise((resolve,reject) => {
|
||||
crypto.randomBytes(32, (err,buf)=>{
|
||||
if (err) { mw.throwErr(err,req); }
|
||||
user.sk32 = buf.toString('hex');
|
||||
resolve();
|
||||
|
||||
// Generate sk32
|
||||
let sk32 = new Promise((resolve,reject) => {
|
||||
crypto.randomBytes(32, (err,buf)=>{
|
||||
if (err) { mw.throwErr(err,req); }
|
||||
user.sk32 = buf.toString('hex');
|
||||
resolve();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
// Save user and send the token by email
|
||||
Promise.all([slug, sk32])
|
||||
.then( ()=> {
|
||||
user.save();
|
||||
}).then( ()=>{
|
||||
sendToken(user);
|
||||
}).catch( (err)=>{
|
||||
mw.throwErr(err,req);
|
||||
res.redirect('/login#signup');
|
||||
});
|
||||
|
||||
}
|
||||
|
||||
// Save user and send the token by email
|
||||
Promise.all([slug, sk32])
|
||||
.then( ()=> {
|
||||
user.save();
|
||||
}).then( ()=>{
|
||||
sendToken(user);
|
||||
}).catch( (err)=>{
|
||||
mw.throwErr(err,req);
|
||||
res.redirect('/login#signup');
|
||||
});
|
||||
|
||||
}
|
||||
})
|
||||
.catch( (err)=>{
|
||||
mw.throwErr(err,req);
|
||||
res.redirect('/signup');
|
||||
});
|
||||
|
||||
});
|
||||
});
|
||||
|
||||
// Forgot password
|
||||
|
|
Loading…
Reference in New Issue