ki9
/
tracman-server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'develop' of github.com:tracman-org/server into develop

master
Keith Irwin 2017-12-29 01:21:07 +00:00
parent 2eec7a74cd bcc9714e6f
commit bf0d6ddd8e
4 changed files with 146 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
config/models.js
View File

@ -81,9 +81,7 @@ userSchema.methods.createEmailToken = function (next) {
.then(() => {
resolve(user.emailToken)
})
.catch((err) => {
reject(err)
})
.catch(reject)
}
})
})
@ -140,12 +138,10 @@ userSchema.methods.createPassToken = function (next) {
debug(`Reusing old password token...`)
user.auth.passTokenExpires = Date.now() + 3600000 // 1 hour
user.save()
.then(() => {
resolve(user.auth.passToken, user.auth.passTokenExpires)
})
.catch((err) => {
reject(err)
})
.then(() => {
resolve(user.auth.passToken, user.auth.passTokenExpires)
})
.catch(reject)
// Create new token
} else {
@ -201,8 +197,8 @@ userSchema.methods.generateHashedPassword = function (password, next) {
if (err) return reject(err)
this.auth.password = hash
this.save()
.then(resolve)
.catch( (err) => reject(err) )
.then(resolve)
.catch(reject)
})
})
@ -213,12 +209,14 @@ userSchema.methods.generateHashedPassword = function (password, next) {
userSchema.methods.validPassword = function (password, next) {
// Callback next(err, res)
if (typeof next === 'function') bcrypt.compare(password, this.auth.password, next)
else bcrypt.compare(password, this.auth.password)
.then((result) => {
if (result===true) resolve()
else reject(new Error('Passwords don\'t match'))
})
.catch( (err) => reject(err) )
else return new Promise( (resolve, reject) => {
bcrypt.compare(password, this.auth.password)
.then( (result) => {
if (result===true) resolve()
else reject(new Error('Passwords don\'t match'))
})
.catch( (err) => reject(err) )
})
}
module.exports = {

32
config/passport.js
View File

@ -40,22 +40,28 @@ module.exports = (passport) => {
// User exists
} else {
// Check password
user.validPassword(password, (err, res) => {
if (err) return done(err)
user.validPassword(password)
.then( (res) => {
// Password incorrect
if (!res) {
req.session.next = undefined
return done(null, false, req.flash('warning', 'Incorrect email or password.'))
// Password incorrect
if (!res) {
req.session.next = undefined
return done(null, false, req.flash('warning', 'Incorrect email or password.'))
// Successful login
} else {
user.lastLogin = Date.now()
user.save()
return done(null, user)
}
})
.catch( (err) => {
return done(err)
})
// Successful login
} else {
user.lastLogin = Date.now()
user.save()
return done(null, user)
}
})
}
})
.catch((err) => {

34
config/routes/auth.js
View File

@ -59,12 +59,8 @@ module.exports = (app, passport) => {
debug(`sendToken() called for user ${user.id}`)
// Create a new password token
user.createPassToken((err, token, expires) => {
if (err) {
debug(`Error creating password token for user ${user.id}!`)
mw.throwErr(err, req)
res.redirect('/login#signup')
} else {
user.createPassToken()
.then( (token, expires) => {
debug(`Created password token for user ${user.id} successfully`)
// Figure out expiration time
@ -125,10 +121,15 @@ module.exports = (app, passport) => {
}
} })
}
})
.catch( (err) => {
debug(`Error creating password token for user ${user.id}!`)
mw.throwErr(err, req)
res.redirect('/login#signup')
})
}
// Validate email
req.checkBody('email', 'Please enter a valid email address.').isEmail()
@ -273,8 +274,8 @@ module.exports = (app, passport) => {
// User with that email does exist
} else {
// Create reset token
user.createPassToken((err, token) => {
if (err) return next(err)
user.createPassToken()
.then( (token) => {
// Email reset link
mail.send({
@ -294,24 +295,31 @@ module.exports = (app, passport) => {
${env.url}/settings/password/${token}</a></p>\
<p>If you didn't initiate this request, just ignore this email. </p>`
)
}).then(() => {
})
.then(() => {
req.flash(
'success',
`If an account exists with the email <u>${req.body.email}</u>, \
an email has been sent there with a password reset link. `)
res.redirect('/login')
}).catch((err) => {
})
.catch((err) => {
debug(`Failed to send reset link to ${user.email}`)
mw.throwErr(err, req)
res.redirect('/login')
})
})
.catch( (err) => {
return next(err)
})
}
}).catch((err) => {
})
.catch((err) => {
debug(`Failed to check for if somebody has that email (in reset request)!`)
mw.throwErr(err, req)
res.redirect('/login/forgot')
})
})
// Android

184
config/routes/settings.js
View File

@ -38,6 +38,7 @@ router.route('/')
else {
User.findOne({ email: req.body.email })
.then((existingUser) => {
// Not unique!
if (existingUser && existingUser.id !== req.user.id) {
debug('Email not unique!')
@ -53,38 +54,38 @@ router.route('/')
// Create token
debug(`Creating email token...`)
req.user.createEmailToken((err, token) => {
if (err) reject(err)
// Send token to user by email
debug(`Mailing new email token to ${req.body.email}...`)
mail.send({
to: `"${req.user.name}" <${req.body.email}>`,
from: mail.noReply,
subject: 'Confirm your new email address for Tracman',
text: mail.text(
`A request has been made to change your Tracman email address. \
If you did not initiate this request, please disregard it. \n\n\
To confirm your email, follow this link:\n${env.url}/settings/email/${token}. `
),
html: mail.html(
`<p>A request has been made to change your Tracman email address. \
If you did not initiate this request, please disregard it. </p>\
<p>To confirm your email, follow this link:\
<br><a href="${env.url}/settings/email/${token}">\
${env.url}/settings/email/${token}</a>. </p>`
)
})
.then(() => {
req.flash('warning',
`An email has been sent to <u>${req.body.email}</u>. \
Check your inbox to confirm your new email address. `
)
resolve()
})
.catch(reject)
})
return req.user.createEmailToken()
}
})
.then( (token) => {
// Send token to user by email
debug(`Mailing new email token to ${req.body.email}...`)
return mail.send({
to: `"${req.user.name}" <${req.body.email}>`,
from: mail.noReply,
subject: 'Confirm your new email address for Tracman',
text: mail.text(
`A request has been made to change your Tracman email address. \
If you did not initiate this request, please disregard it. \n\n\
To confirm your email, follow this link:\n${env.url}/settings/email/${token}. `
),
html: mail.html(
`<p>A request has been made to change your Tracman email address. \
If you did not initiate this request, please disregard it. </p>\
<p>To confirm your email, follow this link:\
<br><a href="${env.url}/settings/email/${token}">\
${env.url}/settings/email/${token}</a>. </p>`
)
})
})
.then( () => {
req.flash('warning',
`An email has been sent to <u>${req.body.email}</u>. Check your inbox to confirm your new email address. `
)
resolve()
})
.catch(reject)
}
@ -210,52 +211,49 @@ router.route('/password')
// Email user a token, proceed at /password/:token
.get((req, res, next) => {
// Create token for password change
req.user.createPassToken((err, token, expires) => {
if (err) {
mw.throwErr(err, req)
res.redirect((req.user) ? '/settings' : '/login')
} else {
// Figure out expiration time
let expirationTimeString = (req.query.tz)
? moment(expires).utcOffset(req.query.tz).toDate().toLocaleTimeString(req.acceptsLanguages[0])
: moment(expires).toDate().toLocaleTimeString(req.acceptsLanguages[0]) + ' UTC'
req.user.createPassToken()
.then( (token, expires) => {
// Figure out expiration time
let expirationTimeString = (req.query.tz)
? moment(expires).utcOffset(req.query.tz).toDate().toLocaleTimeString(req.acceptsLanguages[0])
: moment(expires).toDate().toLocaleTimeString(req.acceptsLanguages[0]) + ' UTC'
// Confirm password change request by email.
mail.send({
to: mail.to(req.user),
from: mail.noReply,
subject: 'Request to change your Tracman password',
text: mail.text(
`A request has been made to change your tracman password. \
If you did not initiate this request, please contact support at keith@tracman.org. \
\n\nTo change your password, follow this link:\n\
${env.url}/settings/password/${token}. \n\n\
This request will expire at ${expirationTimeString}. `
),
html: mail.html(
`<p>A request has been made to change your tracman password. \
If you did not initiate this request, please contact support at \
<a href="mailto:keith@tracman.org">keith@tracman.org</a>. </p>\
<p>To change your password, follow this link:\
<br><a href="${env.url}/settings/password/${token}">\
${env.url}/settings/password/${token}</a>. </p>\
<p>This request will expire at ${expirationTimeString}. </p>`
)
})
.then(() => {
// Alert user to check email.
req.flash('success',
`An link has been sent to <u>${req.user.email}</u>. \
Click on the link to complete your password change. \
This link will expire in one hour (${expirationTimeString}). `
)
res.redirect((req.user) ? '/settings' : '/login')
})
.catch((err) => {
mw.throwErr(err, req)
res.redirect((req.user) ? '/settings' : '/login')
})
}
// Confirm password change request by email.
return mail.send({
to: mail.to(req.user),
from: mail.noReply,
subject: 'Request to change your Tracman password',
text: mail.text(
`A request has been made to change your tracman password. \
If you did not initiate this request, please contact support at keith@tracman.org. \
\n\nTo change your password, follow this link:\n\
${env.url}/settings/password/${token}. \n\n\
This request will expire at ${expirationTimeString}. `
),
html: mail.html(
`<p>A request has been made to change your tracman password. \
If you did not initiate this request, please contact support at \
<a href="mailto:keith@tracman.org">keith@tracman.org</a>. </p>\
<p>To change your password, follow this link:\
<br><a href="${env.url}/settings/password/${token}">\
${env.url}/settings/password/${token}</a>. </p>\
<p>This request will expire at ${expirationTimeString}. </p>`
)
})
})
.then(() => {
// Alert user to check email.
req.flash('success',
`An link has been sent to <u>${req.user.email}</u>. \
Click on the link to complete your password change. \
This link will expire in one hour (${expirationTimeString}). `
)
res.redirect((req.user) ? '/settings' : '/login')
})
.catch( (err) => {
mw.throwErr(err, req)
res.redirect((req.user) ? '/settings' : '/login')
})
})
@ -304,26 +302,26 @@ router.route('/password/:token')
} else {
// Create hashed password and save to db
res.locals.passwordUser.generateHashedPassword(req.body.password, (err) => {
if (err) {
res.locals.passwordUser.generateHashedPassword(req.body.password)
.then( () => {
// User changed password
if (req.user) {
debug('User saved password')
req.flash('success', 'Your password has been changed. ')
res.redirect('/settings')
// New user created password
} else {
debug('New user created password')
req.flash('success', 'Password set. You can use it to log in now. ')
res.redirect('/login?next=/map?new=1')
}
})
.catch( (err) => {
debug('Error creating hashed password and saving to db')
mw.throwErr(err, req)
res.redirect(`/settings/password/${req.params.token}`)
// User changed password
} else if (req.user) {
debug('User saved password')
req.flash('success', 'Your password has been changed. ')
res.redirect('/settings')
// New user created password
} else {
debug('New user created password')
req.flash('success', 'Password set. You can use it to log in now. ')
res.redirect('/login?next=/map?new=1')
}
})
})
}
})