const testPassword = require('model').PasswordField.testSync; const User = require('./models.js'); const getUrl = require('create-url').getUrl; const mail = require('mail'); const pug = require('pug'); const config = require('settings/config'); SIGNUP_ERRORS = { USERNAME_ALREADY_EXISTS: "The username you want is already used.", EMAIL_ALREADY_EXISTS: "The email you want is already used.", UNKOWN_ERROR: "Something weird happened, i'm sorry :'(", }; module.exports.redirectIfNotLogged = function(redirectionPage, toDecorate) { return function(req, res, render) { if (req.session.user === undefined) { req.session.redirectAfterLog = redirectionPage; req.session.save(); res.redirect(getUrl('login')); return; } return toDecorate(...arguments); }; } module.exports.login = function(req, res, render) { if (req.session.loginFailed !== undefined) { res.locals.loginFailed = req.session.loginFailed; req.session.loginFailed = undefined; req.session.save(); } render('login.pug'); } module.exports.signup = function(req, res, render) { if (req.session.signupFailed !== undefined) { res.locals.signupFailed = req.session.signupFailed; req.session.signupFailed = undefined; req.session.save(); } render('signup.pug'); } module.exports.logout = function(req, res, render) { req.session.user = undefined; req.session.save(); res.redirect(getUrl("index")); } module.exports.loginTarget = function(req, res, render) { User.getByUsername(req.body.username, (err, user) => { if (user === undefined || !user.active) { res.redirect(getUrl('login')); } else { if (testPassword(req.body.password, user.password)) { req.session.user = user; let redirection = req.session.redirectAfterLog || 'index'; req.session.redirectAfterLog = undefined; req.session.save(); res.redirect(getUrl(redirection)); } else { req.session.loginFailed = true; req.session.save(); res.redirect(getUrl('login')); } } }); } module.exports.signupTarget = function(req, res, render) { let user = new User(); user.username = req.body.username; user.email = req.body.email; user.password = req.body.password; require('crypto').randomBytes(48, function(err, buffer) { user.activationKey = buffer.toString('hex'); user.save((err) => { if (err !== undefined) { let error = SIGNUP_ERRORS.UNKOWN_ERROR; switch (err.constraint) { case 'auth_user_email_key': error = SIGNUP_ERRORS.EMAIL_ALREADY_EXISTS; break; case 'auth_user_username_key': error = SIGNUP_ERRORS.USERNAME_ALREADY_EXISTS; break; } req.session.signupFailed = error; req.session.save(); return res.redirect(getUrl('signup')); } res.locals.user = user; let baseUrl = req.headers.referer.split('/').slice(0, 3).join('/') + '/' res.locals.activationUrl = baseUrl + 'activate/' + user.activationKey; let html = pug.renderFile( __dirname + '/templates/validationMail.pug', res.locals, ); mail({ from: config.MAIL.FROM, to: user.username + ' <' + user.email + '>', subject: 'Welcome on ADEjs!', text:'', attachment: [ {data: html, alternative: true} ] }, (err, result) => { res.redirect(getUrl('mailWasSent')); }); }); }); } module.exports.mailWasSent = function(req, res, render) { render('mailWasSent.pug'); } module.exports.activate = function(req, res, render, next) { User.getByActivationKey(req.params.activationKey, (err, user) => { if (user === undefined || user.active) { return next(); } user.active = true; user.activationKey = undefined; user.save((err, user) => { req.session.user = user; req.session.save(); res.redirect(getUrl('settings')); }); }); } module.exports.passwordForgotten = function(req, res, render, next) { if (req.session.passwordForgottenFailed) { res.locals.passwordForgottenFailed = req.session.passwordForgottenFailed; req.session.passwordForgottenFailed = undefined; req.session.save(); } render('passwordForgotten.pug'); } module.exports.passwordForgottenTarget = function(req, res, render, next) { User.getByEmail(req.body.email, (err, user) => { if (err !== undefined) { req.session.passwordForgottenFailed = true; req.session.save(); return res.redirect(getUrl('passwordForgotten')); } require('crypto').randomBytes(48, function(err, buffer) { user.activationKey = buffer.toString('hex'); user.save(); if (!user.active) { req.session.passwordForgottenFailed = true; req.session.save(); return res.redirect(getUrl('passwordForgotten')); } res.locals.user = user; let baseUrl = req.headers.referer.split('/').slice(0, 3).join('/') + '/' res.locals.resetUrl = baseUrl + 'reset-password/' + user.activationKey; let html = pug.renderFile( __dirname + '/templates/resetPasswordMail.pug', res.locals, ); mail({ from: config.MAIL.FROM, to: user.username + ' <' + user.email + '>', subject: 'Welcome on ADEjs!', text:'', attachment: [ {data: html, alternative: true} ] }, (err, result) => { res.redirect(getUrl('resetPasswordMailWasSent')); }); }); }); } module.exports.resetPasswordMailWasSent = function(req, res, render, next) { render('resetPasswordMailWasSent.pug'); } module.exports.resetPassword = function(req, res, render, next) { User.getByActivationKey(req.params.activationKey, (err, user) => { if (user === undefined || !user.active) { return next(); } res.locals.user = user; render('resetPassword.pug'); }); } module.exports.resetPasswordTarget = function(req, res, render, next) { User.getByActivationKey(req.body.activationKey, (err, user) => { if (user === undefined || !user.active) { return next(); } user.password = req.body.password; user.activationKey = undefined; user.save(() => { req.session.user = user; req.session.save(); res.redirect(getUrl('index')); }); }); }