mailtrain/routes/rest/account.js

'use strict';

const passport = require('../../lib/passport');
const _ = require('../../lib/translate')._;
const users = require('../../models/users');
const contextHelpers = require('../../lib/context-helpers');

const router = require('../../lib/router-async').create();


router.getAsync('/account', passport.loggedIn, async (req, res) => {
    const user = await users.getById(contextHelpers.getAdminContext(), req.user.id);
    user.hash = users.hash(user);
    return res.json(user);
});

router.postAsync('/account', passport.loggedIn, passport.csrfProtection, async (req, res) => {
    const data = req.body;
    data.id = req.user.id;

    await users.updateWithConsistencyCheck(contextHelpers.getAdminContext(), req.body, true);
    return res.json();
});

router.postAsync('/account-validate', passport.loggedIn, passport.csrfProtection, async (req, res) => {
    const data = req.body;
    data.id = req.user.id;

    return res.json(await users.serverValidate(contextHelpers.getAdminContext(), data, true));
});

router.getAsync('/access-token', passport.loggedIn, async (req, res) => {
    const accessToken = await users.getAccessToken(req.user.id);
    return res.json(accessToken);

});

router.postAsync('/access-token-reset', passport.loggedIn, passport.csrfProtection, async (req, res) => {
    const accessToken = await users.resetAccessToken(req.user.id);
    return res.json(accessToken);
});


router.post('/login', passport.csrfProtection, passport.restLogin);
router.post('/logout', passport.csrfProtection, passport.restLogout); // TODO - this endpoint is currently not in use. It will become relevant once we switch to SPA

router.postAsync('/password-reset-send', passport.csrfProtection, async (req, res) => {
    await users.sendPasswordReset(req.body.usernameOrEmail);
    return res.json();
});

router.postAsync('/password-reset-validate', passport.csrfProtection, async (req, res) => {
    const isValid = await users.isPasswordResetTokenValid(req.body.username, req.body.resetToken);
    return res.json(isValid);
})

router.postAsync('/password-reset', passport.csrfProtection, async (req, res) => {
    await users.resetPassword(req.body.username, req.body.resetToken, req.body.password);
    return res.json();
})


module.exports = router;
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`'use strict';`

			`const passport = require('../../lib/passport');`
			`const _ = require('../../lib/translate')._;`
			`const users = require('../../models/users');`
Lists list and CUD Custom forms list Updated DB schema (not yet implemented in the server, which means that most of the server is not broken). - custom forms are independent of a list - order and visibility of fields is now in custom_fields - first_name and last_name has been turned to a regular custom field 2017-07-29 19:42:07 +00:00			`const contextHelpers = require('../../lib/context-helpers');`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00
			`const router = require('../../lib/router-async').create();`


			`router.getAsync('/account', passport.loggedIn, async (req, res) => {`
Lists list and CUD Custom forms list Updated DB schema (not yet implemented in the server, which means that most of the server is not broken). - custom forms are independent of a list - order and visibility of fields is now in custom_fields - first_name and last_name has been turned to a regular custom field 2017-07-29 19:42:07 +00:00			`const user = await users.getById(contextHelpers.getAdminContext(), req.user.id);`
Local auth seems to work 2017-07-08 16:57:41 +00:00			`user.hash = users.hash(user);`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`return res.json(user);`
			`});`

			`router.postAsync('/account', passport.loggedIn, passport.csrfProtection, async (req, res) => {`
			`const data = req.body;`
			`data.id = req.user.id;`

Blacklist functionality Some API improvements 2017-09-17 14:36:23 +00:00			`await users.updateWithConsistencyCheck(contextHelpers.getAdminContext(), req.body, true);`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`return res.json();`
			`});`

Local auth seems to work 2017-07-08 16:57:41 +00:00			`router.postAsync('/account-validate', passport.loggedIn, passport.csrfProtection, async (req, res) => {`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`const data = req.body;`
			`data.id = req.user.id;`

Blacklist functionality Some API improvements 2017-09-17 14:36:23 +00:00			`return res.json(await users.serverValidate(contextHelpers.getAdminContext(), data, true));`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`});`

			`router.getAsync('/access-token', passport.loggedIn, async (req, res) => {`
			`const accessToken = await users.getAccessToken(req.user.id);`
			`return res.json(accessToken);`

			`});`

			`router.postAsync('/access-token-reset', passport.loggedIn, passport.csrfProtection, async (req, res) => {`
			`const accessToken = await users.resetAccessToken(req.user.id);`
			`return res.json(accessToken);`
			`});`


Local auth seems to work 2017-07-08 16:57:41 +00:00			`router.post('/login', passport.csrfProtection, passport.restLogin);`
			`router.post('/logout', passport.csrfProtection, passport.restLogout); // TODO - this endpoint is currently not in use. It will become relevant once we switch to SPA`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00
Local auth seems to work 2017-07-08 16:57:41 +00:00			`router.postAsync('/password-reset-send', passport.csrfProtection, async (req, res) => {`
			`await users.sendPasswordReset(req.body.usernameOrEmail);`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`return res.json();`
			`});`

Local auth seems to work 2017-07-08 16:57:41 +00:00			`router.postAsync('/password-reset-validate', passport.csrfProtection, async (req, res) => {`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`const isValid = await users.isPasswordResetTokenValid(req.body.username, req.body.resetToken);`
			`return res.json(isValid);`
			`})`

Local auth seems to work 2017-07-08 16:57:41 +00:00			`router.postAsync('/password-reset', passport.csrfProtection, async (req, res) => {`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`await users.resetPassword(req.body.username, req.body.resetToken, req.body.password);`
			`return res.json();`
			`})`


			`module.exports = router;`