99 lines
3.2 KiB
JavaScript
99 lines
3.2 KiB
JavaScript
'use strict';
|
|
|
|
let passport = require('../lib/passport');
|
|
let express = require('express');
|
|
let router = new express.Router();
|
|
let users = require('../lib/models/users');
|
|
|
|
router.get('/logout', (req, res) => passport.logout(req, res));
|
|
|
|
router.post('/login', passport.parseForm, (req, res, next) => passport.login(req, res, next));
|
|
router.get('/login', (req, res) => {
|
|
res.render('users/login', {
|
|
next: req.query.next
|
|
});
|
|
});
|
|
|
|
router.get('/forgot', passport.csrfProtection, (req, res) => {
|
|
res.render('users/forgot', {
|
|
csrfToken: req.csrfToken()
|
|
});
|
|
});
|
|
|
|
router.post('/forgot', passport.parseForm, passport.csrfProtection, (req, res) => {
|
|
users.sendReset(req.body.username, err => {
|
|
if (err) {
|
|
req.flash('danger', err.message || err);
|
|
return res.redirect('/users/forgot');
|
|
} else {
|
|
req.flash('success', 'An email with password reset instructions has been sent to your email address, if it exists on our system.');
|
|
}
|
|
return res.redirect('/users/login');
|
|
});
|
|
});
|
|
|
|
router.get('/reset', passport.csrfProtection, (req, res) => {
|
|
users.checkResetToken(req.query.username, req.query.token, (err, status) => {
|
|
if (err) {
|
|
req.flash('danger', err.message || err);
|
|
return res.redirect('/users/login');
|
|
}
|
|
|
|
if (!status) {
|
|
req.flash('danger', 'Unknown or expired reset token');
|
|
return res.redirect('/users/login');
|
|
}
|
|
|
|
res.render('users/reset', {
|
|
csrfToken: req.csrfToken(),
|
|
username: req.query.username,
|
|
resetToken: req.query.token
|
|
});
|
|
});
|
|
});
|
|
|
|
router.post('/reset', passport.parseForm, passport.csrfProtection, (req, res) => {
|
|
users.resetPassword(req.body, (err, status) => {
|
|
if (err) {
|
|
req.flash('danger', err.message || err);
|
|
return res.redirect('/users/reset?username=' + encodeURIComponent(req.body.username) + '&token=' + encodeURIComponent(req.body['reset-token']));
|
|
} else if (!status) {
|
|
req.flash('danger', 'Unknown or expired reset token');
|
|
} else {
|
|
req.flash('success', 'Your password has been changed successfully');
|
|
}
|
|
|
|
return res.redirect('/users/login');
|
|
});
|
|
});
|
|
|
|
router.all('/account', (req, res, next) => {
|
|
if (!req.user) {
|
|
req.flash('danger', 'Need to be logged in to access restricted content');
|
|
return res.redirect('/users/login?next=' + encodeURIComponent(req.originalUrl));
|
|
}
|
|
next();
|
|
});
|
|
|
|
router.get('/account', passport.csrfProtection, (req, res) => {
|
|
let data = {
|
|
csrfToken: req.csrfToken(),
|
|
email: req.user.email
|
|
};
|
|
res.render('users/account', data);
|
|
});
|
|
|
|
router.post('/account', passport.parseForm, passport.csrfProtection, (req, res) => {
|
|
users.update(Number(req.user.id), req.body, (err, success) => {
|
|
if (err) {
|
|
req.flash('danger', err.message || err);
|
|
} else if (success) {
|
|
req.flash('success', 'Account information updated');
|
|
} else {
|
|
req.flash('info', 'Account information not updated');
|
|
}
|
|
return res.redirect('/users/account');
|
|
});
|
|
});
|
|
|
|
module.exports = router;
|