Skip to content

Commit d6791f5

Browse files
author
Ubuntu
committed
missed the rest of the files
1 parent 8ba7981 commit d6791f5

33 files changed

+2578
-0
lines changed

.gitignore

+1
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
node_modules/

README.md

+1
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
the readme

controllers/auth.js

+336
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,336 @@
1+
var nodemailer = require('nodemailer'),
2+
bcrypt = require('bcrypt'),
3+
salt = bcrypt.genSaltSync(10),
4+
User = require('../models/schema').User;
5+
6+
function randomString(len, charSet) {
7+
charSet = charSet || 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
8+
var randomString = '',
9+
i = len;
10+
while (i--) {
11+
var randomPoz = Math.floor(Math.random() * charSet.length);
12+
randomString += charSet.substring(randomPoz, randomPoz + 1);
13+
}
14+
return randomString;
15+
}
16+
17+
exports.show_signup = function(req, res) {
18+
var c = {csrf_token: req.session._csrf};
19+
res.render('signup', c);
20+
};
21+
22+
exports.process_signup = function(req, res) {
23+
var c = {
24+
twitter: req.body.twitter,
25+
facebook: req.body.facebook,
26+
image: req.body.image,
27+
email: req.body.email,
28+
username: req.body.username,
29+
name: {first: req.body.first_name, last: req.body.last_name},
30+
password: req.body.password,
31+
active: true,
32+
online: true
33+
};
34+
35+
User.findOne({email: c.email}, function(error, user) {
36+
console.log(JSON.stringify(user));
37+
if (error) {
38+
console.log(error);
39+
res.redirect('/login/error');
40+
}
41+
else if (!user) {
42+
user = new User(c);
43+
user.session = bcrypt.hashSync(randomString(24), salt);
44+
user.password = bcrypt.hashSync(user.password, salt);
45+
user.save(function(error) {
46+
if (error) {
47+
console.log(error);
48+
res.redirect('/login/error');
49+
}
50+
else {
51+
delete user.password;
52+
delete user.email;
53+
req.session.user_token = user;
54+
res.redirect('/lobby');
55+
}
56+
});
57+
}
58+
else {
59+
valid = bcrypt.compareSync(c.password, user.password);
60+
if (valid) {
61+
user.facebook = c.facebook;
62+
user.twitter = c.twitter;
63+
res.redirect('/lobby');
64+
user.save(function(error) {
65+
if (error) {
66+
console.log(error);
67+
}
68+
});
69+
}
70+
else {
71+
res.redirect('/login/error');
72+
}
73+
}
74+
});
75+
76+
};
77+
78+
exports.login = function(req, res) {
79+
var c = req.body,
80+
query = (c.username.indexOf('@') >= 0) ? {email: c.username} : {username: c.username};
81+
82+
User.findOne(query, function(error, user) {
83+
var valid;
84+
if (error) {
85+
console.log(error);
86+
res.redirect('/500');
87+
}
88+
else if (!user) {
89+
res.redirect('/signup');
90+
}
91+
else {
92+
valid = bcrypt.compareSync(c.password, user.password);
93+
if (valid) {
94+
delete user.password;
95+
delete user.email;
96+
user.session = bcrypt.hashSync(randomString(24), salt);
97+
user.save(function(error) {
98+
if (error) {
99+
console.log(error);
100+
res.redirect('/500');
101+
}
102+
else {
103+
req.session.user_token = user;
104+
res.redirect('/lobby');
105+
}
106+
});
107+
}
108+
else {
109+
var context = {
110+
csrf_token: req.session._csrf,
111+
error: 'Your username or password is incorrect.'
112+
};
113+
res.render('index', context);
114+
}
115+
}
116+
});
117+
118+
};
119+
120+
exports.logout = function(req, res) {
121+
req.session.destroy();
122+
res.redirect('/');
123+
};
124+
125+
exports.show_account = function(req, res) {
126+
var user = req.session.user_token;
127+
User.findOne({_id: user._id}, function(error, user) {
128+
if (error) {
129+
console.log(error);
130+
res.redirect('/500');
131+
}
132+
else if (!user) {
133+
res.redirect('/404');
134+
}
135+
else {
136+
delete user.email;
137+
delete user.password;
138+
user.edit = true;
139+
user.first_name = user.name.first;
140+
user.last_name = user.name.last;
141+
user.csrf_token = req.session._csrf;
142+
res.render('signup', user);
143+
}
144+
145+
});
146+
};
147+
148+
exports.update_account = function(req, res) {
149+
var user = req.session.user_token;
150+
User.findOne({_id: user._id}, function(error, user) {
151+
if (error) {
152+
console.log(error);
153+
res.redirect('/500');
154+
}
155+
else if (!user) {
156+
res.redirect('/404');
157+
}
158+
else {
159+
user.username = req.body.username;
160+
user.email = req.body.email;
161+
user.name.first = req.body.first_name;
162+
user.name.last = req.body.last_name;
163+
user.save(function(error) {
164+
if (error) {
165+
console.log(error);
166+
res.redirect('/500');
167+
}
168+
else {
169+
delete user.email;
170+
delete user.password;
171+
user.edit = true;
172+
user.updated = true;
173+
user.first_name = user.name.first;
174+
user.last_name = user.name.last;
175+
user.csrf_token = req.session._csrf;
176+
res.render('signup', user);
177+
}
178+
})
179+
}
180+
})
181+
182+
};
183+
184+
exports.check_user = function(req, res) {
185+
var valid;
186+
User.findOne({email: req.body.email}, function(error, user) {
187+
if (error) {
188+
console.log(error);
189+
res.json(500, {error: 'Something Broke. Sorry.'});
190+
}
191+
else if (user) {
192+
if (!req.twitter) {
193+
res.json({error: 'The email you entered is already in our system. \n Please use the password recovery.'});
194+
}
195+
else {
196+
valid = bcrypt.compareSync(req.password, user.password);
197+
if (!valid) {
198+
res.json({error: 'The email you entered is already in our system. \n Please use the password recovery.'});
199+
}
200+
else {
201+
res.json({error: false});
202+
}
203+
}
204+
}
205+
else {
206+
User.findOne({username: req.body.username}, function(error, user) {
207+
if (error) {
208+
console.log(error);
209+
res.json(500, {error: 'Something Broke. Sorry.'});
210+
}
211+
else if (user) {
212+
if (!req.twitter) {
213+
res.json({error: 'Someone has that username.\n Please choose another.'});
214+
}
215+
else {
216+
valid = bcrypt.compareSync(req.password, user.password);
217+
if (!valid) {
218+
res.json({error: 'The username you entered is already in our system. \n Please use the password recovery.'});
219+
}
220+
else {
221+
res.json({error: false});
222+
}
223+
}
224+
}
225+
else {
226+
res.json({error: false});
227+
}
228+
});
229+
}
230+
});
231+
};
232+
233+
exports.show_recover = function(req, res) {
234+
var c = {csrf_token: req.session._csrf};
235+
res.render('recover_password', c);
236+
};
237+
238+
exports.process_recover = function(req, res) {
239+
var email = req.body.email.split(',')[0];
240+
User.findOne({email: email}, function(error, user) {
241+
if (error) {
242+
console.log(error);
243+
}
244+
else if (user) {
245+
var resetURL = 'http://plec.co/reset/password/'+ encodeURIComponent(user.session);
246+
var c = {
247+
message: 'Success. A password recovery email has been sent to ' + user.email
248+
};
249+
250+
var transport = nodemailer.createTransport('sendmail', {
251+
path: '/usr/sbin/sendmail',
252+
args: ['-f [email protected]']
253+
});
254+
255+
var mail = {
256+
to: email,
257+
subject: 'Plecco Password Reset',
258+
html: '<h2>Reset Password</h2><p>Use this link to reset your password.<br> <a href=' + resetURL +'>'+ resetURL +'</a></p>'
259+
};
260+
261+
transport.sendMail(mail, function(error, response) {
262+
if (error) {
263+
console.log(error);
264+
}
265+
else {
266+
console.log("Email send: " + response.message);
267+
res.render('recover_password', c);
268+
}
269+
});
270+
}
271+
else {
272+
var c = {
273+
csrf_token: req.session._csrf,
274+
error: 'The email you entered is not currently in our system!'
275+
};
276+
277+
res.render('recover_password', c);
278+
}
279+
});
280+
};
281+
282+
exports.show_reset = function(req, res) {
283+
var token = req.params.token;
284+
if (!token) {
285+
res.redirect('/500');
286+
}
287+
288+
User.findOne({session: token}, function(error, user) {
289+
if (error) {
290+
console.log(error);
291+
}
292+
else if (user) {
293+
var c = {
294+
csrf_token: req.session._csrf,
295+
token: user.session
296+
}
297+
res.render('reset_password', c);
298+
}
299+
else {
300+
var c = {
301+
message: 'Error reseting password! It is likely the link you used to reset the password has expired. Please use the "forgot password" link.'
302+
};
303+
res.render('reset_password', c);
304+
}
305+
});
306+
};
307+
308+
exports.process_reset = function(req, res) {
309+
var token = req.body.token;
310+
var password = req.body.password;
311+
User.findOne({session: token}, function(error, user) {
312+
if (error) {
313+
console.log(error);
314+
}
315+
else if (user) {
316+
user.password = bcrypt.hashSync(password, salt);
317+
user.save(function(error) {
318+
if (error) {
319+
console.log(error);
320+
}
321+
else {
322+
var c = {
323+
message: 'Your password has been changed! You can now login.'
324+
};
325+
res.render('reset_password', c);
326+
}
327+
});
328+
}
329+
else {
330+
var c = {
331+
message: 'Error reseting password! It is likely the link you used to reset the password has expired. Please use the "forgot password" link.'
332+
};
333+
res.render('reset_password', c);
334+
}
335+
});
336+
};

0 commit comments

Comments
 (0)