Update error flash message, redirect to /forgot if no reset token is found or if it has expired
This commit is contained in:
Sahat Yalkabov
@ -1,22 +1,16 @@
|
|||||||
'use strict';
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Module Dependencies
|
|
||||||
*/
|
|
||||||
|
|
||||||
var bcrypt = require('bcrypt-nodejs');
|
var bcrypt = require('bcrypt-nodejs');
|
||||||
var mongoose = require('mongoose');
|
var nodemailer = require('nodemailer');
|
||||||
var nodemailer = require("nodemailer");
|
|
||||||
var User = require('../models/User');
|
var User = require('../models/User');
|
||||||
var secrets = require('../config/secrets');
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* GET /reset/:id/:token
|
* GET /reset/:token
|
||||||
* Reset your password page
|
* Reset Password page.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
exports.getReset = function(req, res) {
|
exports.getReset = function(req, res) {
|
||||||
if (req.user) return res.redirect('/'); //user already logged in!
|
if (req.isAuthenticated()) {
|
||||||
|
return res.redirect('/');
|
||||||
|
}
|
||||||
|
|
||||||
var conditions = {
|
var conditions = {
|
||||||
_id: req.params.id,
|
_id: req.params.id,
|
||||||
@ -32,10 +26,8 @@ exports.getReset = function(req, res) {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
if (!user) {
|
if (!user) {
|
||||||
req.flash('errors', { msg: 'Your reset request is invalid. It may have expired.' });
|
req.flash('errors', { msg: 'Password reset token is invalid or has expired.' });
|
||||||
return res.render('account/reset', {
|
return res.redirect('/forgot');
|
||||||
validToken: false
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
// Validate the token
|
// Validate the token
|
||||||
bcrypt.compare(req.params.token, user.resetPasswordToken, function(err, isValid) {
|
bcrypt.compare(req.params.token, user.resetPasswordToken, function(err, isValid) {
|
||||||
|
|||||||
Reference in New Issue
Block a user