gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update error flash message, redirect to /forgot if no reset token is found or if it has expired

Browse Source
This commit is contained in:
Sahat Yalkabov
2014-02-18 01:40:03 -05:00
parent 58c3db89ed
commit 6549966a16
1 changed files with 22 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
controllers/reset.js
View File

@ -1,22 +1,16 @@
'use strict'; var bcrypt = require('bcrypt-nodejs');
var nodemailer = require('nodemailer');
var User = require('../models/User');
/** /**
* Module Dependencies * GET /reset/:token
*/ * Reset Password page.
var bcrypt = require('bcrypt-nodejs');
var mongoose = require('mongoose');
var nodemailer = require("nodemailer");
var User = require('../models/User');
var secrets = require('../config/secrets');
/**
* GET /reset/:id/:token
* Reset your password page
*/ */
exports.getReset = function(req, res) { exports.getReset = function(req, res) {
if (req.user) return res.redirect('/'); //user already logged in! if (req.isAuthenticated()) {
return res.redirect('/');
}
var conditions = { var conditions = {
_id: req.params.id, _id: req.params.id,
@ -32,10 +26,8 @@ exports.getReset = function(req, res) {
}); });
} }
if (!user) { if (!user) {
req.flash('errors', { msg: 'Your reset request is invalid. It may have expired.' }); req.flash('errors', { msg: 'Password reset token is invalid or has expired.' });
return res.render('account/reset', { return res.redirect('/forgot');
validToken: false
});
} }
// Validate the token // Validate the token
bcrypt.compare(req.params.token, user.resetPasswordToken, function(err, isValid) { bcrypt.compare(req.params.token, user.resetPasswordToken, function(err, isValid) {
@ -168,22 +160,22 @@ exports.postReset = function(req, res) {
workflow.on('sendEmail', function(user) { workflow.on('sendEmail', function(user) {
// Create a reusable nodemailer transport method (opens a pool of SMTP connections) // Create a reusable nodemailer transport method (opens a pool of SMTP connections)
var smtpTransport = nodemailer.createTransport("SMTP",{ var smtpTransport = nodemailer.createTransport("SMTP", {
service: "Gmail", service: "Gmail",
auth: { auth: {
user: process.env.SMTP_USERNAME || '', user: process.env.SMTP_USERNAME || '',
pass: process.env.SMTP_PASSWORD || '' pass: process.env.SMTP_PASSWORD || ''
} }
// See nodemailer docs for other transports // See nodemailer docs for other transports
// https://github.com/andris9/Nodemailer // https://github.com/andris9/Nodemailer
}); });
// create email // create email
var mailOptions = { var mailOptions = {
to: user.profile.name + ' <' + user.email + '>', to: user.profile.name + ' <' + user.email + '>',
from: 'hackathon@starter.com', // TODO parameterize from: 'hackathon@starter.com', // TODO parameterize
subject: 'Password Reset Notice', subject: 'Password Reset Notice',
text: 'This is a courtesy message from hackathon-starter. Your password was just reset. Cheers!' text: 'This is a courtesy message from hackathon-starter. Your password was just reset. Cheers!'
}; };
// send email // send email