gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update error flash message, redirect to /forgot if no reset token is found or if it has expired

Browse Source
This commit is contained in:
Sahat Yalkabov
2014-02-18 01:40:03 -05:00
parent 58c3db89ed
commit 6549966a16
1 changed files with 22 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
controllers/reset.js
View File

@ -1,22 +1,16 @@
'use strict';
/**
* Module Dependencies
*/
var bcrypt = require('bcrypt-nodejs');
var mongoose = require('mongoose');
var nodemailer = require("nodemailer");
var nodemailer = require('nodemailer');
var User = require('../models/User');
var secrets = require('../config/secrets');
/**
* GET /reset/:id/:token
* Reset your password page
* GET /reset/:token
* Reset Password page.
*/
exports.getReset = function(req, res) {
if (req.user) return res.redirect('/'); //user already logged in!
if (req.isAuthenticated()) {
return res.redirect('/');
}
var conditions = {
_id: req.params.id,
@ -32,10 +26,8 @@ exports.getReset = function(req, res) {
});
}
if (!user) {
req.flash('errors', { msg: 'Your reset request is invalid. It may have expired.' });
return res.render('account/reset', {
validToken: false
});
req.flash('errors', { msg: 'Password reset token is invalid or has expired.' });
return res.redirect('/forgot');
}
// Validate the token
bcrypt.compare(req.params.token, user.resetPasswordToken, function(err, isValid) {