diff --git a/server/boot/a-extendUserIdent.js b/server/boot/a-extendUserIdent.js index f5f5e9ebc7..1fac91d85e 100644 --- a/server/boot/a-extendUserIdent.js +++ b/server/boot/a-extendUserIdent.js @@ -47,7 +47,7 @@ export default function({ models }) { modified }); } - if (identity.userId !== userId) { + if (identity.userId.toString() !== userId.toString()) { return Observable.throw( new Error('An account is already linked to that profile') ); diff --git a/server/boot/challenge.js b/server/boot/challenge.js index 54c28c983c..761bcc9711 100644 --- a/server/boot/challenge.js +++ b/server/boot/challenge.js @@ -137,7 +137,9 @@ module.exports = function(app) { // unless the next block is undefined, which means no next block let nextChallengeName = firstChallenge; - const challengeId = req.user.currentChallenge.challengeId; + const challengeId = req.user.currentChallenge ? + req.user.currentChallenge.challengeId : + 'bd7123c8c441eddfaeb5bdef'; // find challenge return challenge$ .map(challenge => challenge.toJSON()) @@ -320,7 +322,7 @@ module.exports = function(app) { var challengeData = { id: challengeId, - name: req.body.challengeInfo.challengeName, + name: req.body.challengeInfo.challengeName || '', completedDate: Math.round(+new Date()), solution: req.body.challengeInfo.solution, challengeType: 5 @@ -399,7 +401,7 @@ module.exports = function(app) { { id: id || challengeId, completedDate: completedDate, - name: name || challengeName, + name: name || challengeName || '', solution: null, githubLink: null, verified: true @@ -446,7 +448,7 @@ module.exports = function(app) { var challengeData = { id: challengeId, - name: req.body.challengeInfo.challengeName, + name: req.body.challengeInfo.challengeName || '', completedDate: completedDate, solution: solutionLink, githubLink: githubLink, diff --git a/server/boot/story.js b/server/boot/story.js index 0a2af6d96c..02b92e93b3 100755 --- a/server/boot/story.js +++ b/server/boot/story.js @@ -18,6 +18,7 @@ var time48Hours = 172800000; var unDasherize = utils.unDasherize; var dasherize = utils.dasherize; var getURLTitle = utils.getURLTitle; +var ifNoUser401 = require('../utils/middleware').ifNoUser401; function hotRank(timeValue, rank) { /* @@ -63,12 +64,12 @@ module.exports = function(app) { router.get('/stories/hotStories', hotJSON); router.get('/stories/submit', submitNew); router.get('/stories/submit/new-story', preSubmit); - router.post('/stories/preliminary', newStory); - router.post('/stories/', storySubmission); + router.post('/stories/preliminary', ifNoUser401, newStory); + router.post('/stories/', ifNoUser401, storySubmission); router.get('/news/', hot); router.post('/stories/search', getStories); router.get('/news/:storyName', returnIndividualStory); - router.post('/stories/upvote/', upvote); + router.post('/stories/upvote/', ifNoUser401, upvote); router.get('/stories/:storyName', redirectToNews); app.use(router); @@ -107,8 +108,12 @@ module.exports = function(app) { }); } - function preSubmit(req, res) { + function preSubmit(req, res, next) { var data = req.query; + if (typeof data.url !== 'string') { + req.flash('errors', { msg: 'No URL supplied with story' }); + return next(new TypeError('No URL supplied with story')); + } var cleanedData = cleanData(data.url); if (data.url.replace(/&/g, '&') !== cleanedData) { diff --git a/server/boot/user.js b/server/boot/user.js index 1ed1381240..be063d47e1 100644 --- a/server/boot/user.js +++ b/server/boot/user.js @@ -156,7 +156,7 @@ module.exports = function(app) { }); const bonfires = user.completedChallenges.filter(function(obj) { - return obj.challengeType === 5 && obj.name.match(/Bonfire/g); + return obj.challengeType === 5 && (obj.name || '').match(/Bonfire/g); }); res.render('account/show', { diff --git a/server/datasources.local.js b/server/datasources.local.js index 8ad9d08abc..c1881a0fef 100644 --- a/server/datasources.local.js +++ b/server/datasources.local.js @@ -3,7 +3,7 @@ var secrets = require('../config/secrets'); module.exports = { db: { connector: 'mongodb', - connectionTimeout: 5000, + connectionTimeout: 10000, url: secrets.db }, mail: { diff --git a/server/middlewares/add-return-to.js b/server/middlewares/add-return-to.js index 9e9522b1ad..56529cb94d 100644 --- a/server/middlewares/add-return-to.js +++ b/server/middlewares/add-return-to.js @@ -1,10 +1,31 @@ +const pathsOfNoReturn = [ + 'link', + 'bower_components', + 'auth', + 'login', + 'logout', + 'signin', + 'signup', + 'fonts', + 'favicon', + 'js', + 'css' +]; + +const pathsOfNoReturnRegex = new RegExp(pathsOfNoReturn.join('|'), 'i'); + export default function addReturnToUrl() { return function(req, res, next) { // Remember original destination before login. var path = req.path.split('/')[1]; - if (/auth|login|logout|signin|signup|fonts|favicon/i.test(path)) { + + if (req.method !== 'GET') { return next(); - } else if (/\/stories\/\w+/i.test(req.path)) { + } + if (pathsOfNoReturnRegex.test(path)) { + return next(); + } + if (/\/stories\/\w+/i.test(req.path)) { return next(); } req.session.returnTo = req.path; diff --git a/server/utils/middleware.js b/server/utils/middleware.js index dc0219f0a4..1edec7a59b 100644 --- a/server/utils/middleware.js +++ b/server/utils/middleware.js @@ -12,12 +12,12 @@ exports.userMigration = function userMigration(req, res, next) { if (!req.user || req.user.completedChallenges.length !== 0) { return next(); } - req.user.completedChallenges = R.filter(function (elem) { + req.user.completedChallenges = R.filter(function(elem) { // getting rid of undefined return elem; }, R.concat( req.user.completedCoursewares, - req.user.completedBonfires.map(function (bonfire) { + req.user.completedBonfires.map(function(bonfire) { return ({ completedDate: bonfire.completedDate, id: bonfire.id, @@ -51,3 +51,10 @@ exports.ifNoUserSend = function ifNoUserSend(sendThis) { return res.status(200).send(sendThis); }; }; + +exports.ifNoUser401 = function ifNoUser401(req, res, next) { + if (req.user) { + return next(); + } + return res.status(401).end(); +}; diff --git a/server/views/account/account.jade b/server/views/account/account.jade index 549f416073..44bcca998b 100644 --- a/server/views/account/account.jade +++ b/server/views/account/account.jade @@ -2,7 +2,7 @@ extends ../layout block content script. var challengeName = 'Account View' - .panel.panel-info(ng-controller="profileValidationController") + .panel.panel-info .panel-heading.text-center Manage your account here .panel-body .row diff --git a/server/views/challengeMap/show.jade b/server/views/challengeMap/show.jade index 294368b722..5c33397a4f 100644 --- a/server/views/challengeMap/show.jade +++ b/server/views/challengeMap/show.jade @@ -1,5 +1,7 @@ extends ../layout block content + .bg-danger.default-border-radius + p      We are running emergency server maintenance. Your account and challenge completion will not be saved until this message goes away. Sorry about the inconvenience and thank you for your understanding. .panel.panel-info .panel-heading.text-center h1 Challenge Map diff --git a/server/views/home.jade b/server/views/home.jade index f08d7528ca..7c1ff3677e 100644 --- a/server/views/home.jade +++ b/server/views/home.jade @@ -1,5 +1,7 @@ extends layout block content + .bg-danger.default-border-radius + p      We are running emergency server maintenance. Your account and challenge completion will not be saved until this message goes away. Sorry about the inconvenience and thank you for your understanding. .jumbotron .text-center h1.hug-top Code with Us diff --git a/server/views/resources/get-started.jade b/server/views/resources/get-started.jade index 66ea1c2d35..bbf1f74d1a 100644 --- a/server/views/resources/get-started.jade +++ b/server/views/resources/get-started.jade @@ -1,5 +1,7 @@ extends ../layout block content + .bg-danger.default-border-radius + p      We are running emergency server maintenance. Your account and challenge completion will not be saved until this message goes away. Sorry about the inconvenience and thank you for your understanding. .jumbotron h2.text-center Scroll down and follow along with this 8-minute guide. br