From 478ed3c522039ffdc462d516ac9057aa90d0d498 Mon Sep 17 00:00:00 2001 From: Berkeley Martinez Date: Tue, 18 Aug 2015 15:22:28 -0700 Subject: [PATCH 1/8] fix should toString userId's --- server/boot/a-extendUserIdent.js | 2 +- server/middlewares/add-return-to.js | 24 ++++++++++++++++++++++-- server/views/account/account.jade | 2 +- 3 files changed, 24 insertions(+), 4 deletions(-) diff --git a/server/boot/a-extendUserIdent.js b/server/boot/a-extendUserIdent.js index f5f5e9ebc7..1fac91d85e 100644 --- a/server/boot/a-extendUserIdent.js +++ b/server/boot/a-extendUserIdent.js @@ -47,7 +47,7 @@ export default function({ models }) { modified }); } - if (identity.userId !== userId) { + if (identity.userId.toString() !== userId.toString()) { return Observable.throw( new Error('An account is already linked to that profile') ); diff --git a/server/middlewares/add-return-to.js b/server/middlewares/add-return-to.js index 9e9522b1ad..5fbd19c39d 100644 --- a/server/middlewares/add-return-to.js +++ b/server/middlewares/add-return-to.js @@ -1,10 +1,30 @@ +const pathsOfNoReturn = [ + 'link', + 'auth', + 'login', + 'logout', + 'signin', + 'signup', + 'fonts', + 'favicon', + 'js', + 'css' +]; + +const pathsOfNoReturnRegex = new RegExp(pathsOfNoReturn.join('|'), 'i'); + export default function addReturnToUrl() { return function(req, res, next) { // Remember original destination before login. var path = req.path.split('/')[1]; - if (/auth|login|logout|signin|signup|fonts|favicon/i.test(path)) { + + if (req.method !== 'GET') { return next(); - } else if (/\/stories\/\w+/i.test(req.path)) { + } + if (pathsOfNoReturnRegex.test(path)) { + return next(); + } + if (/\/stories\/\w+/i.test(req.path)) { return next(); } req.session.returnTo = req.path; diff --git a/server/views/account/account.jade b/server/views/account/account.jade index 549f416073..44bcca998b 100644 --- a/server/views/account/account.jade +++ b/server/views/account/account.jade @@ -2,7 +2,7 @@ extends ../layout block content script. var challengeName = 'Account View' - .panel.panel-info(ng-controller="profileValidationController") + .panel.panel-info .panel-heading.text-center Manage your account here .panel-body .row From f59d029336952ea9ea812c7ac12bbf428f8f7489 Mon Sep 17 00:00:00 2001 From: Berkeley Martinez Date: Tue, 18 Aug 2015 15:54:58 -0700 Subject: [PATCH 2/8] fix check if url sent with story --- server/boot/story.js | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/server/boot/story.js b/server/boot/story.js index 0a2af6d96c..7b3c058ea1 100755 --- a/server/boot/story.js +++ b/server/boot/story.js @@ -107,8 +107,12 @@ module.exports = function(app) { }); } - function preSubmit(req, res) { + function preSubmit(req, res, next) { var data = req.query; + if (typeof data.url !== 'string') { + req.flash('errors', { msg: 'No URL supplied with story' }); + return next(new TypeError('No URL supplied with story')); + } var cleanedData = cleanData(data.url); if (data.url.replace(/&/g, '&') !== cleanedData) { From 0367a19ffcb5b34548c265040faed737ca65fb2c Mon Sep 17 00:00:00 2001 From: Berkeley Martinez Date: Tue, 18 Aug 2015 16:00:27 -0700 Subject: [PATCH 3/8] add bower_components to pathsOfNOReturnTo --- server/middlewares/add-return-to.js | 1 + 1 file changed, 1 insertion(+) diff --git a/server/middlewares/add-return-to.js b/server/middlewares/add-return-to.js index 5fbd19c39d..56529cb94d 100644 --- a/server/middlewares/add-return-to.js +++ b/server/middlewares/add-return-to.js @@ -1,5 +1,6 @@ const pathsOfNoReturn = [ 'link', + 'bower_components', 'auth', 'login', 'logout', From 8c803281f65ce006179b8574a6630b372b09302e Mon Sep 17 00:00:00 2001 From: Berkeley Martinez Date: Tue, 18 Aug 2015 19:23:43 -0700 Subject: [PATCH 4/8] fix cannot read property match of undefined --- server/boot/challenge.js | 6 +++--- server/boot/user.js | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/server/boot/challenge.js b/server/boot/challenge.js index 54c28c983c..fc17828f2a 100644 --- a/server/boot/challenge.js +++ b/server/boot/challenge.js @@ -320,7 +320,7 @@ module.exports = function(app) { var challengeData = { id: challengeId, - name: req.body.challengeInfo.challengeName, + name: req.body.challengeInfo.challengeName || '', completedDate: Math.round(+new Date()), solution: req.body.challengeInfo.solution, challengeType: 5 @@ -399,7 +399,7 @@ module.exports = function(app) { { id: id || challengeId, completedDate: completedDate, - name: name || challengeName, + name: name || challengeName || '', solution: null, githubLink: null, verified: true @@ -446,7 +446,7 @@ module.exports = function(app) { var challengeData = { id: challengeId, - name: req.body.challengeInfo.challengeName, + name: req.body.challengeInfo.challengeName || '', completedDate: completedDate, solution: solutionLink, githubLink: githubLink, diff --git a/server/boot/user.js b/server/boot/user.js index 1ed1381240..be063d47e1 100644 --- a/server/boot/user.js +++ b/server/boot/user.js @@ -156,7 +156,7 @@ module.exports = function(app) { }); const bonfires = user.completedChallenges.filter(function(obj) { - return obj.challengeType === 5 && obj.name.match(/Bonfire/g); + return obj.challengeType === 5 && (obj.name || '').match(/Bonfire/g); }); res.render('account/show', { From 0128829d116fa96bc142f54db1be3c8eeee00326 Mon Sep 17 00:00:00 2001 From: Berkeley Martinez Date: Tue, 18 Aug 2015 19:48:42 -0700 Subject: [PATCH 5/8] fix cannot read property id of user durring upvote post to upvote without auth returns 401 --- server/boot/story.js | 7 ++++--- server/utils/middleware.js | 11 +++++++++-- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/server/boot/story.js b/server/boot/story.js index 7b3c058ea1..02b92e93b3 100755 --- a/server/boot/story.js +++ b/server/boot/story.js @@ -18,6 +18,7 @@ var time48Hours = 172800000; var unDasherize = utils.unDasherize; var dasherize = utils.dasherize; var getURLTitle = utils.getURLTitle; +var ifNoUser401 = require('../utils/middleware').ifNoUser401; function hotRank(timeValue, rank) { /* @@ -63,12 +64,12 @@ module.exports = function(app) { router.get('/stories/hotStories', hotJSON); router.get('/stories/submit', submitNew); router.get('/stories/submit/new-story', preSubmit); - router.post('/stories/preliminary', newStory); - router.post('/stories/', storySubmission); + router.post('/stories/preliminary', ifNoUser401, newStory); + router.post('/stories/', ifNoUser401, storySubmission); router.get('/news/', hot); router.post('/stories/search', getStories); router.get('/news/:storyName', returnIndividualStory); - router.post('/stories/upvote/', upvote); + router.post('/stories/upvote/', ifNoUser401, upvote); router.get('/stories/:storyName', redirectToNews); app.use(router); diff --git a/server/utils/middleware.js b/server/utils/middleware.js index dc0219f0a4..1edec7a59b 100644 --- a/server/utils/middleware.js +++ b/server/utils/middleware.js @@ -12,12 +12,12 @@ exports.userMigration = function userMigration(req, res, next) { if (!req.user || req.user.completedChallenges.length !== 0) { return next(); } - req.user.completedChallenges = R.filter(function (elem) { + req.user.completedChallenges = R.filter(function(elem) { // getting rid of undefined return elem; }, R.concat( req.user.completedCoursewares, - req.user.completedBonfires.map(function (bonfire) { + req.user.completedBonfires.map(function(bonfire) { return ({ completedDate: bonfire.completedDate, id: bonfire.id, @@ -51,3 +51,10 @@ exports.ifNoUserSend = function ifNoUserSend(sendThis) { return res.status(200).send(sendThis); }; }; + +exports.ifNoUser401 = function ifNoUser401(req, res, next) { + if (req.user) { + return next(); + } + return res.status(401).end(); +}; From 01a45e06355d1a75b062e2b975c709560bf3dce1 Mon Sep 17 00:00:00 2001 From: Berkeley Martinez Date: Tue, 18 Aug 2015 20:02:39 -0700 Subject: [PATCH 6/8] fix cannot find challengeId of undefined --- server/boot/challenge.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/server/boot/challenge.js b/server/boot/challenge.js index fc17828f2a..761bcc9711 100644 --- a/server/boot/challenge.js +++ b/server/boot/challenge.js @@ -137,7 +137,9 @@ module.exports = function(app) { // unless the next block is undefined, which means no next block let nextChallengeName = firstChallenge; - const challengeId = req.user.currentChallenge.challengeId; + const challengeId = req.user.currentChallenge ? + req.user.currentChallenge.challengeId : + 'bd7123c8c441eddfaeb5bdef'; // find challenge return challenge$ .map(challenge => challenge.toJSON()) From bc84a25ff92461592cfdc862173dc344aab857b9 Mon Sep 17 00:00:00 2001 From: Berkeley Martinez Date: Tue, 18 Aug 2015 23:07:06 -0700 Subject: [PATCH 7/8] add message on emergency maintenance --- server/views/challengeMap/show.jade | 2 ++ server/views/home.jade | 2 ++ server/views/resources/get-started.jade | 2 ++ 3 files changed, 6 insertions(+) diff --git a/server/views/challengeMap/show.jade b/server/views/challengeMap/show.jade index 294368b722..5c33397a4f 100644 --- a/server/views/challengeMap/show.jade +++ b/server/views/challengeMap/show.jade @@ -1,5 +1,7 @@ extends ../layout block content + .bg-danger.default-border-radius + p      We are running emergency server maintenance. Your account and challenge completion will not be saved until this message goes away. Sorry about the inconvenience and thank you for your understanding. .panel.panel-info .panel-heading.text-center h1 Challenge Map diff --git a/server/views/home.jade b/server/views/home.jade index f08d7528ca..7c1ff3677e 100644 --- a/server/views/home.jade +++ b/server/views/home.jade @@ -1,5 +1,7 @@ extends layout block content + .bg-danger.default-border-radius + p      We are running emergency server maintenance. Your account and challenge completion will not be saved until this message goes away. Sorry about the inconvenience and thank you for your understanding. .jumbotron .text-center h1.hug-top Code with Us diff --git a/server/views/resources/get-started.jade b/server/views/resources/get-started.jade index 66ea1c2d35..bbf1f74d1a 100644 --- a/server/views/resources/get-started.jade +++ b/server/views/resources/get-started.jade @@ -1,5 +1,7 @@ extends ../layout block content + .bg-danger.default-border-radius + p      We are running emergency server maintenance. Your account and challenge completion will not be saved until this message goes away. Sorry about the inconvenience and thank you for your understanding. .jumbotron h2.text-center Scroll down and follow along with this 8-minute guide. br From 679d1383a56100d4ea51bba2e1e3e96bd3df55aa Mon Sep 17 00:00:00 2001 From: Berkeley Martinez Date: Tue, 18 Aug 2015 23:14:27 -0700 Subject: [PATCH 8/8] up timeout --- server/datasources.local.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/datasources.local.js b/server/datasources.local.js index 8ad9d08abc..c1881a0fef 100644 --- a/server/datasources.local.js +++ b/server/datasources.local.js @@ -3,7 +3,7 @@ var secrets = require('../config/secrets'); module.exports = { db: { connector: 'mongodb', - connectionTimeout: 5000, + connectionTimeout: 10000, url: secrets.db }, mail: {