gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #15985 from raisedadead/fix/update-email-pre-confirm

Browse Source 
fix(user): Update email pre-confirm config
This commit is contained in:
Berkeley Martinez
2017-11-27 12:40:56 -08:00
committed by GitHub
parent b48037adc2 e652ad934a
commit caaeba03f2
7 changed files with 40 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
common/models/user.js
View File

@ -83,11 +83,6 @@ function getWaitPeriod(ttl) {
return 0;
}
module.exports = function(User) {
// NOTE(berks): user email validation currently not needed but build in. This
// work around should let us sneak by
// see:
// https://github.com/strongloop/loopback/issues/1137#issuecomment-109200135
delete User.validations.email;
// set salt factor for passwords
User.settings.saltWorkFactor = 5;
// set user.rand to random number
@ -241,7 +236,7 @@ module.exports = function(User) {
return User.findById(uid, (err, user) => {
if (err || !user) {
if (err || !user || !user.newEmail) {
ctx.req.flash('error', {
msg: dedent`Oops, something went wrong, please try again later`
});
@ -273,7 +268,16 @@ module.exports = function(User) {
return ctx.res.redirect(redirect);
}
return next();
return user.update$({
email: user.newEmail,
newEmail: null,
emailVerifyTTL: null
})
.do(() => {
return next();
})
.toPromise();
});
});
@ -477,7 +481,7 @@ module.exports = function(User) {
}
);
User.requestAuthLink = function requestAuthLink(email) {
User.requestAuthEmail = function requestAuthEmail(email) {
if (!isEmail(email)) {
return Promise.reject(
new Error('The submitted email not valid.')
@ -550,7 +554,7 @@ module.exports = function(User) {
};
User.remoteMethod(
'requestAuthLink',
'requestAuthEmail',
{
description: 'request a link on email with temporary token to sign in',
accepts: [{
@ -565,15 +569,17 @@ module.exports = function(User) {
}
);
User.prototype.updateEmail = function updateEmail(email) {
const ownEmail = email === this.email;
if (!isEmail('' + email)) {
User.prototype.requestUpdateEmail = function requestUpdateEmail(
newEmail
) {
const ownEmail = newEmail === this.email;
if (!isEmail('' + newEmail)) {
return Observable.throw(createEmailError());
}
// email is already associated and verified with this account
if (ownEmail && this.emailVerified) {
return Observable.throw(new Error(
`${email} is already associated with this account.`
`${newEmail} is already associated with this account.`
));
}
@ -588,23 +594,25 @@ module.exports = function(User) {
`);
}
return Observable.fromPromise(User.doesExist(null, email))
return Observable.fromPromise(User.doesExist(null, newEmail))
.flatMap(exists => {
// not associated with this account, but is associated with another
if (!ownEmail && exists) {
return Promise.reject(
new Error(`${email} is already associated with another account.`)
new Error(
`${newEmail} is already associated with another account.`
)
);
}
const emailVerified = false;
return this.update$({
email,
newEmail,
emailVerified,
emailVerifyTTL: new Date()
})
.do(() => {
this.email = email;
this.newEmail = newEmail;
this.emailVerified = emailVerified;
this.emailVerifyTTL = new Date();
});
@ -612,7 +620,7 @@ module.exports = function(User) {
.flatMap(() => {
const mailOptions = {
type: 'email',
to: email,
to: newEmail,
from: getEmailSender(),
subject: 'freeCodeCamp - Email Update Requested',
protocol: getProtocol(),
@ -625,7 +633,7 @@ module.exports = function(User) {
'server',
'views',
'emails',
'user-email-verify.ejs'
'user-request-update-email.ejs'
)
};
return this.verify(mailOptions);

7
common/models/user.json
View File

@ -16,6 +16,9 @@
}
}
},
"newEmail":{
"type": "string"
},
"emailVerifyTTL": {
"type": "date"
},
@ -277,7 +280,7 @@
"principalType": "ROLE",
"principalId": "$owner",
"permission": "ALLOW",
"property": "updateEmail"
"property": "requestUpdateEmail"
},
{
"accessType": "EXECUTE",
@ -298,7 +301,7 @@
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "requestAuthLink"
"property": "requestAuthEmail"
}
],
"methods": {}

2
server/boot/settings.js
View File

@ -21,7 +21,7 @@ export default function settingsController(app) {
function updateMyEmail(req, res, next) {
const { user, body: { email } } = req;
return user.updateEmail(email)
return user.requestUpdateEmail(email)
.subscribe(
(message) => res.json({ message }),
next

2
server/boot/user.js
View File

@ -248,7 +248,7 @@ module.exports = function(app) {
return res.redirect('/');
}
return User.requestAuthLink(req.body.email)
return User.requestAuthEmail(req.body.email)
.then(msg => {
return res.status(200).send({ message: msg });
})

2
server/views/emails/user-request-sign-in.ejs
View File

@ -14,4 +14,4 @@ Good luck with the challenges!
Thanks,
The freeCodeCamp Team.
team@freecodecamp.com
team@freecodecamp.org

8
server/views/emails/user-request-sign-up.ejs
View File

@ -9,9 +9,9 @@ This above link is valid for 15 minutes.
And when you have a moment:
1. Visit the settings page and link your account to GitHub.
2. Follow our Medium Publication: https://medium.freecodecamp.com
3. Checkout our forum: https://forum.freecodecamp.com
4. Join the conversation: https://gitter.im/FreeCodeCamp/FreeCodeCamp
2. Follow our Medium Publication: https://medium.freecodecamp.org
3. Checkout our forum: https://forum.freecodecamp.org
4. Join the conversation: https://gitter.im/freeCodeCamp/freeCodeCamp
IMPORTANT NOTE:
If you did not make any such request, simply delete or ignore this email.
@ -21,4 +21,4 @@ Good luck with the challenges!
Thanks,
The freeCodeCamp Team.
team@freecodecamp.com
team@freecodecamp.org

2
server/views/emails/user-email-verify.ejs → server/views/emails/user-request-update-email.ejs
View File

@ -10,4 +10,4 @@ Good luck with the challenges!
Thanks,
The freeCodeCamp Team.
team@freecodecamp.com
team@freecodecamp.org