gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #15985 from raisedadead/fix/update-email-pre-confirm

Browse Source 
fix(user): Update email pre-confirm config
This commit is contained in:
Berkeley Martinez
2017-11-27 12:40:56 -08:00
committed by GitHub
parent b48037adc2 e652ad934a
commit caaeba03f2
7 changed files with 40 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
common/models/user.js
View File

@ -83,11 +83,6 @@ function getWaitPeriod(ttl) {
return 0; return 0;
} }
module.exports = function(User) { module.exports = function(User) {
// NOTE(berks): user email validation currently not needed but build in. This
// work around should let us sneak by
// see:
// https://github.com/strongloop/loopback/issues/1137#issuecomment-109200135
delete User.validations.email;
// set salt factor for passwords // set salt factor for passwords
User.settings.saltWorkFactor = 5; User.settings.saltWorkFactor = 5;
// set user.rand to random number // set user.rand to random number
@ -241,7 +236,7 @@ module.exports = function(User) {
return User.findById(uid, (err, user) => { return User.findById(uid, (err, user) => {
if (err || !user) { if (err || !user || !user.newEmail) {
ctx.req.flash('error', { ctx.req.flash('error', {
msg: dedent`Oops, something went wrong, please try again later` msg: dedent`Oops, something went wrong, please try again later`
}); });
@ -273,7 +268,16 @@ module.exports = function(User) {
return ctx.res.redirect(redirect); return ctx.res.redirect(redirect);
} }
return next(); return user.update$({
email: user.newEmail,
newEmail: null,
emailVerifyTTL: null
})
.do(() => {
return next();
})
.toPromise();
}); });
}); });
@ -477,7 +481,7 @@ module.exports = function(User) {
} }
); );
User.requestAuthLink = function requestAuthLink(email) { User.requestAuthEmail = function requestAuthEmail(email) {
if (!isEmail(email)) { if (!isEmail(email)) {
return Promise.reject( return Promise.reject(
new Error('The submitted email not valid.') new Error('The submitted email not valid.')
@ -550,7 +554,7 @@ module.exports = function(User) {
}; };
User.remoteMethod( User.remoteMethod(
'requestAuthLink', 'requestAuthEmail',
{ {
description: 'request a link on email with temporary token to sign in', description: 'request a link on email with temporary token to sign in',
accepts: [{ accepts: [{
@ -565,15 +569,17 @@ module.exports = function(User) {
} }
); );
User.prototype.updateEmail = function updateEmail(email) { User.prototype.requestUpdateEmail = function requestUpdateEmail(
const ownEmail = email === this.email; newEmail
if (!isEmail('' + email)) { ) {
const ownEmail = newEmail === this.email;
if (!isEmail('' + newEmail)) {
return Observable.throw(createEmailError()); return Observable.throw(createEmailError());
} }
// email is already associated and verified with this account // email is already associated and verified with this account
if (ownEmail && this.emailVerified) { if (ownEmail && this.emailVerified) {
return Observable.throw(new Error( return Observable.throw(new Error(
`${email} is already associated with this account.` `${newEmail} is already associated with this account.`
)); ));
} }
@ -588,23 +594,25 @@ module.exports = function(User) {
`); `);
} }
return Observable.fromPromise(User.doesExist(null, email)) return Observable.fromPromise(User.doesExist(null, newEmail))
.flatMap(exists => { .flatMap(exists => {
// not associated with this account, but is associated with another // not associated with this account, but is associated with another
if (!ownEmail && exists) { if (!ownEmail && exists) {
return Promise.reject( return Promise.reject(
new Error(`${email} is already associated with another account.`) new Error(
`${newEmail} is already associated with another account.`
)
); );
} }
const emailVerified = false; const emailVerified = false;
return this.update$({ return this.update$({
email, newEmail,
emailVerified, emailVerified,
emailVerifyTTL: new Date() emailVerifyTTL: new Date()
}) })
.do(() => { .do(() => {
this.email = email; this.newEmail = newEmail;
this.emailVerified = emailVerified; this.emailVerified = emailVerified;
this.emailVerifyTTL = new Date(); this.emailVerifyTTL = new Date();
}); });
@ -612,7 +620,7 @@ module.exports = function(User) {
.flatMap(() => { .flatMap(() => {
const mailOptions = { const mailOptions = {
type: 'email', type: 'email',
to: email, to: newEmail,
from: getEmailSender(), from: getEmailSender(),
subject: 'freeCodeCamp - Email Update Requested', subject: 'freeCodeCamp - Email Update Requested',
protocol: getProtocol(), protocol: getProtocol(),
@ -625,7 +633,7 @@ module.exports = function(User) {
'server', 'server',
'views', 'views',
'emails', 'emails',
'user-email-verify.ejs' 'user-request-update-email.ejs'
) )
}; };
return this.verify(mailOptions); return this.verify(mailOptions);

7
common/models/user.json
View File

@ -16,6 +16,9 @@
} }
} }
}, },
"newEmail":{
"type": "string"
},
"emailVerifyTTL": { "emailVerifyTTL": {
"type": "date" "type": "date"
}, },
@ -277,7 +280,7 @@
"principalType": "ROLE", "principalType": "ROLE",
"principalId": "$owner", "principalId": "$owner",
"permission": "ALLOW", "permission": "ALLOW",
"property": "updateEmail" "property": "requestUpdateEmail"
}, },
{ {
"accessType": "EXECUTE", "accessType": "EXECUTE",
@ -298,7 +301,7 @@
"principalType": "ROLE", "principalType": "ROLE",
"principalId": "$everyone", "principalId": "$everyone",
"permission": "ALLOW", "permission": "ALLOW",
"property": "requestAuthLink" "property": "requestAuthEmail"
} }
], ],
"methods": {} "methods": {}

2
server/boot/settings.js
View File

@ -21,7 +21,7 @@ export default function settingsController(app) {
function updateMyEmail(req, res, next) { function updateMyEmail(req, res, next) {
const { user, body: { email } } = req; const { user, body: { email } } = req;
return user.updateEmail(email) return user.requestUpdateEmail(email)
.subscribe( .subscribe(
(message) => res.json({ message }), (message) => res.json({ message }),
next next

2
server/boot/user.js
View File

@ -248,7 +248,7 @@ module.exports = function(app) {
return res.redirect('/'); return res.redirect('/');
} }
return User.requestAuthLink(req.body.email) return User.requestAuthEmail(req.body.email)
.then(msg => { .then(msg => {
return res.status(200).send({ message: msg }); return res.status(200).send({ message: msg });
}) })

2
server/views/emails/user-request-sign-in.ejs
View File

@ -14,4 +14,4 @@ Good luck with the challenges!
Thanks, Thanks,
The freeCodeCamp Team. The freeCodeCamp Team.
team@freecodecamp.com team@freecodecamp.org

8
server/views/emails/user-request-sign-up.ejs
View File

@ -9,9 +9,9 @@ This above link is valid for 15 minutes.
And when you have a moment: And when you have a moment:
1. Visit the settings page and link your account to GitHub. 1. Visit the settings page and link your account to GitHub.
2. Follow our Medium Publication: https://medium.freecodecamp.com 2. Follow our Medium Publication: https://medium.freecodecamp.org
3. Checkout our forum: https://forum.freecodecamp.com 3. Checkout our forum: https://forum.freecodecamp.org
4. Join the conversation: https://gitter.im/FreeCodeCamp/FreeCodeCamp 4. Join the conversation: https://gitter.im/freeCodeCamp/freeCodeCamp
IMPORTANT NOTE: IMPORTANT NOTE:
If you did not make any such request, simply delete or ignore this email. If you did not make any such request, simply delete or ignore this email.
@ -21,4 +21,4 @@ Good luck with the challenges!
Thanks, Thanks,
The freeCodeCamp Team. The freeCodeCamp Team.
team@freecodecamp.com team@freecodecamp.org

2
server/views/emails/user-email-verify.ejs → server/views/emails/user-request-update-email.ejs
View File

@ -10,4 +10,4 @@ Good luck with the challenges!
Thanks, Thanks,
The freeCodeCamp Team. The freeCodeCamp Team.
team@freecodecamp.com team@freecodecamp.org