p5.js-web-editor/server/controllers/user.controller.js

import User from '../models/user';
import crypto from 'crypto';
import async from 'async';
import nodemailer from 'nodemailer';
import mg from 'nodemailer-mailgun-transport';

export function createUser(req, res, next) {
  const user = new User({
    username: req.body.username,
    email: req.body.email,
    password: req.body.password
  });

  User.findOne({ email: req.body.email },
    (err, existingUser) => { // eslint-disable-line consistent-return
      if (err) { res.status(404).send({ error: err }); }

      if (existingUser) {
        return res.status(422).send({ error: 'Email is in use' });
      }
      user.save((saveErr) => { // eslint-disable-line consistent-return
        if (saveErr) { return next(saveErr); }
        req.logIn(user, (loginErr) => { // eslint-disable-line consistent-return
          if (loginErr) {
            return next(loginErr);
          }
          res.json({
            email: req.user.email,
            username: req.user.username,
            preferences: req.user.preferences,
            id: req.user._id
          });
        });
      });
    });
}

export function duplicateUserCheck(req, res) {
  const checkType = req.query.check_type;
  const value = req.query[checkType];
  const query = {};
  query[checkType] = value;
  User.findOne(query, (err, user) => {
    if (user) {
      return res.json({
        exists: true,
        message: `This ${checkType} is already taken.`,
        type: checkType
      });
    }
    return res.json({
      exists: false,
      type: checkType
    });
  });
}

export function updatePreferences(req, res) {
  User.findById(req.user.id, (err, user) => {
    if (err) {
      return res.status(500).json({ error: err });
    }
    if (!user) {
      return res.status(404).json({ error: 'Document not found' });
    }

    const preferences = Object.assign({}, user.preferences, req.body.preferences);
    user.preferences = preferences;

    user.save((err) => {
      if (err) {
        return res.status(500).json({ error: err });
      }

      return res.json(user.preferences);
    });
  });
}

export function resetPasswordInitiate(req, res) {
  async.waterfall([
    (done) => {
      crypto.randomBytes(20, function (err, buf) {
        var token = buf.toString('hex');
        done(err, token);
      });
    },
    (token, done) => {
      User.findOne({ email: req.body.email }, (err, user) => {
        if (!user) {
          return res.json({ success: true, message: 'If the email is registered with the editor, an email has been sent.' });
        }
        user.resetPasswordToken = token;
        user.resetPasswordExpires = Date.now() + 3600000; // 1 hour

        user.save(function (err) {
          done(err, token, user);
        });
      });
    },
    (token, user, done) => {
      const auth = {
        auth: {
          api_key: process.env.MAILGUN_KEY,
          domain: process.env.MAILGUN_DOMAIN
        }
      };

      const transporter = nodemailer.createTransport(mg(auth));
      const message = {
        to: user.email,
        from: 'p5.js Web Editor <noreply@p5js.org>',
        subject: 'p5.js Web Editor Password Reset',
        text: `You are receiving this email because you (or someone else) have requested the reset of the password for your account.
        \n\nPlease click on the following link, or paste this into your browser to complete the process:
        \n\nhttp://${req.headers.host}/reset-password/${token}
        \n\nIf you did not request this, please ignore this email and your password will remain unchanged.
        \n\nThanks for using the p5.js Web Editor!\n`
      };
      transporter.sendMail(message, (error, info) => {
        done(error);
      });
    }
  ], (err) => {
    if (err) {
      console.log(err);
      return res.json({ success: false });
    }
    // send email here
    return res.json({ success: true, message: 'If the email is registered with the editor, an email has been sent.' });
  });
}

export function validateResetPasswordToken(req, res) {
  User.findOne({ resetPasswordToken: req.params.token, resetPasswordExpires: { $gt: Date.now() } }, (err, user) => {
    if (!user) {
      return res.status(401).json({ success: false, message: 'Password reset token is invalid or has expired.' });
    }
    res.json({ success: true });
  });
}

export function updatePassword(req, res) {
  User.findOne({ resetPasswordToken: req.params.token, resetPasswordExpires: { $gt: Date.now() } }, function (err, user) {
    if (!user) {
      return res.status(401).json({ success: false, message: 'Password reset token is invalid or has expired.' });
    }

    user.password = req.body.password;
    user.resetPasswordToken = undefined;
    user.resetPasswordExpires = undefined;

    user.save(function (err) {
      req.logIn(user, function (err) {
        return res.json({
          email: req.user.email,
          username: req.user.username,
          preferences: req.user.preferences,
          id: req.user._id
        });
      });
    });
  });

  // eventually send email that the password has been reset
}
fix a ton of eslint errors 2016-06-23 22:29:55 +00:00			`import User from '../models/user';`
create password reset token from FE, start to add flash text 2016-10-12 21:19:43 +00:00			`import crypto from 'crypto';`
			`import async from 'async';`
more password reset things 2016-10-18 02:56:19 +00:00			`import nodemailer from 'nodemailer';`
			`import mg from 'nodemailer-mailgun-transport';`
sign up view renders, not tested if functional 2016-06-09 00:52:59 +00:00
			`export function createUser(req, res, next) {`
fix a ton of eslint errors 2016-06-23 22:29:55 +00:00			`const user = new User({`
			`username: req.body.username,`
sign up view renders, not tested if functional 2016-06-09 00:52:59 +00:00			`email: req.body.email,`
			`password: req.body.password`
			`});`

fix a ton of eslint errors 2016-06-23 22:29:55 +00:00			`User.findOne({ email: req.body.email },`
			`(err, existingUser) => { // eslint-disable-line consistent-return`
			`if (err) { res.status(404).send({ error: err }); }`
sign up view renders, not tested if functional 2016-06-09 00:52:59 +00:00
fix a ton of eslint errors 2016-06-23 22:29:55 +00:00			`if (existingUser) {`
			`return res.status(422).send({ error: 'Email is in use' });`
			`}`
			`user.save((saveErr) => { // eslint-disable-line consistent-return`
			`if (saveErr) { return next(saveErr); }`
			`req.logIn(user, (loginErr) => { // eslint-disable-line consistent-return`
			`if (loginErr) {`
			`return next(loginErr);`
			`}`
			`res.json({`
			`email: req.user.email,`
fix preferences font size text size bug 2016-08-09 22:45:59 +00:00			`username: req.user.username,`
			`preferences: req.user.preferences,`
			`id: req.user._id`
fix a ton of eslint errors 2016-06-23 22:29:55 +00:00			`});`
			`});`
			`});`
			`});`
			`}`
put preferences to server, need to look at mongoose docs tho because is wrong 2016-08-05 01:43:13 +00:00
check for duplicate email and username 2016-09-02 18:51:30 +00:00			`export function duplicateUserCheck(req, res) {`
			`const checkType = req.query.check_type;`
			`const value = req.query[checkType];`
			`const query = {};`
			`query[checkType] = value;`
			`User.findOne(query, (err, user) => {`
			`if (user) {`
			`return res.json({`
			`exists: true,`
			message: `This ${checkType} is already taken.`,
			`type: checkType`
			`});`
			`}`
			`return res.json({`
			`exists: false,`
			`type: checkType`
			`});`
			`});`
			`}`

put preferences to server, need to look at mongoose docs tho because is wrong 2016-08-05 01:43:13 +00:00			`export function updatePreferences(req, res) {`
update preferences server side 2016-08-09 18:20:54 +00:00			`User.findById(req.user.id, (err, user) => {`
			`if (err) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`return res.status(500).json({ error: err });`
update preferences server side 2016-08-09 18:20:54 +00:00			`}`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`if (!user) {`
			`return res.status(404).json({ error: 'Document not found' });`
update preferences server side 2016-08-09 18:20:54 +00:00			`}`

			`const preferences = Object.assign({}, user.preferences, req.body.preferences);`
			`user.preferences = preferences;`

			`user.save((err) => {`
			`if (err) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`return res.status(500).json({ error: err });`
update preferences server side 2016-08-09 18:20:54 +00:00			`}`

			`return res.json(user.preferences);`
			`});`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`});`
put preferences to server, need to look at mongoose docs tho because is wrong 2016-08-05 01:43:13 +00:00			`}`
more password reset stuff 2016-10-12 18:25:24 +00:00
			`export function resetPasswordInitiate(req, res) {`
create password reset token from FE, start to add flash text 2016-10-12 21:19:43 +00:00			`async.waterfall([`
			`(done) => {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`crypto.randomBytes(20, function (err, buf) {`
create password reset token from FE, start to add flash text 2016-10-12 21:19:43 +00:00			`var token = buf.toString('hex');`
			`done(err, token);`
			`});`
			`},`
			`(token, done) => {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`User.findOne({ email: req.body.email }, (err, user) => {`
create password reset token from FE, start to add flash text 2016-10-12 21:19:43 +00:00			`if (!user) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`return res.json({ success: true, message: 'If the email is registered with the editor, an email has been sent.' });`
create password reset token from FE, start to add flash text 2016-10-12 21:19:43 +00:00			`}`
			`user.resetPasswordToken = token;`
			`user.resetPasswordExpires = Date.now() + 3600000; // 1 hour`

fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`user.save(function (err) {`
create password reset token from FE, start to add flash text 2016-10-12 21:19:43 +00:00			`done(err, token, user);`
			`});`
			`});`
more password reset things 2016-10-18 02:56:19 +00:00			`},`
			`(token, user, done) => {`
			`const auth = {`
			`auth: {`
			`api_key: process.env.MAILGUN_KEY,`
			`domain: process.env.MAILGUN_DOMAIN`
			`}`
			`};`

			`const transporter = nodemailer.createTransport(mg(auth));`
			`const message = {`
			`to: user.email,`
#182 possible fix to password reset 2016-12-13 18:28:01 +00:00			`from: 'p5.js Web Editor <noreply@p5js.org>',`
more password reset things 2016-10-18 02:56:19 +00:00			`subject: 'p5.js Web Editor Password Reset',`
add basic password reset functionality, no error checking or styling 2016-10-18 20:07:25 +00:00			text: `You are receiving this email because you (or someone else) have requested the reset of the password for your account.
			`\n\nPlease click on the following link, or paste this into your browser to complete the process:`
			`\n\nhttp://${req.headers.host}/reset-password/${token}`
update email copy 2016-10-19 15:42:55 +00:00			`\n\nIf you did not request this, please ignore this email and your password will remain unchanged.`
			\n\nThanks for using the p5.js Web Editor!\n`
more password reset things 2016-10-18 02:56:19 +00:00			`};`
			`transporter.sendMail(message, (error, info) => {`
			`done(error);`
			`});`
create password reset token from FE, start to add flash text 2016-10-12 21:19:43 +00:00			`}`
			`], (err) => {`
			`if (err) {`
			`console.log(err);`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`return res.json({ success: false });`
more password reset stuff 2016-10-12 18:25:24 +00:00			`}`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`// send email here`
			`return res.json({ success: true, message: 'If the email is registered with the editor, an email has been sent.' });`
more password reset stuff 2016-10-12 18:25:24 +00:00			`});`
			`}`
add basic password reset functionality, no error checking or styling 2016-10-18 20:07:25 +00:00
			`export function validateResetPasswordToken(req, res) {`
			`User.findOne({ resetPasswordToken: req.params.token, resetPasswordExpires: { $gt: Date.now() } }, (err, user) => {`
			`if (!user) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`return res.status(401).json({ success: false, message: 'Password reset token is invalid or has expired.' });`
add basic password reset functionality, no error checking or styling 2016-10-18 20:07:25 +00:00			`}`
			`res.json({ success: true });`
			`});`
			`}`

			`export function updatePassword(req, res) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`User.findOne({ resetPasswordToken: req.params.token, resetPasswordExpires: { $gt: Date.now() } }, function (err, user) {`
add basic password reset functionality, no error checking or styling 2016-10-18 20:07:25 +00:00			`if (!user) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`return res.status(401).json({ success: false, message: 'Password reset token is invalid or has expired.' });`
add basic password reset functionality, no error checking or styling 2016-10-18 20:07:25 +00:00			`}`

			`user.password = req.body.password;`
			`user.resetPasswordToken = undefined;`
			`user.resetPasswordExpires = undefined;`

fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`user.save(function (err) {`
			`req.logIn(user, function (err) {`
add basic password reset functionality, no error checking or styling 2016-10-18 20:07:25 +00:00			`return res.json({`
			`email: req.user.email,`
			`username: req.user.username,`
			`preferences: req.user.preferences,`
			`id: req.user._id`
			`});`
			`});`
			`});`
			`});`

fix linting errors that are fixable with --fix in server side code 2016-11-17 16:15:35 +00:00			`// eventually send email that the password has been reset`
add basic password reset functionality, no error checking or styling 2016-10-18 20:07:25 +00:00			`}`