p5.js-web-editor/server/controllers/user.controller.js

import User from '../models/user';
import crypto from 'crypto';
import async from 'async';
import mail from '../utils/mail';
import auth from '../utils/auth';

export function createUser(req, res, next) {
  const user = new User({
    username: req.body.username,
    email: req.body.email,
    password: req.body.password
  });

  User.findOne({ email: req.body.email },
    (err, existingUser) => { // eslint-disable-line consistent-return
      if (err) { res.status(404).send({ error: err }); }

      if (existingUser) {
        return res.status(422).send({ error: 'Email is in use' });
      }
      user.save((saveErr) => { // eslint-disable-line consistent-return
        if (saveErr) { return next(saveErr); }
        req.logIn(user, (loginErr) => { // eslint-disable-line consistent-return
          if (loginErr) {
            return next(loginErr);
          }
          mail.send('email-verification', {
            body: {
              link: `http://${req.headers.host}/verify?t=${auth.createVerificationToken(req.body.email)}`
            },
            to: req.body.email,
            subject: 'Email Verification',
          }, (result) => { // eslint-disable-line no-unused-vars
            res.json({
              email: req.user.email,
              username: req.user.username,
              preferences: req.user.preferences,
              id: req.user._id
            });
          });
        });
      });
    });
}

export function duplicateUserCheck(req, res) {
  const checkType = req.query.check_type;
  const value = req.query[checkType];
  const query = {};
  query[checkType] = value;
  User.findOne(query, (err, user) => {
    if (user) {
      return res.json({
        exists: true,
        message: `This ${checkType} is already taken.`,
        type: checkType
      });
    }
    return res.json({
      exists: false,
      type: checkType
    });
  });
}

export function updatePreferences(req, res) {
  User.findById(req.user.id, (err, user) => {
    if (err) {
      return res.status(500).json({ error: err });
    }
    if (!user) {
      return res.status(404).json({ error: 'Document not found' });
    }

    const preferences = Object.assign({}, user.preferences, req.body.preferences);
    user.preferences = preferences;

    user.save((err) => {
      if (err) {
        return res.status(500).json({ error: err });
      }

      return res.json(user.preferences);
    });
  });
}

export function resetPasswordInitiate(req, res) {
  async.waterfall([
    (done) => {
      crypto.randomBytes(20, (err, buf) => {
        const token = buf.toString('hex');
        done(err, token);
      });
    },
    (token, done) => {
      User.findOne({ email: req.body.email }, (err, user) => {
        if (!user) {
          return res.json({ success: true, message: 'If the email is registered with the editor, an email has been sent.' });
        }
        user.resetPasswordToken = token;
        user.resetPasswordExpires = Date.now() + 3600000; // 1 hour

        user.save((err) => {
          done(err, token, user);
        });
      });
    },
    (token, user, done) => {
      mail.send('reset-password', {
        body: {
          link: `http://${req.headers.host}/reset-password/${token}`,
        },
        to: user.email,
        subject: 'p5.js Web Editor Password Reset',
      }, done);
    }
  ], (err) => {
    if (err) {
      console.log(err);
      return res.json({ success: false });
    }
    // send email here
    return res.json({ success: true, message: 'If the email is registered with the editor, an email has been sent.' });
  });
}

export function validateResetPasswordToken(req, res) {
  User.findOne({ resetPasswordToken: req.params.token, resetPasswordExpires: { $gt: Date.now() } }, (err, user) => {
    if (!user) {
      return res.status(401).json({ success: false, message: 'Password reset token is invalid or has expired.' });
    }
    res.json({ success: true });
  });
}

export function verifyEmail(req, res) {
  const token = req.query.t;
  // verify the token
  auth.verifyEmailToken(token)
  .then((data) => {
    const email = data.email;
    // change the verified field for the user or throw if the user is not found
    User.findOne({ email })
    .then((user) => {
      // change the field for the user, and send the new cookie
      user.verified = 0; // eslint-disable-line
      user.save()
      .then((result) => { // eslint-disable-line
        res.json({ user });
      });
    });
  })
  .catch((err) => {
    res.json(err);
  });
}

export function updatePassword(req, res) {
  User.findOne({ resetPasswordToken: req.params.token, resetPasswordExpires: { $gt: Date.now() } }, function (err, user) {
    if (!user) {
      return res.status(401).json({ success: false, message: 'Password reset token is invalid or has expired.' });
    }

    user.password = req.body.password;
    user.resetPasswordToken = undefined;
    user.resetPasswordExpires = undefined;

    user.save(function (err) {
      req.logIn(user, function (err) {
        return res.json({
          email: req.user.email,
          username: req.user.username,
          preferences: req.user.preferences,
          id: req.user._id
        });
      });
    });
  });

  // eventually send email that the password has been reset
}

export function userExists(username, callback) {
  User.findOne({ username }, (err, user) => (
    user ? callback(true) : callback(false)
  ));
}
fix a ton of eslint errors 2016-06-24 00:29:55 +02:00			`import User from '../models/user';`
create password reset token from FE, start to add flash text 2016-10-12 23:19:43 +02:00			`import crypto from 'crypto';`
			`import async from 'async';`
Email verification (#230) * Making the email separate for future enhancements * email-verification added * Github users are verified * update package * Bug fixes and improvements * jade to pug * Bug fix * changed route 2017-01-13 16:24:09 +01:00			`import mail from '../utils/mail';`
			`import auth from '../utils/auth';`
sign up view renders, not tested if functional 2016-06-09 02:52:59 +02:00
			`export function createUser(req, res, next) {`
fix a ton of eslint errors 2016-06-24 00:29:55 +02:00			`const user = new User({`
			`username: req.body.username,`
sign up view renders, not tested if functional 2016-06-09 02:52:59 +02:00			`email: req.body.email,`
			`password: req.body.password`
			`});`

fix a ton of eslint errors 2016-06-24 00:29:55 +02:00			`User.findOne({ email: req.body.email },`
			`(err, existingUser) => { // eslint-disable-line consistent-return`
			`if (err) { res.status(404).send({ error: err }); }`
sign up view renders, not tested if functional 2016-06-09 02:52:59 +02:00
fix a ton of eslint errors 2016-06-24 00:29:55 +02:00			`if (existingUser) {`
			`return res.status(422).send({ error: 'Email is in use' });`
			`}`
			`user.save((saveErr) => { // eslint-disable-line consistent-return`
			`if (saveErr) { return next(saveErr); }`
			`req.logIn(user, (loginErr) => { // eslint-disable-line consistent-return`
			`if (loginErr) {`
			`return next(loginErr);`
			`}`
Email verification (#230) * Making the email separate for future enhancements * email-verification added * Github users are verified * update package * Bug fixes and improvements * jade to pug * Bug fix * changed route 2017-01-13 16:24:09 +01:00			`mail.send('email-verification', {`
			`body: {`
			link: `http://${req.headers.host}/verify?t=${auth.createVerificationToken(req.body.email)}`
			`},`
			`to: req.body.email,`
			`subject: 'Email Verification',`
			`}, (result) => { // eslint-disable-line no-unused-vars`
			`res.json({`
			`email: req.user.email,`
			`username: req.user.username,`
			`preferences: req.user.preferences,`
			`id: req.user._id`
			`});`
fix a ton of eslint errors 2016-06-24 00:29:55 +02:00			`});`
			`});`
			`});`
			`});`
			`}`
put preferences to server, need to look at mongoose docs tho because is wrong 2016-08-05 03:43:13 +02:00
check for duplicate email and username 2016-09-02 20:51:30 +02:00			`export function duplicateUserCheck(req, res) {`
			`const checkType = req.query.check_type;`
			`const value = req.query[checkType];`
			`const query = {};`
			`query[checkType] = value;`
			`User.findOne(query, (err, user) => {`
			`if (user) {`
			`return res.json({`
			`exists: true,`
			message: `This ${checkType} is already taken.`,
			`type: checkType`
			`});`
			`}`
			`return res.json({`
			`exists: false,`
			`type: checkType`
			`});`
			`});`
			`}`

put preferences to server, need to look at mongoose docs tho because is wrong 2016-08-05 03:43:13 +02:00			`export function updatePreferences(req, res) {`
update preferences server side 2016-08-09 20:20:54 +02:00			`User.findById(req.user.id, (err, user) => {`
			`if (err) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`return res.status(500).json({ error: err });`
update preferences server side 2016-08-09 20:20:54 +02:00			`}`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`if (!user) {`
			`return res.status(404).json({ error: 'Document not found' });`
update preferences server side 2016-08-09 20:20:54 +02:00			`}`

			`const preferences = Object.assign({}, user.preferences, req.body.preferences);`
			`user.preferences = preferences;`

			`user.save((err) => {`
			`if (err) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`return res.status(500).json({ error: err });`
update preferences server side 2016-08-09 20:20:54 +02:00			`}`

			`return res.json(user.preferences);`
			`});`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`});`
put preferences to server, need to look at mongoose docs tho because is wrong 2016-08-05 03:43:13 +02:00			`}`
more password reset stuff 2016-10-12 20:25:24 +02:00
			`export function resetPasswordInitiate(req, res) {`
create password reset token from FE, start to add flash text 2016-10-12 23:19:43 +02:00			`async.waterfall([`
			`(done) => {`
fix some linting errors 2017-01-11 21:50:36 +01:00			`crypto.randomBytes(20, (err, buf) => {`
			`const token = buf.toString('hex');`
create password reset token from FE, start to add flash text 2016-10-12 23:19:43 +02:00			`done(err, token);`
			`});`
			`},`
			`(token, done) => {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`User.findOne({ email: req.body.email }, (err, user) => {`
create password reset token from FE, start to add flash text 2016-10-12 23:19:43 +02:00			`if (!user) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`return res.json({ success: true, message: 'If the email is registered with the editor, an email has been sent.' });`
create password reset token from FE, start to add flash text 2016-10-12 23:19:43 +02:00			`}`
			`user.resetPasswordToken = token;`
			`user.resetPasswordExpires = Date.now() + 3600000; // 1 hour`

fix some linting errors 2017-01-11 21:50:36 +01:00			`user.save((err) => {`
create password reset token from FE, start to add flash text 2016-10-12 23:19:43 +02:00			`done(err, token, user);`
			`});`
			`});`
more password reset things 2016-10-18 04:56:19 +02:00			`},`
			`(token, user, done) => {`
Email verification (#230) * Making the email separate for future enhancements * email-verification added * Github users are verified * update package * Bug fixes and improvements * jade to pug * Bug fix * changed route 2017-01-13 16:24:09 +01:00			`mail.send('reset-password', {`
			`body: {`
			link: `http://${req.headers.host}/reset-password/${token}`,
			`},`
more password reset things 2016-10-18 04:56:19 +02:00			`to: user.email,`
			`subject: 'p5.js Web Editor Password Reset',`
Email verification (#230) * Making the email separate for future enhancements * email-verification added * Github users are verified * update package * Bug fixes and improvements * jade to pug * Bug fix * changed route 2017-01-13 16:24:09 +01:00			`}, done);`
create password reset token from FE, start to add flash text 2016-10-12 23:19:43 +02:00			`}`
			`], (err) => {`
			`if (err) {`
			`console.log(err);`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`return res.json({ success: false });`
more password reset stuff 2016-10-12 20:25:24 +02:00			`}`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`// send email here`
			`return res.json({ success: true, message: 'If the email is registered with the editor, an email has been sent.' });`
more password reset stuff 2016-10-12 20:25:24 +02:00			`});`
			`}`
add basic password reset functionality, no error checking or styling 2016-10-18 22:07:25 +02:00
			`export function validateResetPasswordToken(req, res) {`
			`User.findOne({ resetPasswordToken: req.params.token, resetPasswordExpires: { $gt: Date.now() } }, (err, user) => {`
			`if (!user) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`return res.status(401).json({ success: false, message: 'Password reset token is invalid or has expired.' });`
add basic password reset functionality, no error checking or styling 2016-10-18 22:07:25 +02:00			`}`
			`res.json({ success: true });`
			`});`
			`}`

Email verification (#230) * Making the email separate for future enhancements * email-verification added * Github users are verified * update package * Bug fixes and improvements * jade to pug * Bug fix * changed route 2017-01-13 16:24:09 +01:00			`export function verifyEmail(req, res) {`
			`const token = req.query.t;`
			`// verify the token`
			`auth.verifyEmailToken(token)`
			`.then((data) => {`
			`const email = data.email;`
			`// change the verified field for the user or throw if the user is not found`
			`User.findOne({ email })`
			`.then((user) => {`
			`// change the field for the user, and send the new cookie`
			`user.verified = 0; // eslint-disable-line`
			`user.save()`
			`.then((result) => { // eslint-disable-line`
			`res.json({ user });`
			`});`
			`});`
			`})`
			`.catch((err) => {`
			`res.json(err);`
			`});`
			`}`

add basic password reset functionality, no error checking or styling 2016-10-18 22:07:25 +02:00			`export function updatePassword(req, res) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`User.findOne({ resetPasswordToken: req.params.token, resetPasswordExpires: { $gt: Date.now() } }, function (err, user) {`
add basic password reset functionality, no error checking or styling 2016-10-18 22:07:25 +02:00			`if (!user) {`
fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`return res.status(401).json({ success: false, message: 'Password reset token is invalid or has expired.' });`
add basic password reset functionality, no error checking or styling 2016-10-18 22:07:25 +02:00			`}`

			`user.password = req.body.password;`
			`user.resetPasswordToken = undefined;`
			`user.resetPasswordExpires = undefined;`

fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`user.save(function (err) {`
			`req.logIn(user, function (err) {`
add basic password reset functionality, no error checking or styling 2016-10-18 22:07:25 +02:00			`return res.json({`
			`email: req.user.email,`
			`username: req.user.username,`
			`preferences: req.user.preferences,`
			`id: req.user._id`
			`});`
			`});`
			`});`
			`});`

fix linting errors that are fixable with --fix in server side code 2016-11-17 17:15:35 +01:00			`// eventually send email that the password has been reset`
add basic password reset functionality, no error checking or styling 2016-10-18 22:07:25 +02:00			`}`
Fixed #158 and #100 (#198) * Changed unsaved changes asterisk to an svg circle. #158 * Fixed #100 Unmatched routes are handled by react-router on the client side and a single wildcard route on server.routes.js renders the index html. When the /:username/sketches route is matched and the username is not valid, the user will be redirected to the index route and a toast will explain what happened. When the username is 'p5' (default when logged out) it will show all sketches. Maybe this should be changed to just public or 'local' sketches? * Moved unsaved changes SVG to a separate file. * User not found is now a 404 error. * Added server rendered 404 page. * Removed console.log * 404 Page now renders a random p5 sketch. TODO: make 404 sketches. * Added 404 header 404 page now fetches a random example sketch * Moved circle closer to file name * Render 404 page in SketchList route if !user 2017-01-06 19:08:03 +01:00
			`export function userExists(username, callback) {`
			`User.findOne({ username }, (err, user) => (`
			`user ? callback(true) : callback(false)`
			`));`
			`}`