2014-02-18 08:21:05 +00:00
|
|
|
var async = require('async');
|
2014-02-18 06:40:03 +00:00
|
|
|
var bcrypt = require('bcrypt-nodejs');
|
|
|
|
|
var nodemailer = require('nodemailer');
|
|
|
|
|
var User = require('../models/User');
|
2014-02-17 18:00:43 +00:00
|
|
|
|
|
|
|
|
/**
|
2014-02-18 06:40:03 +00:00
|
|
|
* GET /reset/:token
|
|
|
|
|
* Reset Password page.
|
2014-02-17 18:00:43 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
exports.getReset = function(req, res) {
|
2014-02-18 06:40:03 +00:00
|
|
|
if (req.isAuthenticated()) {
|
|
|
|
|
return res.redirect('/');
|
|
|
|
|
}
|
2014-02-17 18:00:43 +00:00
|
|
|
|
2014-02-18 08:21:05 +00:00
|
|
|
User
|
|
|
|
|
.where('resetPasswordToken', req.params.token)
|
|
|
|
|
.where('resetPasswordExpires').gt(Date.now())
|
|
|
|
|
.exec(function(err, user) {
|
|
|
|
|
if (!user) {
|
|
|
|
|
req.flash('errors', { msg: 'Password reset token is invalid or has expired.' });
|
|
|
|
|
return res.redirect('/forgot');
|
2014-02-17 18:00:43 +00:00
|
|
|
}
|
2014-02-18 08:21:05 +00:00
|
|
|
res.render('account/reset', {
|
|
|
|
|
title: 'Password Reset'
|
|
|
|
|
});
|
2014-02-17 18:00:43 +00:00
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
2014-02-18 08:21:05 +00:00
|
|
|
* POST /reset/:token
|
|
|
|
|
* Process the reset password request.
|
2014-02-17 18:00:43 +00:00
|
|
|
*/
|
|
|
|
|
|
2014-02-18 08:21:05 +00:00
|
|
|
exports.postReset = function(req, res, next) {
|
|
|
|
|
req.assert('password', 'Password must be at least 4 characters long.').len(4);
|
|
|
|
|
req.assert('confirm', 'Passwords must match.').equals(req.body.password);
|
2014-02-17 18:00:43 +00:00
|
|
|
|
2014-02-18 08:21:05 +00:00
|
|
|
var errors = req.validationErrors();
|
2014-02-17 18:00:43 +00:00
|
|
|
|
2014-02-18 08:21:05 +00:00
|
|
|
if (errors) {
|
|
|
|
|
req.flash('errors', errors);
|
|
|
|
|
return res.redirect('back');
|
|
|
|
|
}
|
2014-02-17 18:00:43 +00:00
|
|
|
|
2014-02-18 08:21:05 +00:00
|
|
|
async.waterfall([
|
|
|
|
|
function(done) {
|
|
|
|
|
User
|
|
|
|
|
.where('resetPasswordToken', req.params.token)
|
|
|
|
|
.where('resetPasswordExpires').gt(Date.now())
|
|
|
|
|
.exec(function(err, user) {
|
|
|
|
|
if (!user) {
|
|
|
|
|
req.flash('errors', { msg: 'Password reset request is invalid. It may have expired.' });
|
|
|
|
|
return res.redirect('back');
|
|
|
|
|
}
|
|
|
|
|
done(err, user);
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
function(user, done) {
|
|
|
|
|
user.password = req.body.password;
|
|
|
|
|
user.resetPasswordToken = undefined;
|
|
|
|
|
user.resetPasswordExpires = undefined;
|
|
|
|
|
|
|
|
|
|
user.save(function(err) {
|
|
|
|
|
if (err) return next(err);
|
|
|
|
|
req.logIn(user, function(err) {
|
|
|
|
|
done(err, user);
|
|
|
|
|
});
|
2014-02-17 18:00:43 +00:00
|
|
|
});
|
2014-02-18 08:21:05 +00:00
|
|
|
},
|
|
|
|
|
function(user, done) {
|
|
|
|
|
var smtpTransport = nodemailer.createTransport('SMTP', {
|
|
|
|
|
service: 'SendGrid',
|
|
|
|
|
auth: {
|
|
|
|
|
user: secrets.sendgrid.user,
|
|
|
|
|
pass: secrets.sendgrid.password
|
2014-02-17 18:00:43 +00:00
|
|
|
}
|
|
|
|
|
});
|
2014-02-18 08:21:05 +00:00
|
|
|
var mailOptions = {
|
|
|
|
|
to: user.profile.name + ' <' + user.email + '>',
|
|
|
|
|
from: 'hackathon@starter.com',
|
|
|
|
|
subject: 'Your Hackathon Starter password has been changed',
|
|
|
|
|
text: 'Hello,\n\n' +
|
|
|
|
|
'This is a confirmation that the password for your account ' + user.email + ' has just been changed.\n'
|
|
|
|
|
};
|
|
|
|
|
smtpTransport.sendMail(mailOptions, function(err) {
|
|
|
|
|
done(err);
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
], function(err) {
|
|
|
|
|
if (err) return next(err);
|
|
|
|
|
res.redirect('/');
|
2014-02-17 18:00:43 +00:00
|
|
|
});
|
|
|
|
|
};
|
