freeCodeCamp/controllers/user.js

var mongoose = require('mongoose');
var passport = require('passport');
var _ = require('underscore');
var User = require('../models/User');

/**
 * GET /login
 * Login page.
 */

exports.getLogin = function(req, res) {
  if (req.user) return res.redirect('/');
  res.render('account/login', {
    title: 'Login'
  });
};

/**
 * POST /login
 * Sign in using email and password.
 * @param {string} email
 * @param {string} password
 */

exports.postLogin = function(req, res, next) {
  req.assert('email', 'Email cannot be blank').notEmpty();
  req.assert('email', 'Email is not valid').isEmail();
  req.assert('password', 'Password cannot be blank').notEmpty();

  var errors = req.validationErrors();

  if (errors) {
    req.flash('errors', errors);
    return res.redirect('/login');
  }

  passport.authenticate('local', function(err, user, info) {
    if (err) return next(err);

    if (!user) {
      req.flash('errors', { msg: info.message });
      return res.redirect('/login');
    }

    req.logIn(user, function(err) {
      if (err) return next(err);
      return res.redirect('/');
    });
  })(req, res, next);
};

/**
 * GET /signup
 * Signup page.
 */

exports.getSignup = function(req, res) {
  if (req.user) return res.redirect('/');
  res.render('account/signup', {
    title: 'Create Account'
  });
};

/**
 * POST /signup
 * Create a new local account.
 * @param {string} email
 * @param {string} password
 */

exports.postSignup = function(req, res, next) {
  req.assert('email', 'Email cannot be blank').notEmpty();
  req.assert('email', 'Email is not valid').isEmail();
  req.assert('password', 'Password cannot be blank').notEmpty();
  req.assert('password', 'Password must be at least 4 characters long').len(4);
  req.assert('confirmPassword', 'Passwords do not match').equals(req.body.password);

  var errors = req.validationErrors();

  if (errors) {
    req.flash('errors', errors);
    return res.redirect('/signup');
  }

  var user = new User({
    email: req.body.email,
    password: req.body.password
  });

  user.save(function(err) {
    if (err) {
      if (err.code === 11000) {
        req.flash('errors', { msg: 'User already exists.' });
      }
      return res.redirect('/signup');
    }
    req.logIn(user, function(err) {
      if (err) return next(err);
      res.redirect('/');
    });
  });
};

/**
 * GET /account
 * Profile page.
 */

exports.getAccount = function(req, res) {
  res.render('account/profile', {
    title: 'Account Management'
  });
};

/**
 * POST /account/profile
 * Update profile information.
 */

exports.postUpdateProfile = function(req, res, next) {
  User.findById(req.user.id, function(err, user) {
    if (err) return next(err);
    user.email = req.body.email || '';
    user.profile.name = req.body.name || '';
    user.profile.gender = req.body.gender || '';
    user.profile.location = req.body.location || '';
    user.profile.website = req.body.website || '';

    user.save(function(err) {
      if (err) return next(err);
      req.flash('success', { msg: 'Profile information updated.' });
      res.redirect('/account');
    });
  });
};

/**
 * POST /account/password
 * Update current password.
 * @param {string} password
 */

exports.postUpdatePassword = function(req, res, next) {
  if (!req.body.password) {
    req.flash('errors', { msg: 'Password cannot be blank.' });
    return res.redirect('/account');
  }

  if (req.body.password !== req.body.confirmPassword) {
    req.flash('errors', { msg: 'Passwords do not match.' });
    return res.redirect('/account');
  }

  User.findById(req.user.id, function(err, user) {
    if (err) return next(err);

    user.password = req.body.password;

    user.save(function(err) {
      if (err) return next(err);
      req.flash('success', { msg: 'Password has been changed.' });
      res.redirect('/account');
    });
  });
};

/**
 * POST /account/delete
 * Delete user account.
 * @param {string} id
 */

exports.postDeleteAccount = function(req, res, next) {
  User.remove({ _id: req.user.id }, function(err) {
    if (err) return next(err);
    req.logout();
    res.redirect('/');
  });
};

/**
 * GET /account/unlink/:provider
 * Unlink OAuth2 provider from the current user.
 * @param {string} provider
 * @param {string} id
 */

exports.getOauthUnlink = function(req, res, next) {
  var provider = req.params.provider;
  User.findById(req.user.id, function(err, user) {
    if (err) return next(err);

    user[provider] = undefined;
    user.tokens = _.reject(user.tokens, function(token) { return token.kind === provider; });

    user.save(function(err) {
      if (err) return next(err);
      res.redirect('/account');
    });
  });
};

/**
 * GET /logout
 * Log out.
 */

exports.logout = function(req, res) {
  req.logout();
  res.redirect('/');
};
Add authentication middleware to github route. Removed old ios7 signup login page for now. 2013-12-20 07:39:51 +00:00			`var mongoose = require('mongoose');`
			`var passport = require('passport');`
			`var _ = require('underscore');`
validation errors for signup page 2013-11-18 23:21:42 +00:00			`var User = require('../models/User');`
Finally got angular to work with express partial routes 2013-11-14 07:29:55 +00:00
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`/**`
			`* GET /login`
			`* Login page.`
			`*/`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`exports.getLogin = function(req, res) {`
			`if (req.user) return res.redirect('/');`
			`res.render('account/login', {`
Update flash notifications on login, profile, signup pages to work with new express-flash 2014-01-28 22:41:13 +00:00			`title: 'Login'`
Added account management page 2013-11-19 18:20:50 +00:00			`});`
Finally got angular to work with express partial routes 2013-11-14 07:29:55 +00:00			`};`

Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`/**`
			`* POST /login`
			`* Sign in using email and password.`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00			`* @param {string} email`
			`* @param {string} password`
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`*/`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`exports.postLogin = function(req, res, next) {`
Add Login route express validations 2014-01-24 03:47:21 +00:00			`req.assert('email', 'Email cannot be blank').notEmpty();`
			`req.assert('email', 'Email is not valid').isEmail();`
			`req.assert('password', 'Password cannot be blank').notEmpty();`

			`var errors = req.validationErrors();`

			`if (errors) {`
			`req.flash('errors', errors);`
			`return res.redirect('/login');`
			`}`

Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`passport.authenticate('local', function(err, user, info) {`
			`if (err) return next(err);`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`if (!user) {`
Add Login route express validations 2014-01-24 03:47:21 +00:00			`req.flash('errors', { msg: info.message });`
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`return res.redirect('/login');`
			`}`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`req.logIn(user, function(err) {`
			`if (err) return next(err);`
			`return res.redirect('/');`
			`});`
			`})(req, res, next);`
			`};`

Update flash notifications on login, profile, signup pages to work with new express-flash 2014-01-28 22:41:13 +00:00			`/**`
			`* GET /signup`
			`* Signup page.`
			`*/`

			`exports.getSignup = function(req, res) {`
			`if (req.user) return res.redirect('/');`
			`res.render('account/signup', {`
			`title: 'Create Account'`
			`});`
			`};`

Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`/**`
			`* POST /signup`
			`* Create a new local account.`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00			`* @param {string} email`
			`* @param {string} password`
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`*/`

Updated jsdoc comments 2014-01-13 09:34:54 +00:00			`exports.postSignup = function(req, res, next) {`
Add express validators to signup page, replaces custom written if statements 2014-01-24 03:39:59 +00:00			`req.assert('email', 'Email cannot be blank').notEmpty();`
			`req.assert('email', 'Email is not valid').isEmail();`
			`req.assert('password', 'Password cannot be blank').notEmpty();`
			`req.assert('password', 'Password must be at least 4 characters long').len(4);`
			`req.assert('confirmPassword', 'Passwords do not match').equals(req.body.password);`
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00
Add express validators to signup page, replaces custom written if statements 2014-01-24 03:39:59 +00:00			`var errors = req.validationErrors();`
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00
Add express validators to signup page, replaces custom written if statements 2014-01-24 03:39:59 +00:00			`if (errors) {`
			`req.flash('errors', errors);`
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`return res.redirect('/signup');`
			`}`

			`var user = new User({`
POST signup controller updated username to email field during new User creation. 2014-01-18 06:56:55 +00:00			`email: req.body.email,`
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`password: req.body.password`
			`});`

			`user.save(function(err) {`
			`if (err) {`
			`if (err.code === 11000) {`
Add express validators to signup page, replaces custom written if statements 2014-01-24 03:39:59 +00:00			`req.flash('errors', { msg: 'User already exists.' });`
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`}`
			`return res.redirect('/signup');`
			`}`
			`req.logIn(user, function(err) {`
			`if (err) return next(err);`
			`res.redirect('/');`
			`});`
			`});`
			`};`

Update flash notifications on login, profile, signup pages to work with new express-flash 2014-01-28 22:41:13 +00:00			`/**`
			`* GET /account`
			`* Profile page.`
			`*/`

			`exports.getAccount = function(req, res) {`
			`res.render('account/profile', {`
			`title: 'Account Management'`
			`});`
			`};`
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00
Refactoring and code cleanup 2013-12-15 19:02:41 +00:00			`/**`
Refactoring 2014-01-07 19:13:35 +00:00			`* POST /account/profile`
			`* Update profile information.`
Refactoring and code cleanup 2013-12-15 19:02:41 +00:00			`*/`
Update flash notifications on login, profile, signup pages to work with new express-flash 2014-01-28 22:41:13 +00:00
Refactoring 2014-01-07 19:13:35 +00:00			`exports.postUpdateProfile = function(req, res, next) {`
User profile information is now successfully saved and retrieved back on account profile page 2013-12-06 04:53:14 +00:00			`User.findById(req.user.id, function(err, user) {`
Error handling via middleware in routes 2013-12-20 01:17:15 +00:00			`if (err) return next(err);`
Updating email on profile page will correctly update it in the databse. Fixes issue #25 2014-01-30 22:29:06 +00:00			`user.email = req.body.email \|\| '';`
User profile information is now successfully saved and retrieved back on account profile page 2013-12-06 04:53:14 +00:00			`user.profile.name = req.body.name \|\| '';`
Updating gender radio button now correctly updates the database value 2013-12-06 05:25:49 +00:00			`user.profile.gender = req.body.gender \|\| '';`
User profile information is now successfully saved and retrieved back on account profile page 2013-12-06 04:53:14 +00:00			`user.profile.location = req.body.location \|\| '';`
			`user.profile.website = req.body.website \|\| '';`

			`user.save(function(err) {`
Error handling via middleware in routes 2013-12-20 01:17:15 +00:00			`if (err) return next(err);`
Update flash notifications on login, profile, signup pages to work with new express-flash 2014-01-28 22:41:13 +00:00			`req.flash('success', { msg: 'Profile information updated.' });`
User profile information is now successfully saved and retrieved back on account profile page 2013-12-06 04:53:14 +00:00			`res.redirect('/account');`
			`});`
			`});`
			`};`

Refactoring and code cleanup 2013-12-15 19:02:41 +00:00			`/**`
Refactoring 2014-01-07 19:13:35 +00:00			`* POST /account/password`
			`* Update current password.`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00			`* @param {string} password`
Refactoring and code cleanup 2013-12-15 19:02:41 +00:00			`*/`
Refactoring 2013-12-15 19:11:57 +00:00
Updated jsdoc comments 2014-01-13 09:34:54 +00:00			`exports.postUpdatePassword = function(req, res, next) {`
Refactoring 2014-01-07 23:15:14 +00:00			`if (!req.body.password) {`
Update flash notifications on login, profile, signup pages to work with new express-flash 2014-01-28 22:41:13 +00:00			`req.flash('errors', { msg: 'Password cannot be blank.' });`
Refactoring 2013-12-15 19:11:57 +00:00			`return res.redirect('/account');`
			`}`

Implemented change password functionality 2013-12-13 02:47:34 +00:00			`if (req.body.password !== req.body.confirmPassword) {`
Update flash notifications on login, profile, signup pages to work with new express-flash 2014-01-28 22:41:13 +00:00			`req.flash('errors', { msg: 'Passwords do not match.' });`
Implemented change password functionality 2013-12-13 02:47:34 +00:00			`return res.redirect('/account');`
			`}`

			`User.findById(req.user.id, function(err, user) {`
Cleaned up code + simplified 2013-12-20 19:12:29 +00:00			`if (err) return next(err);`
Refactoring 2014-01-07 23:15:14 +00:00
Implemented change password functionality 2013-12-13 02:47:34 +00:00			`user.password = req.body.password;`
Refactoring 2014-01-07 23:15:14 +00:00
Implemented change password functionality 2013-12-13 02:47:34 +00:00			`user.save(function(err) {`
Cleaned up code + simplified 2013-12-20 19:12:29 +00:00			`if (err) return next(err);`
Update flash notifications on login, profile, signup pages to work with new express-flash 2014-01-28 22:41:13 +00:00			`req.flash('success', { msg: 'Password has been changed.' });`
Implemented change password functionality 2013-12-13 02:47:34 +00:00			`res.redirect('/account');`
			`});`
			`});`
User profile information is now successfully saved and retrieved back on account profile page 2013-12-06 04:53:14 +00:00			`};`

Refactoring and code cleanup 2013-12-15 19:02:41 +00:00			`/**`
			`* POST /account/delete`
Refactoring 2014-01-07 19:13:35 +00:00			`* Delete user account.`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00			`* @param {string} id`
Refactoring and code cleanup 2013-12-15 19:02:41 +00:00			`*/`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00
Error handling via middleware in routes 2013-12-20 01:17:15 +00:00			`exports.postDeleteAccount = function(req, res, next) {`
Implemented Delete account feature 2013-12-12 17:41:29 +00:00			`User.remove({ _id: req.user.id }, function(err) {`
Error handling via middleware in routes 2013-12-20 01:17:15 +00:00			`if (err) return next(err);`
Implemented Delete account feature 2013-12-12 17:41:29 +00:00			`req.logout();`
			`res.redirect('/');`
			`});`
			`};`

Oauth linking and unlinking controller and route placeholders 2013-12-12 19:05:35 +00:00			`/**`
Unlink provider: delete its tokens and provider id 2013-12-13 05:49:46 +00:00			`* GET /account/unlink/:provider`
Refactoring 2014-01-07 23:15:14 +00:00			`* Unlink OAuth2 provider from the current user.`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00			`* @param {string} provider`
			`* @param {string} id`
Oauth linking and unlinking controller and route placeholders 2013-12-12 19:05:35 +00:00			`*/`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00
Error handling via middleware in routes 2013-12-20 01:17:15 +00:00			`exports.getOauthUnlink = function(req, res, next) {`
Unlink provider: delete its tokens and provider id 2013-12-13 05:49:46 +00:00			`var provider = req.params.provider;`
Remove user's token and provider ID on oauth unlink 2013-12-13 05:27:51 +00:00			`User.findById(req.user.id, function(err, user) {`
Error handling via middleware in routes 2013-12-20 01:17:15 +00:00			`if (err) return next(err);`
Comments on User controller routes 2013-12-20 06:59:05 +00:00
Google linking and unlinking works successfully now 2013-12-13 06:12:59 +00:00			`user[provider] = undefined;`
Updated token unlinking 2014-01-07 19:35:23 +00:00			`user.tokens = _.reject(user.tokens, function(token) { return token.kind === provider; });`
Comments on User controller routes 2013-12-20 06:59:05 +00:00
Remove user's token and provider ID on oauth unlink 2013-12-13 05:27:51 +00:00			`user.save(function(err) {`
Error handling via middleware in routes 2013-12-20 01:17:15 +00:00			`if (err) return next(err);`
Refactoring + improved validation on POST signup 2014-01-07 22:45:42 +00:00			`res.redirect('/account');`
Remove user's token and provider ID on oauth unlink 2013-12-13 05:27:51 +00:00			`});`
			`});`
Finally got angular to work with express partial routes 2013-11-14 07:29:55 +00:00			`};`

Fixed Login passport configuration, plus code refactoring and cleanup 2013-11-18 22:37:50 +00:00			`/**`
			`* GET /logout`
Refactoring 2014-01-07 23:15:14 +00:00			`* Log out.`
Fixed Login passport configuration, plus code refactoring and cleanup 2013-11-18 22:37:50 +00:00			`*/`
Updated jsdoc comments 2014-01-13 09:34:54 +00:00
Finally got angular to work with express partial routes 2013-11-14 07:29:55 +00:00			`exports.logout = function(req, res) {`
			`req.logout();`
			`res.redirect('/');`
Comments on User controller routes 2013-12-20 06:59:05 +00:00			`};`