commit
ae2c6f7dce
11
app.js
11
app.js
|
@ -69,16 +69,18 @@ app.use(express.urlencoded());
|
|||
app.use(expressValidator());
|
||||
app.use(express.methodOverride());
|
||||
app.use(express.session({
|
||||
secret: 'your secret code',
|
||||
secret: secrets.sessionSecret,
|
||||
store: new MongoStore({
|
||||
db: mongoose.connection.db,
|
||||
auto_reconnect: true
|
||||
})
|
||||
}));
|
||||
app.use(express.csrf());
|
||||
app.use(passport.initialize());
|
||||
app.use(passport.session());
|
||||
app.use(function(req, res, next) {
|
||||
res.locals.user = req.user;
|
||||
res.locals.token = req.csrfToken();
|
||||
next();
|
||||
});
|
||||
app.use(flash());
|
||||
|
@ -90,6 +92,13 @@ app.use(function(req, res) {
|
|||
});
|
||||
app.use(express.errorHandler());
|
||||
|
||||
/*Helper function for CSRF
|
||||
app.dynamicHelpers({
|
||||
token: function(req, res) {
|
||||
return req.session._csrf;
|
||||
}
|
||||
});*/
|
||||
|
||||
/**
|
||||
* Application routes.
|
||||
*/
|
||||
|
|
|
@ -24,6 +24,8 @@ block content
|
|||
.form-group
|
||||
label.control-label(for='username') Password
|
||||
input.form-control(type='password', name='password', id='password', placeholder='Password')
|
||||
.form-group
|
||||
input.form-control(type='hidden', name='_csrf', value=token)
|
||||
.form-group
|
||||
button.btn.btn-primary(type='submit')
|
||||
i.fa.fa-unlock-alt
|
||||
|
|
|
@ -30,12 +30,15 @@ block content
|
|||
label.col-xs-2.control-label(for='website') Website
|
||||
.col-xs-4
|
||||
input.form-control(type='text', name='website', id='website', value='#{user.profile.website}')
|
||||
.form-group
|
||||
input.form-control(type='hidden', name='_csrf', value=token)
|
||||
.form-group
|
||||
.col-xs-offset-2.col-xs-4
|
||||
button.btn.btn.btn-primary(type='submit') Update Profile
|
||||
|
||||
|
||||
|
||||
|
||||
.page-header
|
||||
h3 Change Password
|
||||
|
||||
|
@ -48,6 +51,8 @@ block content
|
|||
label.col-xs-3.control-label(for='confirmPassword') Confirm Password
|
||||
.col-xs-4
|
||||
input.form-control(type='password', name='confirmPassword', id='confirmPassword')
|
||||
.form-group
|
||||
input.form-control(type='hidden', name='_csrf', value=token)
|
||||
.form-group
|
||||
.col-xs-offset-3.col-xs-4
|
||||
button.btn.btn.btn-primary(type='submit') Change Password
|
||||
|
@ -80,4 +85,4 @@ block content
|
|||
if user.github
|
||||
p: a.text-danger(href='/account/unlink/github') Unlink your GitHub account
|
||||
else
|
||||
p: a(href='/auth/github') Link your GitHub account
|
||||
p: a(href='/auth/github') Link your GitHub account
|
|
@ -15,6 +15,8 @@ block content
|
|||
label.col-sm-3.control-label(for='username') Confirm Password
|
||||
.col-sm-7
|
||||
input.form-control(type='password', name='confirmPassword', id='confirmPassword', placeholder='Confirm Password')
|
||||
.form-group
|
||||
input.form-control(type='hidden', name='_csrf', value=token)
|
||||
.form-group
|
||||
.col-sm-offset-3.col-sm-7
|
||||
button.btn.btn-success(type='submit')
|
||||
|
|
|
@ -17,6 +17,8 @@ block content
|
|||
label(class='col-sm-2 control-label', for='contactBody') Body
|
||||
.col-sm-8
|
||||
textarea.form-control(type='text', name='message', id='message', rows='7')
|
||||
.form-group
|
||||
input.form-control(type='hidden', name='_csrf', value=token)
|
||||
.form-group
|
||||
.col-sm-offset-2.col-sm-8
|
||||
button.btn.btn-default(type='submit')
|
||||
|
|
Loading…
Reference in New Issue