SSL fixes; work on password reset
This commit is contained in:
calzoneman
parent
21af0af1be
commit
65ef082a64
5 changed files with 129 additions and 17 deletions
|
|
@ -9,7 +9,6 @@ var logRequest = webserver.logRequest;
|
|||
var sendJade = require('./jade').sendJade;
|
||||
var Logger = require('../logger');
|
||||
var db = require('../database');
|
||||
//var dbchannels = require('../database/channels');
|
||||
var $util = require('../utilities');
|
||||
|
||||
/**
|
||||
|
|
@ -419,6 +418,81 @@ function handleAccountProfile(req, res) {
|
|||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Handles a GET request for /account/passwordreset
|
||||
*/
|
||||
function handlePasswordResetPage(req, res) {
|
||||
if (webserver.redirectHttps(req, res)) {
|
||||
return;
|
||||
}
|
||||
|
||||
logRequest(req);
|
||||
|
||||
sendJade(res, "account-passwordreset", {
|
||||
reset: false,
|
||||
resetEmail: "",
|
||||
resetErr: false
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Handles a POST request to reset a user's password
|
||||
*/
|
||||
function handlePasswordReset(req, res) {
|
||||
logRequest(req);
|
||||
|
||||
var name = req.body.name,
|
||||
email = req.body.email;
|
||||
|
||||
if (typeof name !== "string" || typeof email !== "string") {
|
||||
res.send(400);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!$util.isValidUserName(name)) {
|
||||
sendJade(res, "account-passwordreset", {
|
||||
reset: false,
|
||||
resetEmail: "",
|
||||
resetErr: "Invalid username '" + name + "'"
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
db.users.getEmail(name, function (err, actualEmail) {
|
||||
if (err) {
|
||||
sendJade(res, "account-passwordreset", {
|
||||
reset: false,
|
||||
resetEmail: "",
|
||||
resetErr: err
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
if (actualEmail !== email.trim()) {
|
||||
sendJade(res, "account-passwordreset", {
|
||||
reset: false,
|
||||
resetEmail: "",
|
||||
resetErr: "Provided email does not match the email address on record for " + name
|
||||
});
|
||||
return;
|
||||
} else if (actualEmail === "") {
|
||||
sendJade(res, "account-passwordreset", {
|
||||
reset: false,
|
||||
resetEmail: "",
|
||||
resetErr: name + " doesn't have an email address on record. Please contact an " +
|
||||
"administrator to manually reset your password."
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
sendJade(res, "account-passwordreset", {
|
||||
reset: true,
|
||||
resetEmail: user.email,
|
||||
resetErr: false
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
/**
|
||||
* Initialize the module
|
||||
|
|
@ -430,5 +504,7 @@ module.exports = {
|
|||
app.post('/account/channels', handleAccountChannel);
|
||||
app.get('/account/profile', handleAccountProfilePage);
|
||||
app.post('/account/profile', handleAccountProfile);
|
||||
app.get("/account/passwordreset", handlePasswordResetPage);
|
||||
app.post("/account/passwordreset", handlePasswordReset);
|
||||
}
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue