mirror of https://github.com/calzoneman/sync.git
Add password reset emailer
This commit is contained in:
parent
c8df4b036c
commit
5205afb9cd
43
api.js
43
api.js
|
@ -14,6 +14,7 @@ var Server = require("./server.js");
|
||||||
var Logger = require("./logger.js");
|
var Logger = require("./logger.js");
|
||||||
var apilog = new Logger.Logger("api.log");
|
var apilog = new Logger.Logger("api.log");
|
||||||
var Database = require("./database.js");
|
var Database = require("./database.js");
|
||||||
|
var Config = require("./config.js");
|
||||||
var fs = require("fs");
|
var fs = require("fs");
|
||||||
|
|
||||||
var plainHandlers = {
|
var plainHandlers = {
|
||||||
|
@ -250,10 +251,52 @@ function handlePasswordReset(params, req, res) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(!Config.MAIL) {
|
||||||
|
sendJSON(res, {
|
||||||
|
success: false,
|
||||||
|
error: "This server does not have email enabled. Contact an administrator"
|
||||||
|
});
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
var msg = [
|
||||||
|
"A password reset request was issued for your account `",
|
||||||
|
name,
|
||||||
|
"` on ",
|
||||||
|
Config.DOMAIN,
|
||||||
|
". This request is valid for 24 hours. ",
|
||||||
|
"If you did not initiate this, there is no need to take action. ",
|
||||||
|
"To reset your password, copy and paste the following link into ",
|
||||||
|
"your browser: ",
|
||||||
|
Config.DOMAIN,
|
||||||
|
"/reset.html?",
|
||||||
|
hash
|
||||||
|
].join("");
|
||||||
|
|
||||||
|
var mail = {
|
||||||
|
from: "CyTube Services <" + Config.MAIL_FROM + ">",
|
||||||
|
to: email,
|
||||||
|
subject: "Password reset request",
|
||||||
|
text: msg
|
||||||
|
};
|
||||||
|
|
||||||
|
Config.MAIL.sendMail(mail, function(err, response) {
|
||||||
|
if(err) {
|
||||||
|
Logger.errlog.log("Mail fail: " + err);
|
||||||
|
sendJSON(res, {
|
||||||
|
success: false,
|
||||||
|
error: "Email failed. Contact an admin if this persists."
|
||||||
|
});
|
||||||
|
}
|
||||||
|
else {
|
||||||
sendJSON(res, {
|
sendJSON(res, {
|
||||||
success: true
|
success: true
|
||||||
});
|
});
|
||||||
|
|
||||||
|
if(Config.DEBUG) {
|
||||||
|
Logger.syslog.log(response);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
function handlePasswordRecover(params, req, res) {
|
function handlePasswordRecover(params, req, res) {
|
||||||
|
|
18
config.js
18
config.js
|
@ -17,3 +17,21 @@ exports.IO_PORT = 1337; // Socket.IO port, DO NOT USE PORT 80.
|
||||||
exports.WEBSERVER_PORT = 8080; // Webserver port. Binding port 80 requires root permissions
|
exports.WEBSERVER_PORT = 8080; // Webserver port. Binding port 80 requires root permissions
|
||||||
exports.MAX_PER_IP = 10;
|
exports.MAX_PER_IP = 10;
|
||||||
exports.GUEST_LOGIN_DELAY = 60; // Seconds
|
exports.GUEST_LOGIN_DELAY = 60; // Seconds
|
||||||
|
|
||||||
|
var nodemailer = require("nodemailer");
|
||||||
|
exports.MAIL = false;
|
||||||
|
/* Example for setting up email:
|
||||||
|
exports.MAIL = nodemailer.createTransport("SMTP", {
|
||||||
|
service: "Gmail",
|
||||||
|
auth: {
|
||||||
|
user: "some.user@gmail.com",
|
||||||
|
pass: "supersecretpassword"
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
See https://github.com/andris9/Nodemailer
|
||||||
|
*/
|
||||||
|
exports.MAIL_FROM = "some.user@gmail.com";
|
||||||
|
// Domain for password reset link
|
||||||
|
// Email sent goes to exports.DOMAIN/reset.html?resethash
|
||||||
|
exports.DOMAIN = "http://localhost";
|
||||||
|
|
|
@ -655,8 +655,8 @@ function generatePasswordReset(ip, name, email) {
|
||||||
"`ip`, `name`, `hash`, `email`, `expire`",
|
"`ip`, `name`, `hash`, `email`, `expire`",
|
||||||
") VALUES (",
|
") VALUES (",
|
||||||
"?, ?, ?, ?, ?",
|
"?, ?, ?, ?, ?",
|
||||||
") ON DUPLICATE KEY UPDATE `expire`=?"].join(""),
|
") ON DUPLICATE KEY UPDATE `hash`=?,`expire`=?"].join(""),
|
||||||
[ip, name, hash, email, exp, exp]
|
[ip, name, hash, email, exp, hash, exp]
|
||||||
);
|
);
|
||||||
|
|
||||||
results = db.querySync(query);
|
results = db.querySync(query);
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
"express": ">=3.2",
|
"express": ">=3.2",
|
||||||
"mysql-libmysqlclient": "*",
|
"mysql-libmysqlclient": "*",
|
||||||
"node_hash": "*",
|
"node_hash": "*",
|
||||||
"bcrypt": "*"
|
"bcrypt": "*",
|
||||||
|
"nodemailer": "*"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ The above copyright notice and this permission notice shall be included in all c
|
||||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
const VERSION = "1.9.2";
|
const VERSION = "1.9.3";
|
||||||
|
|
||||||
var fs = require("fs");
|
var fs = require("fs");
|
||||||
var Logger = require("./logger.js");
|
var Logger = require("./logger.js");
|
||||||
|
|
|
@ -267,6 +267,7 @@ $("#cebtn").click(function() {
|
||||||
});
|
});
|
||||||
|
|
||||||
$("#rpbtn").click(function() {
|
$("#rpbtn").click(function() {
|
||||||
|
$("#rpbtn").text("Sending...");
|
||||||
$("#pwresetpane").find(".alert-error").remove();
|
$("#pwresetpane").find(".alert-error").remove();
|
||||||
$("#pwresetpane").find(".alert-success").remove();
|
$("#pwresetpane").find(".alert-success").remove();
|
||||||
var name = $("#rpusername").val();
|
var name = $("#rpusername").val();
|
||||||
|
@ -278,6 +279,7 @@ $("#rpbtn").click(function() {
|
||||||
"email=" + email
|
"email=" + email
|
||||||
].join("&") + "&callback=?";
|
].join("&") + "&callback=?";
|
||||||
$.getJSON(url, function(data) {
|
$.getJSON(url, function(data) {
|
||||||
|
$("#rpbtn").text("Send Reset");
|
||||||
if(data.success) {
|
if(data.success) {
|
||||||
$("<div/>").addClass("alert alert-success")
|
$("<div/>").addClass("alert alert-success")
|
||||||
.text("Password reset link issued. Check your email.")
|
.text("Password reset link issued. Check your email.")
|
||||||
|
|
Loading…
Reference in New Issue