SSL fixes; work on password reset

This commit is contained in:
calzoneman 2014-01-23 22:59:08 -06:00
parent 21af0af1be
commit 65ef082a64
5 changed files with 129 additions and 17 deletions

View File

@ -9,7 +9,6 @@ var logRequest = webserver.logRequest;
var sendJade = require('./jade').sendJade; var sendJade = require('./jade').sendJade;
var Logger = require('../logger'); var Logger = require('../logger');
var db = require('../database'); var db = require('../database');
//var dbchannels = require('../database/channels');
var $util = require('../utilities'); var $util = require('../utilities');
/** /**
@ -419,6 +418,81 @@ function handleAccountProfile(req, res) {
}); });
} }
/**
* Handles a GET request for /account/passwordreset
*/
function handlePasswordResetPage(req, res) {
if (webserver.redirectHttps(req, res)) {
return;
}
logRequest(req);
sendJade(res, "account-passwordreset", {
reset: false,
resetEmail: "",
resetErr: false
});
}
/**
* Handles a POST request to reset a user's password
*/
function handlePasswordReset(req, res) {
logRequest(req);
var name = req.body.name,
email = req.body.email;
if (typeof name !== "string" || typeof email !== "string") {
res.send(400);
return;
}
if (!$util.isValidUserName(name)) {
sendJade(res, "account-passwordreset", {
reset: false,
resetEmail: "",
resetErr: "Invalid username '" + name + "'"
});
return;
}
db.users.getEmail(name, function (err, actualEmail) {
if (err) {
sendJade(res, "account-passwordreset", {
reset: false,
resetEmail: "",
resetErr: err
});
return;
}
if (actualEmail !== email.trim()) {
sendJade(res, "account-passwordreset", {
reset: false,
resetEmail: "",
resetErr: "Provided email does not match the email address on record for " + name
});
return;
} else if (actualEmail === "") {
sendJade(res, "account-passwordreset", {
reset: false,
resetEmail: "",
resetErr: name + " doesn't have an email address on record. Please contact an " +
"administrator to manually reset your password."
});
return;
}
sendJade(res, "account-passwordreset", {
reset: true,
resetEmail: user.email,
resetErr: false
});
});
}
module.exports = { module.exports = {
/** /**
* Initialize the module * Initialize the module
@ -430,5 +504,7 @@ module.exports = {
app.post('/account/channels', handleAccountChannel); app.post('/account/channels', handleAccountChannel);
app.get('/account/profile', handleAccountProfilePage); app.get('/account/profile', handleAccountProfilePage);
app.post('/account/profile', handleAccountProfile); app.post('/account/profile', handleAccountProfile);
app.get("/account/passwordreset", handlePasswordResetPage);
app.post("/account/passwordreset", handlePasswordReset);
} }
}; };

View File

@ -0,0 +1,37 @@
doctype html
html(lang="en")
head
include head
mixin head()
body
#wrap
nav.navbar.navbar-inverse.navbar-fixed-top(role="navigation")
include nav
mixin navheader()
#nav-collapsible.collapse.navbar-collapse
ul.nav.navbar-nav
mixin navdefaultlinks("/account/passwordreset")
mixin navloginlogout("/account/passwordreset")
section#mainpage
.container
.col-lg-6.col-lg-offset-3.col-md-6.col-md-offset-3
h3 Reset Password
if reset
.alert.alert-success.center.messagebox
strong Password reset request sent
p Please check #{resetEmail} for your recovery link.
else if resetErr
.alert.alert-danger.center.messagebox
strong Error
p= resetErr
form(action="/account/passwordreset", method="post", role="form")
.form-group
label.control-label(for="username") Username
input#username.form-control(type="text", name="name")
.form-group
label.control-label(for="email") Email address
input#email.form-control(type="email", name="email")
button.btn.btn-primary.btn-block(type="submit") Send reset request
include footer
mixin footer()

View File

@ -186,8 +186,8 @@ html(lang="en")
include footer include footer
mixin footer() mixin footer()
script(src=sioSource) script(src=sioSource)
script(src="/sioconfig")
script(src="/assets/js/data.js") script(src="/assets/js/data.js")
script(src="/sioconfig")
script(src="/assets/js/util.js") script(src="/assets/js/util.js")
script(src="/assets/js/player.js") script(src="/assets/js/player.js")
script(src="/assets/js/paginator.js") script(src="/assets/js/paginator.js")

View File

@ -1040,20 +1040,19 @@ setupCallbacks = function() {
} }
} }
$.getScript(IO_URL+"/socket.io/socket.io.js", function() {
try { try {
if (NO_WEBSOCKETS || USEROPTS.altsocket) { if (NO_WEBSOCKETS || USEROPTS.altsocket) {
var i = io.transports.indexOf("websocket"); var i = io.transports.indexOf("websocket");
if(i >= 0) if (i >= 0) {
io.transports.splice(i, 1); io.transports.splice(i, 1);
} }
var opts = {};
if (location.protocol === "https:")
opts.secure = true;
socket = io.connect(IO_URL);
setupCallbacks();
} }
catch(e) { var opts = {};
if (location.protocol === "https:" || USEROPTS.secure_connection) {
opts.secure = true;
}
socket = io.connect(IO_URL, opts);
setupCallbacks();
} catch (e) {
Callbacks.disconnect(); Callbacks.disconnect();
} }
});

View File

@ -829,7 +829,6 @@ function handleModPermissions() {
setParentVisible("a[href='#cs-filtereditor']", CLIENT.rank >= 3); setParentVisible("a[href='#cs-filtereditor']", CLIENT.rank >= 3);
setParentVisible("a[href='#cs-chanranks']", CLIENT.rank >= 3); setParentVisible("a[href='#cs-chanranks']", CLIENT.rank >= 3);
setParentVisible("a[href='#cs-chanlog']", CLIENT.rank >= 3); setParentVisible("a[href='#cs-chanlog']", CLIENT.rank >= 3);
$("#qlockbtn").attr("disabled", !hasPermission("playlistlock"));
$("#cs-chatfilters-import").attr("disabled", !hasPermission("filterimport")); $("#cs-chatfilters-import").attr("disabled", !hasPermission("filterimport"));
} }
@ -838,6 +837,7 @@ function handlePermissionChange() {
handleModPermissions(); handleModPermissions();
} }
$("#qlockbtn").attr("disabled", !hasPermission("playlistlock"));
setVisible("#showchansettings", CLIENT.rank >= 2); setVisible("#showchansettings", CLIENT.rank >= 2);
setVisible("#playlistmanagerwrap", CLIENT.rank >= 1); setVisible("#playlistmanagerwrap", CLIENT.rank >= 1);
setVisible("#modflair", CLIENT.rank >= 2); setVisible("#modflair", CLIENT.rank >= 2);