mirror of https://github.com/calzoneman/sync.git
SSL fixes; work on password reset
This commit is contained in:
parent
21af0af1be
commit
65ef082a64
|
@ -9,7 +9,6 @@ var logRequest = webserver.logRequest;
|
||||||
var sendJade = require('./jade').sendJade;
|
var sendJade = require('./jade').sendJade;
|
||||||
var Logger = require('../logger');
|
var Logger = require('../logger');
|
||||||
var db = require('../database');
|
var db = require('../database');
|
||||||
//var dbchannels = require('../database/channels');
|
|
||||||
var $util = require('../utilities');
|
var $util = require('../utilities');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -419,6 +418,81 @@ function handleAccountProfile(req, res) {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handles a GET request for /account/passwordreset
|
||||||
|
*/
|
||||||
|
function handlePasswordResetPage(req, res) {
|
||||||
|
if (webserver.redirectHttps(req, res)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
logRequest(req);
|
||||||
|
|
||||||
|
sendJade(res, "account-passwordreset", {
|
||||||
|
reset: false,
|
||||||
|
resetEmail: "",
|
||||||
|
resetErr: false
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handles a POST request to reset a user's password
|
||||||
|
*/
|
||||||
|
function handlePasswordReset(req, res) {
|
||||||
|
logRequest(req);
|
||||||
|
|
||||||
|
var name = req.body.name,
|
||||||
|
email = req.body.email;
|
||||||
|
|
||||||
|
if (typeof name !== "string" || typeof email !== "string") {
|
||||||
|
res.send(400);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$util.isValidUserName(name)) {
|
||||||
|
sendJade(res, "account-passwordreset", {
|
||||||
|
reset: false,
|
||||||
|
resetEmail: "",
|
||||||
|
resetErr: "Invalid username '" + name + "'"
|
||||||
|
});
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
db.users.getEmail(name, function (err, actualEmail) {
|
||||||
|
if (err) {
|
||||||
|
sendJade(res, "account-passwordreset", {
|
||||||
|
reset: false,
|
||||||
|
resetEmail: "",
|
||||||
|
resetErr: err
|
||||||
|
});
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (actualEmail !== email.trim()) {
|
||||||
|
sendJade(res, "account-passwordreset", {
|
||||||
|
reset: false,
|
||||||
|
resetEmail: "",
|
||||||
|
resetErr: "Provided email does not match the email address on record for " + name
|
||||||
|
});
|
||||||
|
return;
|
||||||
|
} else if (actualEmail === "") {
|
||||||
|
sendJade(res, "account-passwordreset", {
|
||||||
|
reset: false,
|
||||||
|
resetEmail: "",
|
||||||
|
resetErr: name + " doesn't have an email address on record. Please contact an " +
|
||||||
|
"administrator to manually reset your password."
|
||||||
|
});
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
sendJade(res, "account-passwordreset", {
|
||||||
|
reset: true,
|
||||||
|
resetEmail: user.email,
|
||||||
|
resetErr: false
|
||||||
|
});
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
/**
|
/**
|
||||||
* Initialize the module
|
* Initialize the module
|
||||||
|
@ -430,5 +504,7 @@ module.exports = {
|
||||||
app.post('/account/channels', handleAccountChannel);
|
app.post('/account/channels', handleAccountChannel);
|
||||||
app.get('/account/profile', handleAccountProfilePage);
|
app.get('/account/profile', handleAccountProfilePage);
|
||||||
app.post('/account/profile', handleAccountProfile);
|
app.post('/account/profile', handleAccountProfile);
|
||||||
|
app.get("/account/passwordreset", handlePasswordResetPage);
|
||||||
|
app.post("/account/passwordreset", handlePasswordReset);
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
|
@ -0,0 +1,37 @@
|
||||||
|
doctype html
|
||||||
|
html(lang="en")
|
||||||
|
head
|
||||||
|
include head
|
||||||
|
mixin head()
|
||||||
|
body
|
||||||
|
#wrap
|
||||||
|
nav.navbar.navbar-inverse.navbar-fixed-top(role="navigation")
|
||||||
|
include nav
|
||||||
|
mixin navheader()
|
||||||
|
#nav-collapsible.collapse.navbar-collapse
|
||||||
|
ul.nav.navbar-nav
|
||||||
|
mixin navdefaultlinks("/account/passwordreset")
|
||||||
|
mixin navloginlogout("/account/passwordreset")
|
||||||
|
section#mainpage
|
||||||
|
.container
|
||||||
|
.col-lg-6.col-lg-offset-3.col-md-6.col-md-offset-3
|
||||||
|
h3 Reset Password
|
||||||
|
if reset
|
||||||
|
.alert.alert-success.center.messagebox
|
||||||
|
strong Password reset request sent
|
||||||
|
p Please check #{resetEmail} for your recovery link.
|
||||||
|
else if resetErr
|
||||||
|
.alert.alert-danger.center.messagebox
|
||||||
|
strong Error
|
||||||
|
p= resetErr
|
||||||
|
form(action="/account/passwordreset", method="post", role="form")
|
||||||
|
.form-group
|
||||||
|
label.control-label(for="username") Username
|
||||||
|
input#username.form-control(type="text", name="name")
|
||||||
|
.form-group
|
||||||
|
label.control-label(for="email") Email address
|
||||||
|
input#email.form-control(type="email", name="email")
|
||||||
|
button.btn.btn-primary.btn-block(type="submit") Send reset request
|
||||||
|
|
||||||
|
include footer
|
||||||
|
mixin footer()
|
|
@ -186,8 +186,8 @@ html(lang="en")
|
||||||
include footer
|
include footer
|
||||||
mixin footer()
|
mixin footer()
|
||||||
script(src=sioSource)
|
script(src=sioSource)
|
||||||
script(src="/sioconfig")
|
|
||||||
script(src="/assets/js/data.js")
|
script(src="/assets/js/data.js")
|
||||||
|
script(src="/sioconfig")
|
||||||
script(src="/assets/js/util.js")
|
script(src="/assets/js/util.js")
|
||||||
script(src="/assets/js/player.js")
|
script(src="/assets/js/player.js")
|
||||||
script(src="/assets/js/paginator.js")
|
script(src="/assets/js/paginator.js")
|
||||||
|
|
|
@ -1040,20 +1040,19 @@ setupCallbacks = function() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$.getScript(IO_URL+"/socket.io/socket.io.js", function() {
|
try {
|
||||||
try {
|
if (NO_WEBSOCKETS || USEROPTS.altsocket) {
|
||||||
if(NO_WEBSOCKETS || USEROPTS.altsocket) {
|
var i = io.transports.indexOf("websocket");
|
||||||
var i = io.transports.indexOf("websocket");
|
if (i >= 0) {
|
||||||
if(i >= 0)
|
io.transports.splice(i, 1);
|
||||||
io.transports.splice(i, 1);
|
|
||||||
}
|
}
|
||||||
var opts = {};
|
|
||||||
if (location.protocol === "https:")
|
|
||||||
opts.secure = true;
|
|
||||||
socket = io.connect(IO_URL);
|
|
||||||
setupCallbacks();
|
|
||||||
}
|
}
|
||||||
catch(e) {
|
var opts = {};
|
||||||
Callbacks.disconnect();
|
if (location.protocol === "https:" || USEROPTS.secure_connection) {
|
||||||
|
opts.secure = true;
|
||||||
}
|
}
|
||||||
});
|
socket = io.connect(IO_URL, opts);
|
||||||
|
setupCallbacks();
|
||||||
|
} catch (e) {
|
||||||
|
Callbacks.disconnect();
|
||||||
|
}
|
||||||
|
|
|
@ -829,7 +829,6 @@ function handleModPermissions() {
|
||||||
setParentVisible("a[href='#cs-filtereditor']", CLIENT.rank >= 3);
|
setParentVisible("a[href='#cs-filtereditor']", CLIENT.rank >= 3);
|
||||||
setParentVisible("a[href='#cs-chanranks']", CLIENT.rank >= 3);
|
setParentVisible("a[href='#cs-chanranks']", CLIENT.rank >= 3);
|
||||||
setParentVisible("a[href='#cs-chanlog']", CLIENT.rank >= 3);
|
setParentVisible("a[href='#cs-chanlog']", CLIENT.rank >= 3);
|
||||||
$("#qlockbtn").attr("disabled", !hasPermission("playlistlock"));
|
|
||||||
$("#cs-chatfilters-import").attr("disabled", !hasPermission("filterimport"));
|
$("#cs-chatfilters-import").attr("disabled", !hasPermission("filterimport"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -838,6 +837,7 @@ function handlePermissionChange() {
|
||||||
handleModPermissions();
|
handleModPermissions();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$("#qlockbtn").attr("disabled", !hasPermission("playlistlock"));
|
||||||
setVisible("#showchansettings", CLIENT.rank >= 2);
|
setVisible("#showchansettings", CLIENT.rank >= 2);
|
||||||
setVisible("#playlistmanagerwrap", CLIENT.rank >= 1);
|
setVisible("#playlistmanagerwrap", CLIENT.rank >= 1);
|
||||||
setVisible("#modflair", CLIENT.rank >= 2);
|
setVisible("#modflair", CLIENT.rank >= 2);
|
||||||
|
|
Loading…
Reference in New Issue