moon
/
sync
mirror of https://github.com/calzoneman/sync.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add profile page, fix some redirects

This commit is contained in:
calzoneman 2014-01-20 12:42:20 -06:00
parent fd6b95920a
commit e075d2f95a
3 changed files with 142 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
lib/web/account.js
View File

@ -355,7 +355,56 @@ function handleAccountProfilePage(req, res) {
* Handles a POST request to edit a profile * Handles a POST request to edit a profile
*/ */
function handleAccountProfile(req, res) { function handleAccountProfile(req, res) {
res.send(500); logRequest(req);
var loginName = false;
if (req.cookies.auth) {
loginName = req.cookies.auth.split(':')[0];
} else {
sendJade(res, 'account-profile', {
loggedIn: false,
profileImage: "",
profileText: "",
profileError: "You must be logged in to edit your profile",
});
return;
}
var image = req.body.image;
var text = req.body.text;
db.users.verifyAuth(req.cookies.auth, function (err, user) {
if (err) {
sendJade(res, 'account-profile', {
loggedIn: false,
profileImage: "",
profileText: "",
profileError: err
});
return;
}
db.users.setProfile(user.name, { image: image, text: text }, function (err) {
if (err) {
sendJade(res, 'account-profile', {
loggedIn: true,
loginName: user.name,
profileImage: "",
profileText: "",
profileError: err
});
return;
}
sendJade(res, 'account-profile', {
loggedIn: true,
loginName: user.name,
profileImage: image,
profileText: text,
profileError: false
});
});
});
} }
module.exports = { module.exports = {

129
lib/web/auth.js
View File

@ -4,14 +4,14 @@
* @author Calvin Montgomery <cyzon@cyzon.us> * @author Calvin Montgomery <cyzon@cyzon.us>
*/ */
var jade = require('jade'); var jade = require("jade");
var fs = require('fs'); var fs = require("fs");
var path = require('path'); var path = require("path");
var webserver = require('./webserver'); var webserver = require("./webserver");
var sendJade = require('./jade').sendJade; var sendJade = require("./jade").sendJade;
var Logger = require('../logger'); var Logger = require("../logger");
var $util = require('../utilities'); var $util = require("../utilities");
var db = require('../database'); var db = require("../database");
/** /**
* Processes a login request. Sets a cookie upon successful authentication * Processes a login request. Sets a cookie upon successful authentication
@ -20,7 +20,7 @@ function handleLogin(req, res) {
var name = req.body.name; var name = req.body.name;
var password = req.body.password; var password = req.body.password;
if (typeof name !== 'string' || typeof password !== 'string') { if (typeof name !== "string" || typeof password !== "string") {
res.send(400); res.send(400);
return; return;
} }
@ -29,20 +29,42 @@ function handleLogin(req, res) {
db.users.verifyLogin(name, password, function (err, user) { db.users.verifyLogin(name, password, function (err, user) {
if (err) { if (err) {
if (err === 'Invalid username/password combination') { if (err === "Invalid username/password combination") {
Logger.syslog.log('Login failed (bad password): ' + name Logger.syslog.log("Login failed (bad password): " + name
+ '@' + webserver.ipForRequest(req)); + "@" + webserver.ipForRequest(req));
} }
sendJade(res, 'login', { sendJade(res, "login", {
loggedIn: false, loggedIn: false,
loginError: err loginError: err
}); });
} else { } else {
res.cookie('auth', user.name + ':' + user.hash, { res.cookie("auth", user.name + ":" + user.hash, {
expires: new Date(Date.now() + 60*60*1000), expires: new Date(Date.now() + 60*60*1000),
httpOnly: true httpOnly: true
}); });
res.redirect("back");
// Try to find an appropriate redirect
var ref = req.header("referrer");
if (!ref) {
ref = req.body.redirect;
}
if (typeof ref !== "string") {
ref = "";
}
if (ref.match(/login|logout/)) {
ref = "";
}
if (ref) {
res.redirect(ref);
} else {
sendJade(res, "login", {
loggedIn: true,
loginName: user.name
});
}
} }
}); });
} }
@ -52,9 +74,9 @@ function handleLogin(req, res) {
*/ */
function handleLoginPage(req, res) { function handleLoginPage(req, res) {
if (req.cookies.auth) { if (req.cookies.auth) {
var split = req.cookies.auth.split(':'); var split = req.cookies.auth.split(":");
if (split.length === 2) { if (split.length === 2) {
sendJade(res, 'login', { sendJade(res, "login", {
wasAlreadyLoggedIn: true, wasAlreadyLoggedIn: true,
loggedIn: true, loggedIn: true,
loginName: split[0] loginName: split[0]
@ -62,9 +84,9 @@ function handleLoginPage(req, res) {
return; return;
} }
} }
sendJade(res, 'login', { sendJade(res, "login", {
loggedIn: false, loggedIn: false,
redirect: req.header('Referrer') redirect: req.header("Referrer")
}); });
} }
@ -72,13 +94,26 @@ function handleLoginPage(req, res) {
* Handles a request for /logout. Clears auth cookie * Handles a request for /logout. Clears auth cookie
*/ */
function handleLogout(req, res) { function handleLogout(req, res) {
res.clearCookie('auth'); res.clearCookie("auth");
res.redirect("back"); // Try to find an appropriate redirect
/* var ref = req.header("referrer");
sendJade(res, 'logout', { if (!ref) {
redirect: req.body.redirect || req.header('Referrer') ref = req.body.redirect;
}); }
*/
if (typeof ref !== "string") {
ref = "";
}
if (ref.match(/login|logout/)) {
ref = "";
}
if (ref) {
res.redirect(ref);
} else {
sendJade(res, "logout", {});
}
} }
/** /**
@ -86,16 +121,16 @@ function handleLogout(req, res) {
*/ */
function handleRegisterPage(req, res) { function handleRegisterPage(req, res) {
if (req.cookies.auth) { if (req.cookies.auth) {
var split = req.cookies.auth.split(':'); var split = req.cookies.auth.split(":");
if (split.length === 2) { if (split.length === 2) {
sendJade(res, 'register', { sendJade(res, "register", {
loggedIn: true, loggedIn: true,
loginName: split[0] loginName: split[0]
}); });
return; return;
} }
} }
sendJade(res, 'register', { sendJade(res, "register", {
registered: false, registered: false,
registerError: false registerError: false
}); });
@ -108,26 +143,26 @@ function handleRegister(req, res) {
var name = req.body.name; var name = req.body.name;
var password = req.body.password; var password = req.body.password;
var email = req.body.email; var email = req.body.email;
if (typeof email !== 'string') { if (typeof email !== "string") {
email = ''; email = "";
} }
var ip = webserver.ipForRequest(req); var ip = webserver.ipForRequest(req);
if (typeof name !== 'string' || typeof password !== 'string') { if (typeof name !== "string" || typeof password !== "string") {
res.send(400); res.send(400);
return; return;
} }
if (name.length === 0) { if (name.length === 0) {
sendJade(res, 'register', { sendJade(res, "register", {
registerError: 'Username must not be empty' registerError: "Username must not be empty"
}); });
return; return;
} }
if (password.length === 0) { if (password.length === 0) {
sendJade(res, 'register', { sendJade(res, "register", {
registerError: 'Password must not be empty' registerError: "Password must not be empty"
}); });
return; return;
} }
@ -135,21 +170,21 @@ function handleRegister(req, res) {
password = password.substring(0, 100); password = password.substring(0, 100);
if (email.length > 0 && !$util.isValidEmail(email)) { if (email.length > 0 && !$util.isValidEmail(email)) {
sendJade(res, 'register', { sendJade(res, "register", {
registerError: 'Invalid email address' registerError: "Invalid email address"
}); });
return; return;
} }
db.users.register(name, password, email, ip, function (err) { db.users.register(name, password, email, ip, function (err) {
if (err) { if (err) {
sendJade(res, 'register', { sendJade(res, "register", {
registerError: err registerError: err
}); });
} else { } else {
Logger.syslog.log(ip + ' registered account: ' + name + Logger.syslog.log(ip + " registered account: " + name +
(email.length > 0 ? ' <' + email + '>' : '')); (email.length > 0 ? " <" + email + ">" : ""));
sendJade(res, 'register', { sendJade(res, "register", {
registered: true, registered: true,
registerName: name, registerName: name,
redirect: req.body.redirect redirect: req.body.redirect
@ -163,10 +198,10 @@ module.exports = {
* Initializes auth callbacks * Initializes auth callbacks
*/ */
init: function (app) { init: function (app) {
app.get('/login', handleLoginPage); app.get("/login", handleLoginPage);
app.post('/login', handleLogin); app.post("/login", handleLogin);
app.get('/logout', handleLogout); app.get("/logout", handleLogout);
app.get('/register', handleRegisterPage); app.get("/register", handleRegisterPage);
app.post('/register', handleRegister); app.post("/register", handleRegister);
} }
}; };

13
templates/account-profile.jade
View File

@ -26,11 +26,10 @@ html(lang="en")
.alert.alert-danger.center.messagebox .alert.alert-danger.center.messagebox
strong Profile Error strong Profile Error
p= profileError p= profileError
.media .profile-box(style="position: inherit")
a.pull-left(href="#") img.profile-image(src=profileImage)
img.media-object(src=profileImage, alt="Profile Image") strong= loginName
.media-body p= profileText
= profileText
h3 Edit Profile h3 Edit Profile
form(action="/account/profile", method="post", role="form") form(action="/account/profile", method="post", role="form")
.form-group .form-group
@ -38,8 +37,10 @@ html(lang="en")
input#profileimage.form-control(type="text", name="image") input#profileimage.form-control(type="text", name="image")
.form-group .form-group
label.control-label(for="profiletext") Text label.control-label(for="profiletext") Text
textarea#profiletext.form-control(cols="10") textarea#profiletext.form-control(cols="10", name="text")= profileText
button.btn.btn-primary.btn-block(type="submit") Save button.btn.btn-primary.btn-block(type="submit") Save
include footer include footer
mixin footer() mixin footer()
script(type="text/javascript").
$("#profileimage").val("#{profileImage}");