tellform/app/controllers/users/users.authentication.server.controller.js

'use strict';

/**
 * Module dependencies.
 */
var errorHandler = require('../errors.server.controller'),
	mongoose = require('mongoose'),
	passport = require('passport'),
	config = require('../../../config/config'),
	User = mongoose.model('User'),
	tokgen = require('../../libs/tokenGenerator'),
	fs = require('fs'),
	i18n = require('i18n'),
	async = require('async'),
	pug = require('pug'),
	helpers = require('../helpers.server.controller');

var nev = require('email-verification')(mongoose);

// NEV setup and configuration ================
var config_nev = function () {

	nev.configure({

		verifyMailOptions: {
	        from: config.mailer.from
	    },

	    confirmMailOptions: {
	        from: config.mailer.from
	    },

	    persistentUserModel: User,
	    tempUserCollection: config.tempUserCollection,
        emailAndUsernameUnique: true,
	    expirationTime: 86400,  // 24 hours

	    verificationURL: config.baseUrl+'/#!/verify/${URL}',
	    transportOptions: config.mailer.options,
	    
	    verifySendMailCallback: function(err, info) {
	      if (err) {
	        throw err;
	      }
	    }

	}, function(err, options){
		if(err) {
			throw err;
		}
	});

	nev.generateTempUserModel(User, function(err){
		if(err) {
			throw err;
		}
	});
};

config_nev();

exports.validateVerificationToken = function(req, res){

	const fn = pug.compileFile(__dirname + '/../../views/welcome.email.view.pug');
	var renderedHtml = fn(res.locals);

    var emailTemplate = {
        subject: i18n.__('WELCOME_EMAIL_SUBJECT', config.app.title),
        html: renderedHtml,
        text: i18n.__('WELCOME_EMAIL_TEXT')
    };

	nev.confirmTempUser(req.params.token, emailTemplate, function(err, user) {
	    if(err) {
			return res.status(500).send( {message: err } );
	    } else if (user){
	        return res.status(200).send('User successfully verified');
	    }
	    // redirect to resend verification email
	    else {
	    	return res.status(400).send( {message: 'Verification token is invalid or has expired'} );
	    } 
	});
};

exports.resendVerificationEmail = function(req, res, next){
	const fn = pug.compileFile(__dirname + '/../../views/verification.email.view.pug');
	var renderedHtml = fn(res.locals);

	var emailTemplate = {
        subject: i18n.__('VERIFICATION_EMAIL_SUBJECT'),
        html: renderedHtml,
        text: i18n.__('VERIFICATION_EMAIL_TEXT')
    };

	nev.resendVerificationEmail(req.body.email, emailTemplate, function(err, userFound) {
		if(err) {
			return res.status(500).send( {message: errorHandler.getErrorMessage(err)  } );
	    }

	    if (userFound){
	        res.status(200).send('Verification email successfully Re-Sent');
	    }else {
	        // user hasn't been found yet
	        res.status(400).send( {message: 'Error: User has not been registered yet'} );
	    }
	});
};

/**
 * Signup
 */
exports.signup = function(req, res) {
	// For security measures we remove the roles from the req.body object
	delete req.body.roles;

	// Init Variables
	var user = new User(req.body);

	// Set language to visitor's language
	user.language = req.cookies.userLang;

	// Add missing user fields
	user.provider = 'local';

	// Then save the temporary user
	nev.createTempUser(user, function (err, existingPersistentUser, newTempUser) {
		if (err) {
			return res.status(400).send({
				message: errorHandler.getErrorMessage(err)
			});
		}

		// new user created
		if (newTempUser) {
			const fn = pug.compileFile(__dirname + '/../../views/verification.email.view.pug');
			var renderedHtml = fn(res.locals);

			var URL = newTempUser[nev.options.URLFieldName];
			var emailTemplate = {
		        subject: i18n.__('VERIFICATION_EMAIL_SUBJECT'),
		        html: renderedHtml,
		        text: i18n.__('VERIFICATION_EMAIL_TEXT')
		    };

			nev.sendVerificationEmail(user.email, URL, emailTemplate, function (sendEmailErr, info) {
				if (sendEmailErr) {
					return res.status(400).send({
						message: errorHandler.getErrorMessage(err)
					});
				}
				return res.status(200).send('An email has been sent to you. Please check it to verify your account.');
			});
		} else {
			return res.status(400).send({message: 'User with username/email already exists!'});
		}
	});
};

/**
 * Signin after passport authentication
 */
exports.signin = function(req, res, next) {
	
	passport.authenticate('local', function(err, user, info) {
		if (err || !user) {
			res.status(400).send(info);
		} else {
			// Remove sensitive data before login
			user.password = null;
			user.salt = null;
			user.provider = null;

			req.login(user, function(loginErr) {
				if (loginErr) {
					return res.status(400).send({
						message: errorHandler.getErrorMessage(loginErr)
					});
				}

				res.cookie('langCookie', user.language, { maxAge: 90000, httpOnly: true });
				
				user = helpers.removeSensitiveModelData('private_user', user);
				return res.json(user);
			});
		}
	})(req, res, next);
};

/**
 * Signout
 */
exports.signout = function(req, res) {
	if(req.cookies.hasOwnProperty('userLang')){
		res.clearCookie('userLang');
	}
	req.logout();
	return res.status(200).send('You have successfully logged out.');
};

/* Generate API Key for User */
exports.generateAPIKey = function(req, res) {
	User.findById(req.user.id)
		.exec( function(err, user) {
			if (err) {
				return res.status(400).send({
					message: errorHandler.getErrorMessage(err)
				});
			}

			if (!user) {
				return res.status(400).send({
					message: 'User does not Exist'
				});
			}

			user.apiKey = tokgen();

			user.save(function(userSaveErr, _user) {
				if (userSaveErr) {
					return res.status(400).send({
						message: errorHandler.getErrorMessage(userSaveErr)
					});
				}

				var newUser = _user.toObject();

				return res.json({ id: newUser._id, apiKey: newUser.apiKey });
			});

		});
};
first commit 2015-06-29 22:51:29 +00:00			`'use strict';`

			`/**`
			`* Module dependencies.`
			`*/`
Fixed codacy errors in user.authentication.server.controller.js 2017-04-23 02:07:43 +00:00			`var errorHandler = require('../errors.server.controller'),`
first commit 2015-06-29 22:51:29 +00:00			`mongoose = require('mongoose'),`
			`passport = require('passport'),`
got table submissions to display correctly 2015-07-21 23:25:45 +00:00			`config = require('../../../config/config'),`
got api to work 2016-08-26 00:54:16 +00:00			`User = mongoose.model('User'),`
updated mail templates 2017-10-07 09:40:24 +00:00			`tokgen = require('../../libs/tokenGenerator'),`
got email pug templates to work 2017-10-28 02:29:19 +00:00			`fs = require('fs'),`
			`i18n = require('i18n'),`
			`async = require('async'),`
added helper function to remove sensitive data from forms/users 2017-10-29 21:04:13 +00:00			`pug = require('pug'),`
			`helpers = require('../helpers.server.controller');`
first commit 2015-06-29 22:51:29 +00:00
fixed email verification 2015-11-05 22:07:56 +00:00			`var nev = require('email-verification')(mongoose);`

			`// NEV setup and configuration ================`
			`var config_nev = function () {`

			`nev.configure({`
got email pug templates to work 2017-10-28 02:29:19 +00:00
			`verifyMailOptions: {`
			`from: config.mailer.from`
			`},`

			`confirmMailOptions: {`
			`from: config.mailer.from`
			`},`

fixed email verification 2015-11-05 22:07:56 +00:00			`persistentUserModel: User,`
			`tempUserCollection: config.tempUserCollection,`
fixed user signup error handling 2017-08-01 23:12:13 +00:00			`emailAndUsernameUnique: true,`
change expriation time of activation link to 24 hours 2016-11-14 18:43:28 +00:00			`expirationTime: 86400, // 24 hours`
fixed email verification 2015-11-05 22:07:56 +00:00
			`verificationURL: config.baseUrl+'/#!/verify/${URL}',`
			`transportOptions: config.mailer.options,`
got email pug templates to work 2017-10-28 02:29:19 +00:00
fixed email signup 2015-11-05 22:38:38 +00:00			`verifySendMailCallback: function(err, info) {`
			`if (err) {`
			`throw err;`
			`}`
fixed routing 2016-03-30 01:16:36 +00:00			`}`
fixed email verification 2015-11-05 22:07:56 +00:00
fixed setup script 2016-05-21 19:49:00 +00:00			`}, function(err, options){`
Refactor users.authentication.server.controller.js's if statements 2017-04-23 03:46:57 +00:00			`if(err) {`
			`throw err;`
			`}`
fixed email verification 2015-11-05 22:07:56 +00:00			`});`
fixed socket.io 2016-06-07 19:43:24 +00:00
fixed generateTempUserModel 2016-06-15 22:05:56 +00:00			`nev.generateTempUserModel(User, function(err){`
Refactor users.authentication.server.controller.js's if statements 2017-04-23 03:46:57 +00:00			`if(err) {`
			`throw err;`
			`}`
fixed generateTempUserModel 2016-06-15 22:05:56 +00:00			`});`
fixed email verification 2015-11-05 22:07:56 +00:00			`};`

			`config_nev();`

			`exports.validateVerificationToken = function(req, res){`
got email pug templates to work 2017-10-28 02:29:19 +00:00
Merge branch '2.20' into emailNotifications 2017-11-01 19:46:15 +00:00			`const fn = pug.compileFile(__dirname + '/../../views/welcome.email.view.pug');`
got email pug templates to work 2017-10-28 02:29:19 +00:00			`var renderedHtml = fn(res.locals);`

			`var emailTemplate = {`
			`subject: i18n.__('WELCOME_EMAIL_SUBJECT', config.app.title),`
			`html: renderedHtml,`
			`text: i18n.__('WELCOME_EMAIL_TEXT')`
			`};`

			`nev.confirmTempUser(req.params.token, emailTemplate, function(err, user) {`
fixed routing 2016-03-30 01:16:36 +00:00			`if(err) {`
sped up list forms and fixed analytics bugs 2017-10-02 10:18:47 +00:00			`return res.status(500).send( {message: err } );`
			`} else if (user){`
added stuff 2015-11-06 01:22:16 +00:00			`return res.status(200).send('User successfully verified');`
added backend tests 2015-08-07 21:02:44 +00:00			`}`
Fixed codacy errors in user.authentication.server.controller.js 2017-04-23 02:07:43 +00:00			`// redirect to resend verification email`
sped up list forms and fixed analytics bugs 2017-10-02 10:18:47 +00:00			`else {`
			`return res.status(400).send( {message: 'Verification token is invalid or has expired'} );`
			`}`
added backend tests 2015-08-07 21:02:44 +00:00			`});`
			`};`

			`exports.resendVerificationEmail = function(req, res, next){`
Merge branch '2.20' into emailNotifications 2017-11-01 19:46:15 +00:00			`const fn = pug.compileFile(__dirname + '/../../views/verification.email.view.pug');`
got email pug templates to work 2017-10-28 02:29:19 +00:00			`var renderedHtml = fn(res.locals);`

			`var emailTemplate = {`
			`subject: i18n.__('VERIFICATION_EMAIL_SUBJECT'),`
			`html: renderedHtml,`
			`text: i18n.__('VERIFICATION_EMAIL_TEXT')`
			`};`

			`nev.resendVerificationEmail(req.body.email, emailTemplate, function(err, userFound) {`
fixed routing 2016-03-30 01:16:36 +00:00			`if(err) {`
added stuff 2015-11-06 01:22:16 +00:00			`return res.status(500).send( {message: errorHandler.getErrorMessage(err) } );`
fixed routing 2016-03-30 01:16:36 +00:00			`}`
added stuff 2015-11-06 01:22:16 +00:00
			`if (userFound){`
got karma:unit tests working 2015-08-19 22:29:01 +00:00			`res.status(200).send('Verification email successfully Re-Sent');`
added backend tests 2015-08-07 21:02:44 +00:00			`}else {`
			`// user hasn't been found yet`
added stuff 2015-11-06 01:22:16 +00:00			`res.status(400).send( {message: 'Error: User has not been registered yet'} );`
added backend tests 2015-08-07 21:02:44 +00:00			`}`
			`});`
			`};`

first commit 2015-06-29 22:51:29 +00:00			`/**`
			`* Signup`
			`*/`
			`exports.signup = function(req, res) {`
fixed routing 2016-03-30 01:16:36 +00:00			`// For security measures we remove the roles from the req.body object`
fixed signup error 2016-08-17 19:04:42 +00:00			`delete req.body.roles;`

			`// Init Variables`
			`var user = new User(req.body);`

internationalized transactional emails 2017-10-28 03:46:00 +00:00			`// Set language to visitor's language`
Merge branch '2.20' into emailNotifications 2017-11-01 19:46:15 +00:00			`user.language = req.cookies.userLang;`
internationalized transactional emails 2017-10-28 03:46:00 +00:00
fixed signup error 2016-08-17 19:04:42 +00:00			`// Add missing user fields`
			`user.provider = 'local';`
added client side validation for email, username and password inputs 2017-10-28 06:23:50 +00:00
fixed signup error 2016-08-17 19:04:42 +00:00			`// Then save the temporary user`
			`nev.createTempUser(user, function (err, existingPersistentUser, newTempUser) {`
Added custom mail host via MAILER_SERVICE_PROVIDER, MAILER_SMTP_PORT, and MAILER_SMTP_SECURE env vars 2017-08-15 00:58:26 +00:00			`if (err) {`
fixed signup error 2016-08-17 19:04:42 +00:00			`return res.status(400).send({`
			`message: errorHandler.getErrorMessage(err)`
			`});`
			`}`

			`// new user created`
			`if (newTempUser) {`
Merge branch '2.20' into emailNotifications 2017-11-01 19:46:15 +00:00			`const fn = pug.compileFile(__dirname + '/../../views/verification.email.view.pug');`
got email pug templates to work 2017-10-28 02:29:19 +00:00			`var renderedHtml = fn(res.locals);`

fixed signup error 2016-08-17 19:04:42 +00:00			`var URL = newTempUser[nev.options.URLFieldName];`
got email pug templates to work 2017-10-28 02:29:19 +00:00			`var emailTemplate = {`
			`subject: i18n.__('VERIFICATION_EMAIL_SUBJECT'),`
			`html: renderedHtml,`
			`text: i18n.__('VERIFICATION_EMAIL_TEXT')`
			`};`
got tests to run 2016-11-09 20:25:38 +00:00
got email pug templates to work 2017-10-28 02:29:19 +00:00			`nev.sendVerificationEmail(user.email, URL, emailTemplate, function (sendEmailErr, info) {`
			`if (sendEmailErr) {`
fixed signup error 2016-08-17 19:04:42 +00:00			`return res.status(400).send({`
			`message: errorHandler.getErrorMessage(err)`
fixed routing 2016-03-30 01:16:36 +00:00			`});`
			`}`
Fixed codacy errors in user.authentication.server.controller.js 2017-04-23 02:07:43 +00:00			`return res.status(200).send('An email has been sent to you. Please check it to verify your account.');`
fixed signup error 2016-08-17 19:04:42 +00:00			`});`
fixed signup problem 2017-07-25 17:51:59 +00:00			`} else {`
got email pug templates to work 2017-10-28 02:29:19 +00:00			`return res.status(400).send({message: 'User with username/email already exists!'});`
match jshintrc config Signed-off-by: José Luis Di Biase <josx@interorganic.com.ar> 2017-06-23 17:54:28 +00:00			`}`
fixed signup error 2016-08-17 19:04:42 +00:00			`});`
got submission deletion working 2015-07-27 18:11:43 +00:00			`};`

first commit 2015-06-29 22:51:29 +00:00			`/**`
			`* Signin after passport authentication`
			`*/`
			`exports.signin = function(req, res, next) {`
fixed errors for password reset, user signup and user signin 2017-10-28 06:54:55 +00:00
first commit 2015-06-29 22:51:29 +00:00			`passport.authenticate('local', function(err, user, info) {`
			`if (err \|\| !user) {`
			`res.status(400).send(info);`
			`} else {`
			`// Remove sensitive data before login`
Fixed codacy errors in user.authentication.server.controller.js 2017-04-23 02:07:43 +00:00			`user.password = null;`
			`user.salt = null;`
			`user.provider = null;`
first commit 2015-06-29 22:51:29 +00:00
Refactor users.authentication.server.controller.js's if statements 2017-04-23 03:46:57 +00:00			`req.login(user, function(loginErr) {`
			`if (loginErr) {`
got table submissions to display correctly 2015-07-21 23:25:45 +00:00			`return res.status(400).send({`
Refactor users.authentication.server.controller.js's if statements 2017-04-23 03:46:57 +00:00			`message: errorHandler.getErrorMessage(loginErr)`
got table submissions to display correctly 2015-07-21 23:25:45 +00:00			`});`
first commit 2015-06-29 22:51:29 +00:00			`}`
internationalized transactional emails 2017-10-28 03:46:00 +00:00
			`res.cookie('langCookie', user.language, { maxAge: 90000, httpOnly: true });`
added helper function to remove sensitive data from forms/users 2017-10-29 21:04:13 +00:00
			`user = helpers.removeSensitiveModelData('private_user', user);`
Refactor users.authentication.server.controller.js's if statements 2017-04-23 03:46:57 +00:00			`return res.json(user);`
first commit 2015-06-29 22:51:29 +00:00			`});`
			`}`
			`})(req, res, next);`
			`};`

			`/**`
			`* Signout`
			`*/`
			`exports.signout = function(req, res) {`
added client side validation for email, username and password inputs 2017-10-28 06:23:50 +00:00			`if(req.cookies.hasOwnProperty('userLang')){`
got all tests to pass 2017-10-29 19:44:12 +00:00			`res.clearCookie('userLang');`
added client side validation for email, username and password inputs 2017-10-28 06:23:50 +00:00			`}`
first commit 2015-06-29 22:51:29 +00:00			`req.logout();`
got all tests to run 2016-03-30 03:45:16 +00:00			`return res.status(200).send('You have successfully logged out.');`
first commit 2015-06-29 22:51:29 +00:00			`};`

got api to work 2016-08-26 00:54:16 +00:00			`/* Generate API Key for User */`
			`exports.generateAPIKey = function(req, res) {`
			`User.findById(req.user.id)`
			`.exec( function(err, user) {`
Fixed codacy errors in user.authentication.server.controller.js 2017-04-23 02:07:43 +00:00			`if (err) {`
added tests for api routes 2017-10-30 01:17:20 +00:00			`return res.status(400).send({`
			`message: errorHandler.getErrorMessage(err)`
			`});`
Fixed codacy errors in user.authentication.server.controller.js 2017-04-23 02:07:43 +00:00			`}`
match jshintrc config Signed-off-by: José Luis Di Biase <josx@interorganic.com.ar> 2017-06-23 17:54:28 +00:00
got api to work 2016-08-26 00:54:16 +00:00			`if (!user) {`
			`return res.status(400).send({`
			`message: 'User does not Exist'`
			`});`
			`}`

			`user.apiKey = tokgen();`

Fixed codacy errors in user.authentication.server.controller.js 2017-04-23 02:07:43 +00:00			`user.save(function(userSaveErr, _user) {`
			`if (userSaveErr) {`
got api to work 2016-08-26 00:54:16 +00:00			`return res.status(400).send({`
Fixed codacy errors in user.authentication.server.controller.js 2017-04-23 02:07:43 +00:00			`message: errorHandler.getErrorMessage(userSaveErr)`
got api to work 2016-08-26 00:54:16 +00:00			`});`
			`}`

			`var newUser = _user.toObject();`

added tests for api routes 2017-10-30 01:17:20 +00:00			`return res.json({ id: newUser._id, apiKey: newUser.apiKey });`
got api to work 2016-08-26 00:54:16 +00:00			`});`

			`});`
			`};`