2015-06-29 22:51:29 +00:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Module dependencies.
|
|
|
|
|
*/
|
|
|
|
|
var _ = require('lodash'),
|
2015-07-27 18:11:43 +00:00
|
|
|
nev = require('email-verification'),
|
2015-06-29 22:51:29 +00:00
|
|
|
errorHandler = require('../errors.server.controller'),
|
|
|
|
|
mongoose = require('mongoose'),
|
|
|
|
|
passport = require('passport'),
|
2015-07-21 23:25:45 +00:00
|
|
|
async = require('async'),
|
|
|
|
|
config = require('../../../config/config'),
|
|
|
|
|
nodemailer = require('nodemailer'),
|
|
|
|
|
crypto = require('crypto'),
|
2015-07-27 18:11:43 +00:00
|
|
|
nev = require('email-verification'),
|
2015-06-29 22:51:29 +00:00
|
|
|
User = mongoose.model('User');
|
|
|
|
|
|
2015-07-21 23:25:45 +00:00
|
|
|
var smtpTransport = nodemailer.createTransport(config.mailer.options);
|
|
|
|
|
|
2015-07-27 18:11:43 +00:00
|
|
|
// NEV configuration =====================
|
|
|
|
|
nev.configure({
|
|
|
|
|
persistentUserModel: User,
|
2015-07-28 22:29:07 +00:00
|
|
|
expirationTime: 1800, // 30 minutes
|
2015-07-21 23:25:45 +00:00
|
|
|
|
2015-07-27 18:11:43 +00:00
|
|
|
verificationURL: config.baseUrl+'/#!/verify/${URL}',
|
|
|
|
|
transportOptions: config.mailer.options,
|
|
|
|
|
verifyMailOptions: {
|
|
|
|
|
from: config.mailer.from,
|
|
|
|
|
subject: 'Confirm your account',
|
|
|
|
|
html: '<p>Please verify your account by clicking <a href="${URL}">this link</a>. If you are unable to do so, copy and ' +
|
|
|
|
|
'paste the following link into your browser:</p><p>${URL}</p>',
|
|
|
|
|
text: 'Please verify your account by clicking the following link, or by copying and pasting it into your browser: ${URL}'
|
|
|
|
|
},
|
2015-07-21 23:25:45 +00:00
|
|
|
|
2015-07-27 18:11:43 +00:00
|
|
|
confirmMailOptions: {
|
|
|
|
|
from: config.mailer.from,
|
|
|
|
|
subject: 'Successfully verified!',
|
|
|
|
|
html: '<p>Your account has been successfully verified.</p>',
|
|
|
|
|
text: 'Your account has been successfully verified.'
|
|
|
|
|
},
|
2015-07-21 23:25:45 +00:00
|
|
|
|
2015-07-27 18:11:43 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
nev.generateTempUserModel(User);
|
2015-07-21 23:25:45 +00:00
|
|
|
|
2015-06-29 22:51:29 +00:00
|
|
|
/**
|
|
|
|
|
* Signup
|
|
|
|
|
*/
|
|
|
|
|
exports.signup = function(req, res) {
|
|
|
|
|
// For security measurement we remove the roles from the req.body object
|
|
|
|
|
delete req.body.roles;
|
|
|
|
|
|
|
|
|
|
// Init Variables
|
|
|
|
|
var user = new User(req.body);
|
|
|
|
|
|
|
|
|
|
// Add missing user fields
|
|
|
|
|
user.provider = 'local';
|
2015-07-27 18:11:43 +00:00
|
|
|
user.username = user.email;
|
2015-07-28 22:29:07 +00:00
|
|
|
// user.displayName = user.firstName + ' ' + user.lastName;
|
2015-06-29 22:51:29 +00:00
|
|
|
|
2015-07-27 18:11:43 +00:00
|
|
|
// Then save the temporary user
|
|
|
|
|
nev.createTempUser(user, function(newTempUser) {
|
|
|
|
|
// new user created
|
|
|
|
|
if (newTempUser) {
|
|
|
|
|
nev.registerTempUser(newTempUser);
|
|
|
|
|
res.status(200).send('An email has been sent to you. Please check it to verify your account.');
|
|
|
|
|
} else {
|
|
|
|
|
res.status(400).send('Error: Temp user could NOT be created!');
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
exports.validateVerificationToken = function(req, res, next){
|
|
|
|
|
|
|
|
|
|
nev.confirmTempUser(req.params.token, function(user) {
|
|
|
|
|
if (user){
|
|
|
|
|
res.status(200).send('User successfully verified');
|
|
|
|
|
}else {
|
|
|
|
|
// redirect to resend verification email
|
2015-07-29 18:34:00 +00:00
|
|
|
res.status(400).send('Verification token is invalid or has expired');
|
2015-07-27 18:11:43 +00:00
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
exports.resendVerificationEmail = function(req, res, next){
|
|
|
|
|
nev.resendVerificationEmail(req.body.email, function(user) {
|
|
|
|
|
if (user){
|
|
|
|
|
res.status(200).send('User successfully verified');
|
|
|
|
|
}else {
|
|
|
|
|
// user hasn't been found yet
|
|
|
|
|
res.status(400).send( {message: 'Error: User could NOT be verified'} );
|
|
|
|
|
}
|
2015-06-29 22:51:29 +00:00
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Signin after passport authentication
|
|
|
|
|
*/
|
|
|
|
|
exports.signin = function(req, res, next) {
|
|
|
|
|
passport.authenticate('local', function(err, user, info) {
|
|
|
|
|
if (err || !user) {
|
|
|
|
|
res.status(400).send(info);
|
|
|
|
|
} else {
|
|
|
|
|
// Remove sensitive data before login
|
|
|
|
|
user.password = undefined;
|
|
|
|
|
user.salt = undefined;
|
|
|
|
|
|
|
|
|
|
req.login(user, function(err) {
|
|
|
|
|
if (err) {
|
2015-07-21 23:25:45 +00:00
|
|
|
return res.status(400).send({
|
|
|
|
|
message: errorHandler.getErrorMessage(err)
|
|
|
|
|
});
|
2015-06-29 22:51:29 +00:00
|
|
|
} else {
|
|
|
|
|
res.json(user);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
})(req, res, next);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Signout
|
|
|
|
|
*/
|
|
|
|
|
exports.signout = function(req, res) {
|
|
|
|
|
req.logout();
|
2015-07-21 23:25:45 +00:00
|
|
|
res.status(200).send('user successfully logged out');
|
|
|
|
|
// res.redirect('/');
|
2015-06-29 22:51:29 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* OAuth callback
|
|
|
|
|
*/
|
|
|
|
|
exports.oauthCallback = function(strategy) {
|
|
|
|
|
return function(req, res, next) {
|
|
|
|
|
passport.authenticate(strategy, function(err, user, redirectURL) {
|
|
|
|
|
if (err || !user) {
|
|
|
|
|
return res.redirect('/#!/signin');
|
|
|
|
|
}
|
|
|
|
|
req.login(user, function(err) {
|
|
|
|
|
if (err) {
|
|
|
|
|
return res.redirect('/#!/signin');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return res.redirect(redirectURL || '/');
|
|
|
|
|
});
|
|
|
|
|
})(req, res, next);
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Helper function to save or update a OAuth user profile
|
|
|
|
|
*/
|
|
|
|
|
exports.saveOAuthUserProfile = function(req, providerUserProfile, done) {
|
|
|
|
|
if (!req.user) {
|
|
|
|
|
// Define a search query fields
|
|
|
|
|
var searchMainProviderIdentifierField = 'providerData.' + providerUserProfile.providerIdentifierField;
|
|
|
|
|
var searchAdditionalProviderIdentifierField = 'additionalProvidersData.' + providerUserProfile.provider + '.' + providerUserProfile.providerIdentifierField;
|
|
|
|
|
|
|
|
|
|
// Define main provider search query
|
|
|
|
|
var mainProviderSearchQuery = {};
|
|
|
|
|
mainProviderSearchQuery.provider = providerUserProfile.provider;
|
|
|
|
|
mainProviderSearchQuery[searchMainProviderIdentifierField] = providerUserProfile.providerData[providerUserProfile.providerIdentifierField];
|
|
|
|
|
|
|
|
|
|
// Define additional provider search query
|
|
|
|
|
var additionalProviderSearchQuery = {};
|
|
|
|
|
additionalProviderSearchQuery[searchAdditionalProviderIdentifierField] = providerUserProfile.providerData[providerUserProfile.providerIdentifierField];
|
|
|
|
|
|
|
|
|
|
// Define a search query to find existing user with current provider profile
|
|
|
|
|
var searchQuery = {
|
|
|
|
|
$or: [mainProviderSearchQuery, additionalProviderSearchQuery]
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
User.findOne(searchQuery, function(err, user) {
|
|
|
|
|
if (err) {
|
|
|
|
|
return done(err);
|
|
|
|
|
} else {
|
|
|
|
|
if (!user) {
|
|
|
|
|
var possibleUsername = providerUserProfile.username || ((providerUserProfile.email) ? providerUserProfile.email.split('@')[0] : '');
|
|
|
|
|
|
|
|
|
|
User.findUniqueUsername(possibleUsername, null, function(availableUsername) {
|
|
|
|
|
user = new User({
|
|
|
|
|
firstName: providerUserProfile.firstName,
|
|
|
|
|
lastName: providerUserProfile.lastName,
|
|
|
|
|
username: availableUsername,
|
|
|
|
|
displayName: providerUserProfile.displayName,
|
|
|
|
|
email: providerUserProfile.email,
|
|
|
|
|
provider: providerUserProfile.provider,
|
|
|
|
|
providerData: providerUserProfile.providerData
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// And save the user
|
|
|
|
|
user.save(function(err) {
|
|
|
|
|
return done(err, user);
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
return done(err, user);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
// User is already logged in, join the provider data to the existing user
|
|
|
|
|
var user = req.user;
|
|
|
|
|
|
|
|
|
|
// Check if user exists, is not signed in using this provider, and doesn't have that provider data already configured
|
|
|
|
|
if (user.provider !== providerUserProfile.provider && (!user.additionalProvidersData || !user.additionalProvidersData[providerUserProfile.provider])) {
|
|
|
|
|
// Add the provider data to the additional provider data field
|
|
|
|
|
if (!user.additionalProvidersData) user.additionalProvidersData = {};
|
|
|
|
|
user.additionalProvidersData[providerUserProfile.provider] = providerUserProfile.providerData;
|
|
|
|
|
|
|
|
|
|
// Then tell mongoose that we've updated the additionalProvidersData field
|
|
|
|
|
user.markModified('additionalProvidersData');
|
|
|
|
|
|
|
|
|
|
// And save the user
|
|
|
|
|
user.save(function(err) {
|
|
|
|
|
return done(err, user, '/#!/settings/accounts');
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
return done(new Error('User is already connected using this provider'), user);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Remove OAuth provider
|
|
|
|
|
*/
|
|
|
|
|
exports.removeOAuthProvider = function(req, res, next) {
|
|
|
|
|
var user = req.user;
|
|
|
|
|
var provider = req.param('provider');
|
|
|
|
|
|
|
|
|
|
if (user && provider) {
|
|
|
|
|
// Delete the additional provider
|
|
|
|
|
if (user.additionalProvidersData[provider]) {
|
|
|
|
|
delete user.additionalProvidersData[provider];
|
|
|
|
|
|
|
|
|
|
// Then tell mongoose that we've updated the additionalProvidersData field
|
|
|
|
|
user.markModified('additionalProvidersData');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
user.save(function(err) {
|
|
|
|
|
if (err) {
|
|
|
|
|
return res.status(400).send({
|
|
|
|
|
message: errorHandler.getErrorMessage(err)
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
req.login(user, function(err) {
|
|
|
|
|
if (err) {
|
|
|
|
|
res.status(400).send(err);
|
|
|
|
|
} else {
|
|
|
|
|
res.json(user);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
};
|
