From e5386c41ee653621c6c71b3c5bfe6ddfc6a1610b Mon Sep 17 00:00:00 2001
From: David Baldwynn <david.baldwin@alumni.ubc.ca>
Date: Thu, 12 Nov 2015 15:40:44 -0800
Subject: [PATCH] fixed password reset bug

---
 .../users/users.password.server.controller.js    |  6 +++---
 app/routes/users.server.routes.js                |  4 ++--
 app/views/layout.server.view.html                |  2 +-
 public/application.js                            |  2 +-
 public/modules/core/views/home.client.view.html  |  2 +-
 .../modules/users/config/users.client.routes.js  |  8 ++++----
 .../controllers/password.client.controller.js    |  2 --
 .../users/services/user.client.service.js        | 16 ++--------------
 .../views/authentication/signin.client.view.html |  4 ++--
 .../views/authentication/signup.client.view.html |  4 ++--
 .../reset-password-invalid.client.view.html      |  2 +-
 11 files changed, 19 insertions(+), 33 deletions(-)

diff --git a/app/controllers/users/users.password.server.controller.js b/app/controllers/users/users.password.server.controller.js
index 8b70d664..e246baed 100755
--- a/app/controllers/users/users.password.server.controller.js
+++ b/app/controllers/users/users.password.server.controller.js
@@ -60,7 +60,7 @@ exports.forgot = function(req, res, next) {
 			res.render('templates/reset-password-email', {
 				name: user.displayName,
 				appName: config.app.title,
-				url: req.protocol+'://' + req.headers.host + '/#!/auth/reset/' + token
+				url: 'http://' + req.headers.host + '/auth/reset/' + token
 			}, function(err, emailHTML) {
 				done(err, emailHTML, user);
 			});
@@ -103,10 +103,10 @@ exports.validateResetToken = function(req, res) {
 		}
 	}, function(err, user) {
 		if (!user) {
-			return res.redirect('/#!/auth/reset/invalid');
+			return res.redirect('/#!/password/reset/invalid');
 		}
 
-		res.redirect('/#!/auth/reset/' + req.params.token);
+		res.redirect('/#!/password/reset/' + req.params.token);
 	});
 };
 
diff --git a/app/routes/users.server.routes.js b/app/routes/users.server.routes.js
index 18c77072..c459a8c5 100755
--- a/app/routes/users.server.routes.js
+++ b/app/routes/users.server.routes.js
@@ -21,8 +21,8 @@ module.exports = function(app) {
 	// Setting up the users password api
 	app.route('/users/password').post(users.requiresLogin, users.changePassword);
 	app.route('/auth/forgot').post(users.forgot);
-	app.route('/auth/password/:token').get(users.validateResetToken);
-	app.route('/auth/password/:token').post(users.reset);
+	app.route('/auth/reset/:token').get(users.validateResetToken);
+	app.route('/auth/reset/:token').post(users.reset);
 
 	// Setting up the users authentication api
 	app.route('/auth/signup').post(users.signup);
diff --git a/app/views/layout.server.view.html b/app/views/layout.server.view.html
index 82c435e1..f7e49c51 100755
--- a/app/views/layout.server.view.html
+++ b/app/views/layout.server.view.html
@@ -61,7 +61,7 @@
 </head>
 
 <body ng-cloak>
-	<div class="github-fork-ribbon-wrapper right-bottom hidden-xs">
+	<div class="github-fork-ribbon-wrapper right-bottom hidden-xs hidden-sm">
         <div class="github-fork-ribbon">
             <a href="https://github.com/whitef0x0/nodeforms">Fork me on GitHub</a>
         </div>
diff --git a/public/application.js b/public/application.js
index d006c152..fac86e70 100755
--- a/public/application.js
+++ b/public/application.js
@@ -36,7 +36,7 @@ angular.module(ApplicationConfiguration.applicationModuleName).run(['$rootScope'
 	        console.log('toState: '+toState.name);
 
 	        //Redirect to listForms if user is authenticated
-        	if(toState.name === 'home' || toState.name === 'signin' || toState.name === 'resendVerifyEmail' || toState.name === 'verify' || toState.name === 'signup' || toState.name === 'signup-success' || toState.name.slice(0,5) === 'reset' || toState.name === 'forgot'){
+        	if(toState.name === 'home' || toState.name === 'signin' || toState.name === 'resendVerifyEmail' || toState.name === 'verify' || toState.name === 'signup' || toState.name === 'signup-success'){
         		if(Auth.isAuthenticated()){
         			event.preventDefault(); // stop current execution
         			$state.go('listForms'); // go to listForms page
diff --git a/public/modules/core/views/home.client.view.html b/public/modules/core/views/home.client.view.html
index c35fb7b1..2c7e6406 100755
--- a/public/modules/core/views/home.client.view.html
+++ b/public/modules/core/views/home.client.view.html
@@ -4,7 +4,7 @@
 	<div class="image-background">
 	</div>
 	<div class="jumbotron text-center">
-		<div class="container" data-ng-if="!authentication.isAuthenticated()">
+		<div class="row container" data-ng-if="!authentication.isAuthenticated()">
 			<div class="row text-center logo" style="border-bottom: 1px solid rgba(255,255,255,.2); margin-bottom: 30px;">
 				<h3 class="col-xs-12" style="color: #FA787E; margin-bottom:0px">
 					<i class="fa fa-archive fa-3x"></i>
diff --git a/public/modules/users/config/users.client.routes.js b/public/modules/users/config/users.client.routes.js
index ab041033..3565ec2d 100755
--- a/public/modules/users/config/users.client.routes.js
+++ b/public/modules/users/config/users.client.routes.js
@@ -78,19 +78,19 @@ angular.module('users').config(['$stateProvider',
 		}).
 
 		state('forgot', {
-			url: '/auth/forgot',
+			url: '/password/forgot',
 			templateUrl: 'modules/users/views/password/forgot-password.client.view.html'
 		}).
 		state('reset-invalid', {
-			url: '/auth/reset/invalid',
+			url: '/password/reset/invalid',
 			templateUrl: 'modules/users/views/password/reset-password-invalid.client.view.html'
 		}).
 		state('reset-success', {
-			url: '/auth/reset/success',
+			url: '/password/reset/success',
 			templateUrl: 'modules/users/views/password/reset-password-success.client.view.html'
 		}).
 		state('reset', {
-			url: '/auth/reset/:token',
+			url: '/password/reset/:token',
 			templateUrl: 'modules/users/views/password/reset-password.client.view.html'
 		});
 	}
diff --git a/public/modules/users/controllers/password.client.controller.js b/public/modules/users/controllers/password.client.controller.js
index 83b11399..a8382270 100755
--- a/public/modules/users/controllers/password.client.controller.js
+++ b/public/modules/users/controllers/password.client.controller.js
@@ -23,7 +23,6 @@ angular.module('users').controller('PasswordController', ['$scope', '$stateParam
 			$scope.success = $scope.error = null;
 			User.resetPassword($scope.passwordDetails, $stateParams.token).then(
 				function(response){
-					console.log(response);
 					// If successful show success message and clear form
 					$scope.success = response.message;
 					$scope.passwordDetails = null;
@@ -32,7 +31,6 @@ angular.module('users').controller('PasswordController', ['$scope', '$stateParam
 					$state.go('reset-success');
 				},
 				function(error){
-					console.error(error);
 					$scope.error = error.message || error;
 					$scope.passwordDetails = null;
 				}
diff --git a/public/modules/users/services/user.client.service.js b/public/modules/users/services/user.client.service.js
index 4a700d4f..c694544a 100644
--- a/public/modules/users/services/user.client.service.js
+++ b/public/modules/users/services/user.client.service.js
@@ -81,23 +81,11 @@ angular.module('users').factory('User', ['$window', '$q', '$timeout', '$http', '
         return deferred.promise;
       },
 
-      validateResetToken: function(token) {
-
-        var deferred = $q.defer();
-        $http.get('/auth/password/'+token).success(function(response) {
-          deferred.resolve(response);
-        }).error(function(error) {
-          deferred.reject(error.message || error);
-        });
-
-        return deferred.promise;
-      },
-
       resetPassword: function(passwordDetails, token) {
 
         var deferred = $q.defer();
-        $http.post('/auth/password/'+token, passwordDetails).success(function(response) {
-          deferred.resolve(response);
+        $http.get('/auth/password/'+token, passwordDetails).success(function(response) {
+          deferred.resolve();
         }).error(function(error) {
           deferred.reject(error.message || error);
         });
diff --git a/public/modules/users/views/authentication/signin.client.view.html b/public/modules/users/views/authentication/signin.client.view.html
index e5e7f7bc..8b3b56db 100755
--- a/public/modules/users/views/authentication/signin.client.view.html
+++ b/public/modules/users/views/authentication/signin.client.view.html
@@ -26,14 +26,14 @@
 				</div>
 				<div class="form-group">
 					<label for="username">Account Email</label>
-					<input type="email" id="username" name="username" class="form-control" data-ng-model="credentials.username" placeholder="Username">
+					<input type="text" id="username" name="username" class="form-control" data-ng-model="credentials.username" placeholder="Username">
 				</div>
 				<div class="form-group">
 					<label for="password">Password</label>
 					<input type="password" id="password" name="password" class="form-control" data-ng-model="credentials.password" placeholder="Password">
 				</div>
 				<div class="forgot-password">
-					<a href="/#!/auth/forgot">Forgot your password?</a>
+					<a href="/#!/password/forgot">Forgot your password?</a>
 				</div>
 				<div class="text-center form-group">
 					<button class="btn btn-primary" ng-click="signin()">Sign in</button>&nbsp; or&nbsp;
diff --git a/public/modules/users/views/authentication/signup.client.view.html b/public/modules/users/views/authentication/signup.client.view.html
index bfea8413..538b5e13 100644
--- a/public/modules/users/views/authentication/signup.client.view.html
+++ b/public/modules/users/views/authentication/signup.client.view.html
@@ -27,11 +27,11 @@
 				</div>
 				<div class="form-group">
 					<label for="firstName">First Name</label>
-					<input type="text" required id="firstName" name="firstName" class="form-control" data-ng-model="credentials.firstName" placeholder="First Name" ng-pattern="/^[a-zA-Z0-9 \-.]$/">
+					<input type="text" required id="firstName" name="firstName" class="form-control" data-ng-model="credentials.firstName" placeholder="First Name">
 				</div>
 				<div class="form-group">
 					<label for="lastName">Last Name</label>
-					<input type="text" id="lastName" name="lastName" class="form-control" data-ng-model="credentials.lastName" placeholder="Last Name" ng-pattern="/^[a-zA-Z0-9 \-.]$/">
+					<input type="text" id="lastName" name="lastName" class="form-control" data-ng-model="credentials.lastName" placeholder="Last Name">
 				</div>
 				<hr>
 				<div class="form-group">
diff --git a/public/modules/users/views/password/reset-password-invalid.client.view.html b/public/modules/users/views/password/reset-password-invalid.client.view.html
index 946f95ec..d5fc2373 100755
--- a/public/modules/users/views/password/reset-password-invalid.client.view.html
+++ b/public/modules/users/views/password/reset-password-invalid.client.view.html
@@ -1,4 +1,4 @@
 <section class="row text-center">
 	<h3 class="col-md-12">Password reset is invalid</h3>
-	<a href="/#!/auth/forgot" class="col-md-12">Ask for a new password reset</a>
+	<a href="/#!/password/forgot" class="col-md-12">Ask for a new password reset</a>
 </section>
\ No newline at end of file