Skip to content
GitLab
Commit 3090e94f authored by Rosanny Sihombing's avatar Rosanny Sihombing
Browse files

Merge branch 'MLAB-87' into 'testing' 

Mlab 87

See merge request !81
parents 3dbef16c 51ee0abe
Pipeline #3608 passed with stage
in 12 seconds
Expand all Hide whitespace changes
Inline Side-by-side
app.js
View file @ 3090e94f
......@@ -13,14 +13,9 @@ const helmet = require('helmet');
const compression = require('compression');
const methodOverride = require('method-override');
const i18n = require('i18n'); // internationalization
i18n.configure({
locales:['de', 'en'],
directory: './locales'
});
var env = process.env.NODE_ENV || 'testing';
const config = require('./config/config')[env];
const lang = 'DE';
var app = express();
......@@ -44,9 +39,7 @@ app.use(cookieParser());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: false}));
app.use(express.static(path.join(__dirname, 'public')));
app.use(i18n.init);
app.use((req, res, next) => {
res.setLocale('de');
next();
});
......@@ -68,17 +61,18 @@ app.use(function(req, res, next) {
next();
});
require('./routes/routes-account')(app, config, passport, i18n);
require('./routes/routes-account')(app, config, passport, lang);
require('./routes/public')(app, config, lang);
// Handle 404
app.use(function (req, res) {
res.status(404).render('DE/404')
res.status(404).render(lang+'/404')
})
// Handle 500 - any server error
app.use(function (err, req, res, next) {
console.error(err.stack)
res.status(500).render('DE/500', {
res.status(500).render(lang+'/500', {
error: err
})
})
......
config/const.js 0 → 100644
View file @ 3090e94f
module.exports = {
mailSignature: 'Mit den besten Grüßen,<br/>das Transferportal-Team der HFT Stuttgart<br/><br/>' +
'Transferportal der Hochschule für Technik Stuttgart<br/>' +
'Schellingstr. 24 70174 Stuttgart<br/>' +
'm4lab@hft-stuttgart.de<br/>' +
'<a href="https://transfer.hft-stuttgart.de">https://transfer.hft-stuttgart.de</a><br/>' +
'<a href="http://www.hft-stuttgart.de/Aktuell/"><img border="0" alt="HFT" src="https://m4lab.hft-stuttgart.de/img/signature/hft_logo.png" width="30" height="30"></a> &nbsp;' +
'<a href="http://www.facebook.com/hftstuttgart"><img border="0" alt="Facebook" src="https://m4lab.hft-stuttgart.de/img/signature/fb_bw.png" width="30" height="30"></a> &nbsp;' +
'<a href="https://www.instagram.com/hft_stuttgart/"><img border="0" alt="Instagram" src="https://m4lab.hft-stuttgart.de/img/signature/instagram_bw.png" width="30" height="30"></a> &nbsp;' +
'<a href="https://twitter.com/hft_presse"><img border="0" alt="Twitter" src="https://m4lab.hft-stuttgart.de/img/signature/twitter_bw.png" width="30" height="30"></a> &nbsp;' +
'<a href="https://www.youtube.com/channel/UCi0_JfF2qMZbOhOnNH5PyHA"><img border="0" alt="Youtube" src="https://m4lab.hft-stuttgart.de/img/signature/youtube_bw.png" width="30" height="30"></a> &nbsp;' +
'<a href="http://www.hft-stuttgart.de/Aktuell/Presse-Marketing/SocialMedia/Snapcode HFT_Stuttgart.jpg/photo_view">' +
'<img border="0" alt="Snapchat" src="https://m4lab.hft-stuttgart.de/img/signature/snapchat_bw.png" width="30" height="30"></a>' +
'<br/><img border="0" src="https://m4lab.hft-stuttgart.de/img/signature/inno_bw.png" width="150" height="100">',
updatePasswordMailSubject: "Ihr Passwort für das Transferportal wurde gespeichert.",
updatePasswordMailContent: '<div>Lieber Nutzer,<br/><br/>Ihr Passwort wurde erfolgreich geändert.<br/><br/></div>'
}
\ No newline at end of file
routes/dbconn.js config/dbconn.js
View file @ 3090e94f
const mysql = require('mysql')
var env = process.env.NODE_ENV || 'testing';
const config = require('../config/config')[env]
const config = require('./config')[env]
// ==== USER ACOOUNT DB CONNECTION ====
var userConnection = mysql.createConnection({
......
routes/dbconn2.js config/dbconn2.js
View file @ 3090e94f
const mysql = require('mysql2')
var env = process.env.NODE_ENV || 'testing';
const config = require('../config/config')[env]
const config = require('./config')[env]
// ==== USER ACOOUNT DB CONNECTION ====
var userConnection = mysql.createConnection({
......
routes/mailer.js config/mailer.js
View file @ 3090e94f
const nodemailer = require('nodemailer')
var env = process.env.NODE_ENV || 'testing';
const config = require('../config/config')[env]
const config = require('./config')[env]
var smtpTransport = nodemailer.createTransport({
host: config.mailer.host,
......
database/userdb_role.sql deleted 100644 → 0
View file @ 3dbef16c
-- MySQL dump 10.13 Distrib 8.0.15, for Win64 (x86_64)
--
-- Host: localhost Database: userdb
-- ------------------------------------------------------
-- Server version 8.0.15
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
SET NAMES utf8 ;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
--
-- Table structure for table `role`
--
DROP TABLE IF EXISTS `role`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
SET character_set_client = utf8mb4 ;
CREATE TABLE `role` (
`id` int(11) NOT NULL,
`name` varchar(45) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Dumping data for table `role`
--
LOCK TABLES `role` WRITE;
/*!40000 ALTER TABLE `role` DISABLE KEYS */;
INSERT INTO `role` VALUES (1,'ADMIN'),(2,'USER'),(3,'OVERVIEW_CREATOR');
/*!40000 ALTER TABLE `role` ENABLE KEYS */;
UNLOCK TABLES;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2020-03-19 9:21:39
routes/methods.js functions/methods.js
View file @ 3090e94f
const dbconn_OBSOLETE = require('./dbconn') // DO NOT USE THIS FOR NEW FEATURE
const dbconn = require('./dbconn2')
const dbconn_OBSOLETE = require('../config/dbconn') // DO NOT USE THIS FOR NEW FUNCTIONS
const dbconn = require('../config/dbconn2')
var methods = {
// ===================== user db =====================
......@@ -65,18 +65,6 @@ var methods = {
callback(err)
})
},
getUserByEmail_OBSOLETE: function(email, callback) {
dbconn_OBSOLETE.user.query('SELECT id, verificationStatus, salutation, title, firstname, lastname, industry, organisation, speciality, m4lab_idp FROM user WHERE email = "' +email+'"', function (err, rows, fields) {
let user
if (err) { throw err }
else {
if ( rows.length > 0) {
user = rows[0]
}
}
callback(user, err)
});
},
getUserByEmail: async function(email) {
try {
let rows = await dbconn.user.promise().query('SELECT id, verificationStatus, salutation, title, firstname, lastname, industry, organisation, speciality, m4lab_idp FROM user WHERE email = "' +email+'"')
......@@ -213,18 +201,6 @@ var methods = {
})
},
/* ===== GitLab ===== */
getGitlabId_OBSOLETE: function(userId, callback){
let gitlabUserId
dbconn_OBSOLETE.user.query('SELECT gu.gitlab_userId FROM user_gitlab gu, user u WHERE u.id = "' +userId+'" and gu.user_id = u.id', function (err, rows) {
if (err) {
throw err
}
else if(rows[0]) {
gitlabUserId = rows[0].gitlab_userId
}
callback(gitlabUserId, err)
})
},
getGitlabId: async function(userId) {
try {
let rows = await dbconn.user.promise().query('SELECT gu.gitlab_userId FROM user_gitlab gu, user u WHERE u.id = "' +userId+'" and gu.user_id = u.id')
......
locales/de.json deleted 100644 → 0
View file @ 3dbef16c
{
"Hello World": "Hallo Welt",
"Hello": "Hallo"
}
\ No newline at end of file
locales/en.json deleted 100644 → 0
View file @ 3dbef16c
{
"Hello World": "Hello World",
"Hello": "Hello",
}
\ No newline at end of file
routes/public.js 0 → 100644
View file @ 3090e94f
const methods = require('../functions/methods')
const async = require('async')
const mailer = require('../config/mailer')
const constants = require('../config/const')
// pwd encryption
const crypto = require('crypto')
const bcrypt = require('bcryptjs')
const saltRounds = 10
const salt = 64
module.exports = function (app, config, lang) {
// ================== NEW USERS REGISTRATION ======================
app.get('/registration', function(req, res) {
res.render(lang+'/account/registration')
})
app.post('/registration', function(req, res) {
// user data
var curDate = new Date()
var userData = {
salutation: req.body.inputSalutation,
title: req.body.inputTitle,
firstname: req.body.inputFirstname,
lastname: req.body.inputLastname,
email: req.body.inputEmail,
organisation: req.body.inputOrganisation,
industry: req.body.inputIndustry,
speciality: req.body.inputSpeciality,
createdDate: curDate.toISOString().slice(0,10)
}
var userEmail = userData.email
var pos = userEmail.indexOf('@')
var emailLength = userEmail.length
var emailDomain = userEmail.slice(pos, emailLength);
if ( emailDomain.toLowerCase() == "@hft-stuttgart.de") {
res.flash('error', "Fehlgeschlagen: HFT-Account")
res.redirect('/account/registration')
} else {
let token
async.waterfall([
function(done) {
crypto.randomBytes(20, function(err, buf) {
token = buf.toString('hex');
done(err, token);
});
},
// encrypt password
function(token, done) {
bcrypt.genSalt(saltRounds, function(err, salt) {
bcrypt.hash(req.body.inputPassword, salt, function(err, hash) {
var newAccount = {
profile: userData,
password: hash,
verificationToken: token
}
done(err, newAccount)
});
});
},
// save data
function(newAccount, err) {
methods.registerNewUser(newAccount, function(err){
if (err) {
res.flash('error', "Fehlgeschlagen")
}
else {
// send email
var emailSubject = "Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto"
var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. <br/>' +
'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte <a href='+config.app.host+'/verifyAccount?token='+token+'>diesen Link</a> ' +
'<br/><br/>' +
'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + constants.mailSignature +
'</div>';
mailer.options.to = req.body.inputEmail;
mailer.options.subject = emailSubject;
mailer.options.html = emailContent;
mailer.transport.sendMail(mailer.options, function(err) {
if (err) {
console.log('cannot send email')
throw err
}
})
// user feedback
res.flash('success', 'Vielen Dank für Ihre Registrierung!'+'\r\n\r\n'+
'Wir haben Ihnen eine E-Mail an Ihre verwendete Adresse gesendet. Diese enthält einen Link zur Bestätigung Ihres Accounts.'+'\r\n'+
'Wenn Sie die Mail nicht in ihrem Postfach vorfinden, prüfen Sie bitte auch Ihren Spam-Ordner.')
}
res.redirect('/account/registration')
})
}
])
}
})
// =================== USERS VERIFICATION =========================
app.get("/verifyAccount", function(req, res){
methods.getUserIdByVerificationToken(req.query.token, function(userId, err){
if (userId) {
let userData = {
id: userId,
verificationStatus: 1
}
methods.verifyUserAccount(userData, function(err){
if (err) {
console.log("Error: "+err)
res.render(lang+'/account/verification', {
status: false
});
}
else {
// send welcome email after successful account verification
methods.getUserById(userId, function(data, err){
if (err) {
console.log("Error: "+err)
}
else {
// send email
var emailSubject = "Herzlich willkommen"
var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>herzlich willkommen beim Transferportal der HFT Stuttgart!<br/>' +
'Sie können nun alle Dienste des Portals nutzen.<p/><br/>' + constants.mailSignature;
mailer.options.to = data.email;
mailer.options.subject = emailSubject;
mailer.options.html = emailContent;
mailer.transport.sendMail(mailer.options, function(err) {
if (err) {
console.log('cannot send email')
throw err
}
})
}
})
res.render(lang+'/account/verification', {
status: true
});
}
})
}
else {
res.render(lang+'/account/verification', {
status: null
});
}
})
})
// ==================== FORGOT PASSWORD ===========================
app.get('/forgotPwd', function (req, res) {
res.render(lang+'/account/forgotPwd', {
user: req.user
})
})
app.post('/forgotPwd', function(req, res, next) {
let emailAddress = req.body.inputEmail
async.waterfall([
function(done) {
crypto.randomBytes(20, function(err, buf) {
var token = buf.toString('hex')
done(err, token)
})
},
function(token, done) {
methods.checkUserEmail(emailAddress, function(err, user){
if (user) {
var emailSubject = "Ihre Passwort-Anfrage an das Transferportal der HFT Stuttgart";
var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.<br/><br/>' +
'Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: '+config.app.host+'/reset/' + token + '<br/>' +
'Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.<br/></p>' + constants.mailSignature + '</div>'
var credentialData = {
user_id: user.id,
resetPasswordToken: token,
resetPasswordExpires: Date.now() + 3600000 // 1 hour
}
methods.updateCredential(credentialData, function(err) {
done(err, token, user);
})
// send email
mailer.options.to = emailAddress
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transport.sendMail(mailer.options, function(err) {
done(err, 'done')
});
}
else {
done(err, 'no user found')
}
});
}
], function(err) {
if (err) {
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.')
}
else {
res.flash('success', 'Wenn Ihre E-Mail-Adresse registriert ist, wurde eine E-Mail mit dem weiteren Vorgehen an ' + emailAddress + ' versendet.')
}
res.redirect('/account/forgotPwd')
});
})
// reset
app.get('/reset/:token', function(req, res) {
methods.getUserByToken(req.params.token, function(err, user){
if (!user) {
res.flash('error', 'Der Schlüssel zum zurücksetzen des Passworts ist ungültig oder abgelaufen.')
res.redirect('/account/forgotPwd')
} else {
res.render(lang+'/account/reset')
}
})
})
app.post('/reset/:token', function(req, res) {
var newPwd = req.body.inputNewPwd
methods.getUserByToken(req.params.token, function(err, user){
if (user) {
// encrypt password
bcrypt.genSalt(saltRounds, function(err, salt) {
bcrypt.hash(newPwd, salt, function(err, hash) {
var credentialData = {
password: hash,
user_id: user.user_id
}
// update password
methods.updateCredential(credentialData, function(err){
if (err) {
res.flash('error', "Datenbankfehler: Passwort kann nicht geändert werden.")
throw err
}
else {
res.flash('success', "Passwort aktualisiert!")
// send notifiaction email
mailer.options.to = user.email
mailer.options.subject = constants.updatePasswordMailSubject
mailer.options.html = constants.updatePasswordMailContent+'<div>'+constants.mailSignature+'</div>'
mailer.transport.sendMail(mailer.options, function(err) {
if (err) {
console.log(err)
}
});
// redirect to login page
res.redirect('/login')
}
})
});
});
}
else {
res.flash('error', "User not found.")
res.redirect('/login')
}
})
})
// ======================= CONTACT FORM ===========================
app.get('/contact', function (req, res) {
res.render(lang+'/account/contact', {
user: req.user
})
})
app.post('/contact', function(req, res, next) {
//methods.currentDate();
let emailAddress = req.body.inputEmail;
let supportAddress = "support-transfer@hft-stuttgart.de";
let inputName = req.body.name;
let inputContent = req.body.message;
let emailContent = "Es wurde eine Anfrage an das Transferportal gestellt: \n\n NAME: " + inputName + "\n NACHRICHT:\n "+ inputContent;
let emailSubject = "Ihre Anfrage an das Transferportal";
async.waterfall([
function(done) {
// send email
mailer.options.to = supportAddress;
mailer.options.cc = emailAddress;
mailer.options.subject = emailSubject;
mailer.options.text = emailContent;
mailer.transport.sendMail(mailer.options, function(err) {
done(err, 'done');
});
}
], function(err) {
if (err) {
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.');
}
else {
res.flash('success', 'Vielen Dank für Ihre Anfrage. Wir melden uns baldmöglichst bei Ihnen. Eine Kopie Ihrer Anfrage wurde an ' + emailAddress + ' versandt.');
}
res.redirect('/account/contact')
})
})
}
\ No newline at end of file
views/DE/account/contact.pug
View file @ 3090e94f
......@@ -6,10 +6,7 @@ html(lang="de")
meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
link(rel="stylesheet", type="text/css", href="/css/m4lab.css")
link(rel="stylesheet", type="text/css", href="/fonts/ionicons.min.css")
link(rel="stylesheet", type="text/css", href="/css/Contact-Form-Clean.css")
link(rel="stylesheet", type="text/css", href="/css/Testimonials.css")
link(rel="stylesheet", type="text/css", href="/css/custom/login.css")
link(rel="stylesheet", href="https://use.fontawesome.com/releases/v5.8.2/css/all.css", integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay", crossorigin="anonymous")
body
div(class="container")
......@@ -32,9 +29,9 @@ html(lang="de")
div(class="form-group")
textarea#message(class="form-control" name="message" placeholder="Nachricht" rows="14")
div(class="form-group")
input#submitBtn(class="btn contact_send_btn" type="submit" value="SENDEN")
input#submitBtn(class="btn btn-primary" type="submit" value="SENDEN")
div(class="contact-clean contact_footer")
form(method="POST")
form
p(class="m_top_25") <strong>Hochschule für Technik Stuttgart</strong><br/>Institut für Angewandte Forschung<br/>Innovative Hochschule - Projekt M4_LAB<br/>Schellingstr. 24<br/>70174 Stuttgart<br/>Deutschland<br/><br/><a href="mailto:support-transfer@hft-stuttgart.de">support-transfer@hft-stuttgart.de</a><br/><br/><a href="https://www.hft-stuttgart.de/">www.hft-stuttgart.de</a> / <a href="https://www.hft-stuttgart.de/M4LAB">www.hft-stuttgart.de/M4LAB</a><br/>
div(class="background_8a348b")
div(class="container")
......
views/DE/account/security.pug
View file @ 3090e94f
......@@ -20,7 +20,7 @@ html(lang="de")
ul(class="flex-md-column flex-row navbar-nav w-100 justify-content-between")
li(class="nav-item")
a(class="nav-link pl-0 text-nowrap" href="/account/")
span(class="font-weight-bold color_black") #{user.firstname} #{user.lastname}
span(class="font-weight-bold color_black") #{user.firstName} #{user.lastName}
li(class="nav-item")
a(class="nav-link pl-0" href="/account/profile")
i(class="fa fa-user fa-fw")
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Dies ist die Gitlab-Instanz des Transferportals der Hochschule für Technik Stuttgart. Hier geht es zurück zum Portal