Skip to content

GitLab

Commit 36450a27 authored by Rosanny Sihombing's avatar Rosanny Sihombing
Browse files

migrating to TypeScript

parent 0cd83c72
Expand all Hide whitespace changes
Inline Side-by-side
app.js app.ts
View file @ 36450a27
const express = require('express'); import express from 'express';
const http = require('http'); import path from 'path';
const path = require('path'); import passport from 'passport';
const passport = require('passport'); import morgan from 'morgan';
const morgan = require('morgan'); import cookieParser from 'cookie-parser';
const cookieParser = require('cookie-parser'); import bodyParser from 'body-parser';
const bodyParser = require('body-parser'); import session from 'express-session';
const session = require('express-session'); import flash from 'express-flash-2';
const errorhandler = require('errorhandler'); import fileUpload from 'express-fileupload';
const flash = require('express-flash-2'); import helmet from 'helmet';
const fileUpload = require('express-fileupload'); import compression from 'compression';
const helmet = require('helmet'); import methodOverride from 'method-override';
const compression = require('compression'); import dotenv from 'dotenv'
const methodOverride = require('method-override');
dotenv.config();
var env = process.env.NODE_ENV || 'testing'; var env = process.env.NODE_ENV || 'testing';
const config = require('./config/config')[env]; const config = require('./config/config')[env];
const lang = 'DE'; const lang = 'DE';
var app = express(); var app = express();
app.set('port', config.app.port); app.set('port', config.app.port);
app.set('views', __dirname + '/views'); app.set('views', path.join( __dirname + '/views'));
app.set('view engine', 'pug'); app.set('view engine', 'pug');
// enable files upload // enable files upload
...@@ -30,12 +30,25 @@ app.use(fileUpload({ ...@@ -30,12 +30,25 @@ app.use(fileUpload({
fileSize: 1000000 // 1 MB max. file size fileSize: 1000000 // 1 MB max. file size
} }
})); }));
app.use(methodOverride('_method')); app.use(methodOverride('_method'));
app.use(helmet()); app.use(
helmet.contentSecurityPolicy({
useDefaults: true,
directives: {
"font-src": ["'self'", "https://use.fontawesome.com"],
"img-src": ["'self'", "https://transfer.hft-stuttgart.de"],
"script-src": ["'self'", "https://code.jquery.com/jquery-3.3.1.min.js", "https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js",
"https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js", "https://unpkg.com/bootstrap-show-password@1.2.1/dist/bootstrap-show-password.min.js"],
"style-src": ["'self'", "https://use.fontawesome.com/releases/v5.8.2/css/all.css"],
"frame-src": ["'self'"]
},
reportOnly: true,
})
);
app.use(compression()); app.use(compression());
app.use(morgan('combined')); app.use(morgan('combined'));
app.use(cookieParser()); app.use(cookieParser(config.app.sessionSecret));
app.use(bodyParser.json()); app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: false})); app.use(bodyParser.urlencoded({extended: false}));
app.use(express.static(path.join(__dirname, 'public'))); app.use(express.static(path.join(__dirname, 'public')));
...@@ -43,13 +56,11 @@ app.use((req, res, next) => { ...@@ -43,13 +56,11 @@ app.use((req, res, next) => {
next(); next();
}); });
app.use(session( app.use(session({
{ resave: true,
resave: true, saveUninitialized: true,
saveUninitialized: true, secret: config.app.sessionSecret
secret: config.app.sessionSecret }));
}
));
app.use(flash()); app.use(flash());
app.use(passport.initialize()); app.use(passport.initialize());
app.use(passport.session()); app.use(passport.session());
...@@ -61,16 +72,16 @@ app.use(function(req, res, next) { ...@@ -61,16 +72,16 @@ app.use(function(req, res, next) {
next(); next();
}); });
require('./routes/account')(app, config, passport, lang);
require('./routes/public')(app, config, lang); require('./routes/public')(app, config, lang);
require('./routes/account')(app, config, passport, lang);
// Handle 404 // Handle 404
app.use(function (req, res) { app.use(function (req:any, res:any) {
res.status(404).render(lang+'/404') res.status(404).render(lang+'/404')
}) })
// Handle 500 - any server error // Handle 500 - any server error
app.use(function (err, req, res, next) { app.use(function (err:any, req:any, res:any, next:any) {
console.error(err.stack) console.error(err.stack)
res.status(500).render(lang+'/500', { res.status(500).render(lang+'/500', {
error: err error: err
......
classes/project.js classes/project.ts
View file @ 36450a27
class Project { class Project {
constructor(ownerGitlabId, id, name, desc, logo, path) { ownerGitlabId:number
name:string
desc:string
id?:number
logo?:string
path?:string
constructor(ownerGitlabId:number, name:string, desc:string, id?:number, logo?:string, path?:string) {
this.ownerGitlabId = ownerGitlabId this.ownerGitlabId = ownerGitlabId
this.id = id
this.name = name this.name = name
this.desc = desc this.desc = desc
this.id = id
this.logo = logo this.logo = logo
this.path = path this.path = path
} }
...@@ -28,24 +35,24 @@ class Project { ...@@ -28,24 +35,24 @@ class Project {
return this.path return this.path
} }
// setter // setter
setOwnerGitlabId(newOwnerGitlabId){ setOwnerGitlabId(newOwnerGitlabId:number){
this.ownerGitlabId = newOwnerGitlabId this.ownerGitlabId = newOwnerGitlabId
} }
setId(newId) { setId(newId:number) {
this.id = newId this.id = newId
} }
setName(newName) { setName(newName:string) {
this.name = newName this.name = newName
} }
setDesc(newDesc) { setDesc(newDesc:string) {
this.desc = newDesc this.desc = newDesc
} }
setLogo(newLogoUrl) { setLogo(newLogoUrl:string) {
this.logo = newLogoUrl this.logo = newLogoUrl
} }
setPath(newPath) { setPath(newPath:string) {
this.path = newPath this.path = newPath
} }
} }
module.exports = Project export = Project
\ No newline at end of file \ No newline at end of file
classes/repo.js deleted 100644 → 0
View file @ 0cd83c72
const Project = require("./project");
class Repo extends Project {
constructor(ownerGitlabId, id, name, desc, logo, path) {
super(ownerGitlabId, id, name, desc, logo, path)
}
}
module.exports = Repo
\ No newline at end of file
classes/repo.ts 0 → 100644
View file @ 36450a27
import Project from "./project"
class Repo extends Project {
constructor(ownerGitlabId:number, name:string, desc:string, id?:number, logo?:string, path?:string) {
super(ownerGitlabId, name, desc, id, logo, path)
}
}
export = Repo
\ No newline at end of file
classes/user.js classes/user.ts
View file @ 36450a27
class User { class User {
constructor(id, email, salutation, title, firstName, lastName, industry, organisation, speciality, is_m4lab_idp, gitlabUserId, verificationStatus) { id:number
this.id = id email:string
this.email = email salutation:string // should be enum
this.salutation = salutation title:string // should be enum
this.title = title firstName:string
this.firstName = firstName lastName:string
this.lastName = lastName industry:string
this.industry = industry organisation:string
this.organisation = organisation speciality:string
this.speciality = speciality is_m4lab_idp:number // 1 or 0
this.is_m4lab_idp = is_m4lab_idp // 1 or 0 verificationStatus:number // 1 or 0 - // should be boolean
this.gitlabUserId = gitlabUserId gitlabUserId?:number
this.verificationStatus = verificationStatus
constructor(id:number, email:string, salutation:string, title:string, firstName:string, lastName:string, industry:string, organisation:string,
speciality:string, is_m4lab_idp:number, verificationStatus:number, gitlabUserId?:number) {
this.id = id
this.email = email
this.salutation = salutation
this.title = title
this.firstName = firstName
this.lastName = lastName
this.industry = industry
this.organisation = organisation
this.speciality = speciality
this.is_m4lab_idp = is_m4lab_idp
this.verificationStatus = verificationStatus
this.gitlabUserId = gitlabUserId
} }
// getter // getter
...@@ -27,48 +41,48 @@ class User { ...@@ -27,48 +41,48 @@ class User {
getIdpStatus() { getIdpStatus() {
return this.is_m4lab_idp return this.is_m4lab_idp
} }
getGitlabUserId() {
return this.gitlabUserId
}
getVerificationStatus() { getVerificationStatus() {
return this.verificationStatus return this.verificationStatus
} }
getGitlabUserId() {
return this.gitlabUserId
}
// setter // setter
setEmail(email) { setEmail(email:string) {
this.email = email this.email = email
} }
setSalutation(salutation) { setSalutation(salutation:string) {
this.salutation = salutation this.salutation = salutation
} }
setTitle(title) { setTitle(title:string) {
this.title = title this.title = title
} }
setFirstName(firstName) { setFirstName(firstName:string) {
this.firstName = firstName this.firstName = firstName
} }
setLastName(lastName) { setLastName(lastName:string) {
this.lastName = lastName this.lastName = lastName
} }
setIndustry(industry) { setIndustry(industry:string) {
this.industry = industry this.industry = industry
} }
setOrganisation(organisation) { setOrganisation(organisation:string) {
this.organisation = organisation this.organisation = organisation
} }
setSpeciality(speciality) { setSpeciality(speciality:string) {
this.speciality = speciality this.speciality = speciality
} }
setM4lab_idp(m4lab_idp) { setM4lab_idp(m4lab_idp:number) {
this.m4lab_idp = m4lab_idp this.is_m4lab_idp = m4lab_idp
}
setGitlabUserId(newGitlabUserId) {
this.gitlabUserId = newGitlabUserId
} }
setVerificationStatus(verificationStatus) { setVerificationStatus(verificationStatus:number) {
this.verificationStatus = verificationStatus this.verificationStatus = verificationStatus
} }
setGitlabUserId(newGitlabUserId:number) {
this.gitlabUserId = newGitlabUserId
}
updateProfile(newSalutation, newTitle, newFirstname, newLastname, newEmail, newOrganisation, newIndustry, newSpeciality) { updateProfile(newSalutation:string, newTitle:string, newFirstname:string, newLastname:string, newEmail:string, newOrganisation:string, newIndustry:string, newSpeciality:string) {
this.salutation = newSalutation this.salutation = newSalutation
this.title = newTitle this.title = newTitle
this.firstName = newFirstname this.firstName = newFirstname
...@@ -80,4 +94,4 @@ class User { ...@@ -80,4 +94,4 @@ class User {
} }
} }
module.exports = User export = User
\ No newline at end of file \ No newline at end of file
classes/website.js deleted 100644 → 0
View file @ 0cd83c72
const Project = require("./project");
class Website extends Project {
constructor(ownerGitlabId, id, name, desc, logo, path) {
super(ownerGitlabId, id, name, desc, logo, path)
}
}
module.exports = Website
\ No newline at end of file
classes/website.ts 0 → 100644
View file @ 36450a27
import Project from "./project"
class Website extends Project {
constructor(ownerGitlabId:number, name:string, desc:string, id?:number, logo?:string, path?:string) {
super(ownerGitlabId, name, desc, id, logo, path)
}
}
export = Website
\ No newline at end of file
config/config.js config/config.ts
View file @ 36450a27
module.exports = { export = {
development: { development: {
app: { app: {
name: 'User Account Management', name: 'User Account Management',
...@@ -28,7 +28,7 @@ module.exports = { ...@@ -28,7 +28,7 @@ module.exports = {
host: 'mailhost', // hostname host: 'mailhost', // hostname
secureConnection: false, // TLS requires secureConnection to be false secureConnection: false, // TLS requires secureConnection to be false
port: 587, // port for secure SMTP port: 587, // port for secure SMTP
TLS: true, // sets requireTLS TLS: true,
authUser: 'mailuser', authUser: 'mailuser',
authPass: 'mailpass', authPass: 'mailpass',
tlsCiphers: 'SSLv3', tlsCiphers: 'SSLv3',
...@@ -67,7 +67,7 @@ module.exports = { ...@@ -67,7 +67,7 @@ module.exports = {
host: 'mailhost', // hostname host: 'mailhost', // hostname
secureConnection: false, // TLS requires secureConnection to be false secureConnection: false, // TLS requires secureConnection to be false
port: 587, // port for secure SMTP port: 587, // port for secure SMTP
TLS: true, // sets requireTLS TLS: true,
authUser: 'mailuser', authUser: 'mailuser',
authPass: 'mailpass', authPass: 'mailpass',
tlsCiphers: 'SSLv3', tlsCiphers: 'SSLv3',
...@@ -77,4 +77,4 @@ module.exports = { ...@@ -77,4 +77,4 @@ module.exports = {
token_readWriteProjects: 'token-goes-here' token_readWriteProjects: 'token-goes-here'
} }
} }
} }
\ No newline at end of file
config/const.js config/const.ts
View file @ 36450a27
module.exports = { export = {
mailSignature: 'Mit den besten Grüßen,<br/>das Transferportal-Team der HFT Stuttgart<br/><br/>' + mailSignature: 'Mit den besten Grüßen,<br/>das Transferportal-Team der HFT Stuttgart<br/><br/>' +
'Transferportal der Hochschule für Technik Stuttgart<br/>' + 'Transferportal der Hochschule für Technik Stuttgart<br/>' +
......
config/dbconn.js config/dbconn.ts
View file @ 36450a27
const mysql = require('mysql') import mysql from 'mysql'
var env = process.env.NODE_ENV || 'testing'; var env = process.env.NODE_ENV || 'testing'
const config = require('./config')[env] const config = require('./config')[env]
// ==== USER ACOOUNT DB CONNECTION ==== // ==== USER ACOOUNT DB CONNECTION ====
...@@ -14,7 +14,7 @@ var userConnection = mysql.createConnection({ ...@@ -14,7 +14,7 @@ var userConnection = mysql.createConnection({
}) })
userConnection.connect(function(err) { userConnection.connect(function(err) {
if (err) throw err; if (err) throw err
}) })
userConnection.query('USE '+config.database.dbUser) userConnection.query('USE '+config.database.dbUser)
...@@ -52,7 +52,7 @@ var projectConnection = mysql.createConnection({ ...@@ -52,7 +52,7 @@ var projectConnection = mysql.createConnection({
}) })
projectConnection.connect(function(err) { projectConnection.connect(function(err) {
if (err) throw err; if (err) throw err
}) })
projectConnection.query('USE '+config.database.dbProject) projectConnection.query('USE '+config.database.dbProject)
...@@ -61,4 +61,4 @@ var connection = { ...@@ -61,4 +61,4 @@ var connection = {
project: projectConnection project: projectConnection
} }
module.exports = connection export = connection
\ No newline at end of file \ No newline at end of file
config/dbconn2.js config/dbconn2.ts
View file @ 36450a27
const mysql = require('mysql2') import mysql from 'mysql2'
var env = process.env.NODE_ENV || 'testing'; var env = process.env.NODE_ENV || 'testing'
const config = require('./config')[env] const config = require('./config')[env]
// ==== USER ACOOUNT DB CONNECTION ==== // ==== USER ACOOUNT DB CONNECTION ====
...@@ -14,7 +14,7 @@ var userConnection = mysql.createConnection({ ...@@ -14,7 +14,7 @@ var userConnection = mysql.createConnection({
}) })
userConnection.connect(function(err) { userConnection.connect(function(err) {
if (err) throw err; if (err) throw err
}) })
userConnection.query('USE '+config.database.dbUser) userConnection.query('USE '+config.database.dbUser)
...@@ -52,7 +52,7 @@ var projectConnection = mysql.createConnection({ ...@@ -52,7 +52,7 @@ var projectConnection = mysql.createConnection({
}) })
projectConnection.connect(function(err) { projectConnection.connect(function(err) {
if (err) throw err; if (err) throw err
}) })
projectConnection.query('USE '+config.database.dbProject) projectConnection.query('USE '+config.database.dbProject)
...@@ -61,4 +61,4 @@ var connection = { ...@@ -61,4 +61,4 @@ var connection = {
project: projectConnection project: projectConnection
} }
module.exports = connection export = connection
\ No newline at end of file \ No newline at end of file
config/mailer.js deleted 100644 → 0
View file @ 0cd83c72
const nodemailer = require('nodemailer');
const nodemailerNTLMAuth = require('nodemailer-ntlm-auth');
var env = process.env.NODE_ENV || 'testing';
const config = require('./config')[env]
var smtpTransport = nodemailer.createTransport({
host: config.mailer.host,
secure: config.mailer.secureConnection,
port: config.mailer.port,
requireTLS: config.mailer.TLS,
auth: {
type: 'custom',
method: 'NTLM',
user: config.mailer.authUser,
pass: config.mailer.authPass,
options: {
domain: 'ad'
}
},
customAuth:{
NTLM: nodemailerNTLMAuth
}
});
var mailOptions = {
to: "",
from: config.mailer.from,
subject: "",
text: ""
};
var mailer = {
transport: smtpTransport,
options: mailOptions
}
module.exports = mailer
config/mailer.ts 0 → 100644
View file @ 36450a27
const nodemailer = require('nodemailer')
const nodemailerNTLMAuth = require('nodemailer-ntlm-auth')
var env = process.env.NODE_ENV || 'testing'
const config = require('./config')[env]
var smtpTransporter = nodemailer.createTransport({
host: config.mailer.host,
secure: config.mailer.secureConnection,
port: config.mailer.port,
requireTLS: config.mailer.TLS,
auth: {
type: 'custom',
method: 'NTLM',
user: config.mailer.authUser,
pass: config.mailer.authPass,
options: {
domain: 'ad'
}
},
customAuth:{
NTLM: nodemailerNTLMAuth
}
});
var mailOptions:any = {
to: "",
cc: "",
from: config.mailer.from,
subject: "",
text: "",
html: ""
}
var mailer:any = {
transporter: smtpTransporter,
options: mailOptions
}
export = mailer
\ No newline at end of file
functions/gitlab.js functions/gitlab.ts
View file @ 36450a27
import axios from 'axios'
import fs from 'fs'
import formData from 'form-data'
var env = process.env.NODE_ENV || 'testing' var env = process.env.NODE_ENV || 'testing'
const config = require('../config/config')[env] const config = require('../config/config')[env]
const axios = require('axios')
const fs = require('fs')
var formData = require('form-data')
var gitlab = { var gitlab = {
// todo: GraphQL currentUser getUserByEmail: async function(email:string) {
getUserByEmail: async function(email) {
return axios({ return axios({
method: 'get', method: 'get',
url: 'https://transfer.hft-stuttgart.de/gitlab/api/v4/users?search='+email, url: 'https://transfer.hft-stuttgart.de/gitlab/api/v4/users?search='+email,
...@@ -15,9 +14,12 @@ var gitlab = { ...@@ -15,9 +14,12 @@ var gitlab = {
'Authorization': 'Bearer '+config.gitlab.token_readWriteProjects} 'Authorization': 'Bearer '+config.gitlab.token_readWriteProjects}
}) })
.then(res => res.data[0]) .then(res => res.data[0])
.catch(err => console.error(err)) .catch(function(err){
console.error(err)
return null
})
}, },
createNewPages: async function(newPagesData, newLogoFile, template) { createNewPages: async function(newPagesData:any, newLogoFile:string, template:any) {
let data = new formData() let data = new formData()
data.append('avatar', fs.createReadStream(newLogoFile)) data.append('avatar', fs.createReadStream(newLogoFile))
...@@ -32,16 +34,15 @@ var gitlab = { ...@@ -32,16 +34,15 @@ var gitlab = {
}, },
data: data data: data
}) })
.then(res => res = { .then(res => res.data)
error: false, .catch(function(err) {
data: res.data console.error("ERR Status: "+err.response.status)
}) console.error("ERR Name: "+err.response.data.message.name)
.catch(err => res = { console.error("ERR Path: "+err.response.data.message.path)
error: true, return err.response
data: err.response.data
}) })
}, },
updateProject: async function(updatedProjectData, newLogoFile){ updateProject: async function(updatedProjectData:any, newLogoFile:string){
let data = new formData() let data = new formData()
if (newLogoFile) { if (newLogoFile) {
data.append('avatar', fs.createReadStream(newLogoFile)) data.append('avatar', fs.createReadStream(newLogoFile))
...@@ -57,16 +58,16 @@ var gitlab = { ...@@ -57,16 +58,16 @@ var gitlab = {
}, },
data : data data : data
}) })
.then(res => res = { //.then(res => res.data[0])
error: false, .then(res => res.data)
data: res.data .catch(function(err){
}) console.error("ERR Status: "+err.response.status)
.catch(err => res = { console.error("ERR Name: "+err.response.data.message.name)
error: true, console.error("ERR Path: "+err.response.data.message.path)
data: err.response.data return err.response
}) })
}, },
deleteProjectById: function(projectId){ deleteProjectById: function(projectId:number){
// https://docs.gitlab.com/ee/api/projects.html#delete-project // https://docs.gitlab.com/ee/api/projects.html#delete-project
return axios({ return axios({
method: 'delete', method: 'delete',
...@@ -75,16 +76,15 @@ var gitlab = { ...@@ -75,16 +76,15 @@ var gitlab = {
'Authorization': 'Bearer '+config.gitlab.token_readWriteProjects 'Authorization': 'Bearer '+config.gitlab.token_readWriteProjects
} }
}) })
.then(res => res = { .then(res => true)
error: false, .catch(function(err) {
data: res.data console.error("ERR Status: "+err.response.status)
}) console.error("ERR Name: "+err.response.data.message.name)
.catch(err => res = { console.error("ERR Path: "+err.response.data.message.path)
error: true, return false
data: err.response.data
}) })
}, },
getUserProjects: async function(gitlabUserId) { getUserProjects: async function(gitlabUserId:number) {
return axios({ return axios({
method: 'get', method: 'get',
url: 'https://transfer.hft-stuttgart.de/gitlab/api/v4/users/'+gitlabUserId+'/projects?owned=true&visibility=public', url: 'https://transfer.hft-stuttgart.de/gitlab/api/v4/users/'+gitlabUserId+'/projects?owned=true&visibility=public',
...@@ -93,9 +93,12 @@ var gitlab = { ...@@ -93,9 +93,12 @@ var gitlab = {
} }
}) })
.then(res => res.data) .then(res => res.data)
.catch(err => console.error(err)) .catch(function(err) {
console.error(err)
return null
})
}, },
getProjectById: async function(projectId) { getProjectById: async function(projectId:number) {
return axios({ return axios({
method: 'get', method: 'get',
url: 'https://transfer.hft-stuttgart.de/gitlab/api/v4/projects/'+projectId, url: 'https://transfer.hft-stuttgart.de/gitlab/api/v4/projects/'+projectId,
...@@ -104,45 +107,22 @@ var gitlab = { ...@@ -104,45 +107,22 @@ var gitlab = {
} }
}) })
.then(res => res.data) .then(res => res.data)
.catch(err => console.error(err.response.status)) .catch(function(err) {
console.error(err)
return null
})
}, },
getProjectPipelineLatestStatus: async function(projectId) { getProjectPipelineLatestStatus: async function(projectId:number) {
return axios({ return axios({
method: 'get', method: 'get',
url: 'https://transfer.hft-stuttgart.de/gitlab/api/v4/projects/'+projectId+'/pipelines' url: 'https://transfer.hft-stuttgart.de/gitlab/api/v4/projects/'+projectId+'/pipelines'
}) })
.then(res => res.data[0].status) .then(res => res.data[0].status)
.catch(err => console.error(err)) .catch(function(err) {
}, console.error(err)
// return null
// test GraphQL })
getGraphqlTest: function(callback) {
axios({
url: 'https://gitlab.com/api/graphql',
method: 'get',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer '+config.gitlab.token_readWriteProjects
},
data: {
query: `{
currentUser {
id
username
}
}`
/* query: `{
projects {
nodes {
id
}
}
}` */
}
}).then((result) => {
console.log(JSON.stringify(result.data))
});
} }
} }
module.exports = gitlab export = gitlab
\ No newline at end of file \ No newline at end of file
functions/helpers.js functions/helpers.ts
View file @ 36450a27
var helpers = { var helpers = {
stringToArray: function (input){ stringToArray: function (input:string){
if(input != null){ if(input != null){
return input.split(','); return input.split(',');
}else{ }else{
...@@ -8,4 +8,4 @@ var helpers = { ...@@ -8,4 +8,4 @@ var helpers = {
} }
}; };
module.exports = helpers; export = helpers;
\ No newline at end of file \ No newline at end of file
functions/methods.js functions/methods.ts
View file @ 36450a27
const dbconn_OBSOLETE = require('../config/dbconn') // DO NOT USE THIS FOR NEW FUNCTIONS import dbconn_OBSOLETE = require('../config/dbconn') // DO NOT USE THIS FOR NEW FUNCTIONS
const dbconn = require('../config/dbconn2') import dbconn = require('../config/dbconn2')
var methods = { var methods = {
// ===================== user db ===================== // ===================== user db =====================
registerNewUser: function(data, callback) { registerNewUser: function(data:any, callback:any) {
dbconn_OBSOLETE.user.beginTransaction(function(err) { // START TRANSACTION dbconn_OBSOLETE.user.beginTransaction(function(err:any) { // START TRANSACTION
if (err) { if (err) { throw err }
throw err
}
// insert profile // insert profile
dbconn_OBSOLETE.user.query('INSERT INTO user SET ?', data.profile, function (err, results, fields) { dbconn_OBSOLETE.user.query('INSERT INTO user SET ?', data.profile, function (err:any, results:any, fields:any) {
if (err) { if (err) {
return dbconn_OBSOLETE.user.rollback(function() { return dbconn_OBSOLETE.user.rollback(function() {
throw err throw err
}); });
} }
var newUserId = results.insertId let newUserId:number = results.insertId
// set password // set password
var credentialData = { var credentialData:any = {
user_id: newUserId, user_id: newUserId,
password: data.password password: data.password
} }
dbconn_OBSOLETE.user.query('INSERT INTO credential SET ?', credentialData, function (err, results, fields) { dbconn_OBSOLETE.user.query('INSERT INTO credential SET ?', credentialData, function (err:any, results:any, fields:any) {
if (err) { if (err) {
return dbconn_OBSOLETE.user.rollback(function() { return dbconn_OBSOLETE.user.rollback(function() {
throw err throw err
}); });
} }
// set default user-project-role // set default user-project-role
var projectRoleData = { var projectRoleData:any = {
project_id: 1, //M4_LAB project_id: 1, //M4_LAB
role_id: 2, // USER role_id: 2, // USER
user_id: newUserId user_id: newUserId
} }
dbconn_OBSOLETE.user.query('INSERT INTO user_project_role SET ?', projectRoleData, function (err, results, fields) { dbconn_OBSOLETE.user.query('INSERT INTO user_project_role SET ?', projectRoleData, function (err:any, results:any, fields:any) {
if (err) { if (err) {
return dbconn_OBSOLETE.user.rollback(function() { return dbconn_OBSOLETE.user.rollback(function() {
throw err throw err
}); });
} }
// MLAB-129: INSERT verification token // MLAB-129: INSERT verification token
let verificationData = { let verificationData:any = {
user_id: newUserId, user_id: newUserId,
token: data.verificationToken token: data.verificationToken
} }
dbconn_OBSOLETE.user.query('INSERT INTO verification SET ?', verificationData, function (err, results, fields) { dbconn_OBSOLETE.user.query('INSERT INTO verification SET ?', verificationData, function (err:any, results:any, fields:any) {
if (err) { if (err) {
return dbconn_OBSOLETE.user.rollback(function() { return dbconn_OBSOLETE.user.rollback(function() {
throw err throw err
}); });
} }
// COMMIT // COMMIT
dbconn_OBSOLETE.user.commit(function(err) { dbconn_OBSOLETE.user.commit(function(err:any) {
if (err) { if (err) {
return dbconn_OBSOLETE.user.rollback(function() { return dbconn_OBSOLETE.user.rollback(function() {
throw err throw err
...@@ -65,9 +63,9 @@ var methods = { ...@@ -65,9 +63,9 @@ var methods = {
callback(err) callback(err)
}) })
}, },
getUserByEmail: async function(email) { getUserByEmail: async function(email:any) {
try { try {
let rows = await dbconn.user.promise().query('SELECT id, verificationStatus, salutation, title, firstname, lastname, industry, organisation, speciality, m4lab_idp FROM user WHERE email = "' +email+'"') let rows:any = await dbconn.user.promise().query('SELECT id, verificationStatus, salutation, title, firstname, lastname, industry, organisation, speciality, m4lab_idp FROM user WHERE email = "' +email+'"')
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0] return rows[0][0]
} }
...@@ -77,9 +75,9 @@ var methods = { ...@@ -77,9 +75,9 @@ var methods = {
} }
return null return null
}, },
getUserEmailById: async function(userId) { getUserEmailById: async function(userId:number) {
try { try {
let rows = await dbconn.user.promise().query('SELECT email FROM user WHERE id = ' +userId) let rows:any = await dbconn.user.promise().query('SELECT email FROM user WHERE id = ' +userId)
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0].email return rows[0][0].email
} }
...@@ -89,9 +87,9 @@ var methods = { ...@@ -89,9 +87,9 @@ var methods = {
} }
return null return null
}, },
checkUserEmail: async function(email) { checkUserEmail: async function(email:any) {
try { try {
let rows = await dbconn.user.promise().query('SELECT id, email FROM user WHERE email = "' +email+'"') let rows:any = await dbconn.user.promise().query('SELECT id, email FROM user WHERE email = "' +email+'"')
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0] return rows[0][0]
} }
...@@ -101,9 +99,9 @@ var methods = { ...@@ -101,9 +99,9 @@ var methods = {
} }
return null return null
}, },
getUserByToken: async function(token) { getUserByToken: async function(token:any) {
try { try {
let rows = await dbconn.user.promise().query('SELECT t1.user_id, t2.email FROM userdb.credential AS t1 INNER JOIN userdb.user AS t2 ON t1.user_id = t2.id AND t1.resetPasswordToken = "' let rows:any = await dbconn.user.promise().query('SELECT t1.user_id, t2.email FROM userdb.credential AS t1 INNER JOIN userdb.user AS t2 ON t1.user_id = t2.id AND t1.resetPasswordToken = "'
+token+'" and resetPasswordExpires > '+Date.now()) +token+'" and resetPasswordExpires > '+Date.now())
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0] return rows[0][0]
...@@ -114,47 +112,38 @@ var methods = { ...@@ -114,47 +112,38 @@ var methods = {
} }
return null return null
}, },
updateUserById: function(userData, callback) { updateUserById: async function(userId:number, userData:any) {
dbconn_OBSOLETE.user.query('UPDATE user SET ? WHERE id = ' +userData.id, userData, function (err, rows, fields) { try {
if (err) throw err let result:any = await dbconn.user.promise().query('UPDATE user SET ? WHERE id = ' +userId, userData)
callback(err) return result
}) } catch (err) {
}, console.error(err)
updateCredential: function(data, callback) { }
dbconn_OBSOLETE.user.query('UPDATE credential SET ? WHERE user_id = ' +data.user_id, data, function (err, rows, fields) { return null
if (err) throw err
callback(err)
})
}, },
getUserIdByEmail_OBSOLETE: function(email, callback) { updateCredential: async function(data:any) {
let userId try {
dbconn_OBSOLETE.user.query('SELECT id FROM user WHERE email = "' +email+'"', function (err, rows, fields) { let result:any = await dbconn.user.promise().query('UPDATE credential SET ? WHERE user_id = ' +data.user_id, data)
if (err) { return result
throw err } catch (err) {
} console.error(err)
else { }
if ( rows.length > 0) { return null
userId = rows[0].id
}
}
callback(userId, err)
});
}, },
getUserProjectRole_OBSOLETE: function(userId, callback) { addUserProjectRole_OBSOLETE: function(data:any, callback:any) {
dbconn_OBSOLETE.user.query('SELECT project_id, role_id FROM user_project_role WHERE user_id = "' +userId+'"', function (err, rows, fields) { /*
dbconn_OBSOLETE.user.query('INSERT INTO user_project_role SET ?', data, function (err:any, results:any, fields:any){
if (err) throw err if (err) throw err
callback(rows, err) callback(err)
}); }) */
}, dbconn.user.query('INSERT INTO user_project_role SET ?', data, function (err:any){
addUserProjectRole: function(data, callback) {
dbconn_OBSOLETE.user.query('INSERT INTO user_project_role SET ?', data, function (err, results, fields){
if (err) throw err if (err) throw err
callback(err) callback(err)
}) })
}, },
getVerificationTokenByUserId: async function(userId) { getVerificationTokenByUserId: async function(userId:number) {
try { try {
let rows = await dbconn.user.promise().query('SELECT token FROM verification WHERE user_id = "' +userId+'"') let rows:any = await dbconn.user.promise().query('SELECT token FROM verification WHERE user_id = "' +userId+'"')
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0].token return rows[0][0].token
} }
...@@ -164,9 +153,9 @@ var methods = { ...@@ -164,9 +153,9 @@ var methods = {
} }
return null return null
}, },
getUserIdByVerificationToken: async function(token) { getUserIdByVerificationToken: async function(token:any) {
try { try {
let rows = await dbconn.user.promise().query('SELECT user_id FROM verification WHERE token = "' +token+'"') let rows:any = await dbconn.user.promise().query('SELECT user_id FROM verification WHERE token = "' +token+'"')
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0].user_id return rows[0][0].user_id
} }
...@@ -178,21 +167,21 @@ var methods = { ...@@ -178,21 +167,21 @@ var methods = {
} }
return null return null
}, },
verifyUserAccount: function(userData, callback) { verifyUserAccount: function(userData:any, callback:any) {
dbconn_OBSOLETE.user.beginTransaction(function(err) { // START TRANSACTION dbconn_OBSOLETE.user.beginTransaction(function(err:any) { // START TRANSACTION
if (err) { throw err } if (err) { throw err }
// update user status // update user status
dbconn_OBSOLETE.user.query('UPDATE user SET ? WHERE id =' +userData.id, userData, function (err, rows, fields) { dbconn_OBSOLETE.user.query('UPDATE user SET ? WHERE id =' +userData.id, userData, function (err:any, rows:any, fields:any) {
if (err) { if (err) {
return dbconn_OBSOLETE.user.rollback(function() { throw err }) return dbconn_OBSOLETE.user.rollback(function() { throw err })
} }
// delete verification token // delete verification token
dbconn_OBSOLETE.user.query('DELETE FROM verification WHERE user_id = '+userData.id, function (err, rows, fields) { dbconn_OBSOLETE.user.query('DELETE FROM verification WHERE user_id = '+userData.id, function (err:any, rows:any, fields:any) {
if (err) { if (err) {
return dbconn_OBSOLETE.user.rollback(function() { throw err }) return dbconn_OBSOLETE.user.rollback(function() { throw err })
} }
// COMMIT // COMMIT
dbconn_OBSOLETE.user.commit(function(err) { dbconn_OBSOLETE.user.commit(function(err:any) {
if (err) { if (err) {
return dbconn_OBSOLETE.user.rollback(function() { throw err }) return dbconn_OBSOLETE.user.rollback(function() { throw err })
} }
...@@ -203,9 +192,9 @@ var methods = { ...@@ -203,9 +192,9 @@ var methods = {
}) })
}, },
/* ===== GitLab ===== */ /* ===== GitLab ===== */
getGitlabId: async function(userId) { getGitlabId: async function(userId:number) {
try { try {
let rows = await dbconn.user.promise().query('SELECT gu.gitlab_userId FROM user_gitlab gu, user u WHERE u.id = "' +userId+'" and gu.user_id = u.id') let rows:any = await dbconn.user.promise().query('SELECT gu.gitlab_userId FROM user_gitlab gu, user u WHERE u.id = "' +userId+'" and gu.user_id = u.id')
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0].gitlab_userId return rows[0][0].gitlab_userId
} else { } else {
...@@ -217,12 +206,12 @@ var methods = { ...@@ -217,12 +206,12 @@ var methods = {
return err return err
} }
}, },
addGitlabUser: function(data, callback){ addGitlabUser: function(data:any, callback:any){
dbconn_OBSOLETE.user.query('INSERT INTO user_gitlab SET ?', data, function (err) { dbconn.user.query('INSERT INTO user_gitlab SET ?', data, function (err:any) {
if (err) throw err if (err) throw err
callback(err) callback(err)
}) })
} }
}; };
module.exports = methods; export = methods
\ No newline at end of file \ No newline at end of file
public/js/jquery-ui/i18n/datepicker-de.js deleted 100644 → 0
View file @ 0cd83c72
/* German initialisation for the jQuery UI date picker plugin. */
/* Written by Milian Wolff (mail@milianw.de). */
( function( factory ) {
if ( typeof define === "function" && define.amd ) {
// AMD. Register as an anonymous module.
define( [ "../widgets/datepicker" ], factory );
} else {
// Browser globals
factory( jQuery.datepicker );
}
}( function( datepicker ) {
datepicker.regional.de = {
closeText: "Schließen",
prevText: "&#x3C;Zurück",
nextText: "Vor&#x3E;",
currentText: "Heute",
monthNames: [ "Januar","Februar","März","April","Mai","Juni",
"Juli","August","September","Oktober","November","Dezember" ],
monthNamesShort: [ "Jan","Feb","Mär","Apr","Mai","Jun",
"Jul","Aug","Sep","Okt","Nov","Dez" ],
dayNames: [ "Sonntag","Montag","Dienstag","Mittwoch","Donnerstag","Freitag","Samstag" ],
dayNamesShort: [ "So","Mo","Di","Mi","Do","Fr","Sa" ],
dayNamesMin: [ "So","Mo","Di","Mi","Do","Fr","Sa" ],
weekHeader: "KW",
dateFormat: "dd.mm.yy",
firstDay: 1,
isRTL: false,
showMonthAfterYear: false,
yearSuffix: "" };
datepicker.setDefaults( datepicker.regional.de );
return datepicker.regional.de;
} ) );
\ No newline at end of file
routes/account.js routes/account.ts
View file @ 36450a27
This diff is collapsed.
routes/public.js deleted 100644 → 0
View file @ 0cd83c72
const methods = require('../functions/methods')
const async = require('async')
const mailer = require('../config/mailer')
const constants = require('../config/const')
// pwd encryption
const crypto = require('crypto')
const bcrypt = require('bcryptjs')
const saltRounds = 10
const salt = 64
module.exports = function (app, config, lang) {
// ================== NEW USERS REGISTRATION ======================
app.get('/registration', function(req, res) {
res.render(lang+'/account/registration')
})
app.post('/registration', function(req, res) {
// user data
var curDate = new Date()
var userData = {
salutation: req.body.inputSalutation,
title: req.body.inputTitle,
firstname: req.body.inputFirstname,
lastname: req.body.inputLastname,
email: req.body.inputEmail,
organisation: req.body.inputOrganisation,
industry: req.body.inputIndustry,
speciality: req.body.inputSpeciality,
createdDate: curDate.toISOString().slice(0,10)
}
var userEmail = userData.email
var pos = userEmail.indexOf('@')
var emailLength = userEmail.length
var emailDomain = userEmail.slice(pos, emailLength);
if ( emailDomain.toLowerCase() == "@hft-stuttgart.de") {
res.flash('error', "Fehlgeschlagen: HFT-Account")
res.redirect('/account/registration')
} else {
let token
async.waterfall([
function(done) {
crypto.randomBytes(20, function(err, buf) {
token = buf.toString('hex');
done(err, token);
});
},
// encrypt password
function(token, done) {
bcrypt.genSalt(saltRounds, function(err, salt) {
bcrypt.hash(req.body.inputPassword, salt, function(err, hash) {
var newAccount = {
profile: userData,
password: hash,
verificationToken: token
}
done(err, newAccount)
});
});
},
// save data
function(newAccount, err) {
methods.registerNewUser(newAccount, function(err){
if (err) {
res.flash('error', "Fehlgeschlagen")
}
else {
// send email
var emailSubject = "Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto"
var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. <br/>' +
'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte <a href='+config.app.host+'/verifyAccount?token='+token+'>diesen Link</a> ' +
'<br/><br/>' +
'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + constants.mailSignature +
'</div>';
mailer.options.to = req.body.inputEmail;
mailer.options.subject = emailSubject;
mailer.options.html = emailContent;
mailer.transport.sendMail(mailer.options, function(err) {
if (err) {
console.error('cannot send email')
throw err
}
})
// user feedback
res.flash('success', 'Vielen Dank für Ihre Registrierung!'+'\r\n\r\n'+
'Wir haben Ihnen eine E-Mail an Ihre verwendete Adresse gesendet. Diese enthält einen Link zur Bestätigung Ihres Accounts.'+'\r\n'+
'Wenn Sie die Mail nicht in ihrem Postfach vorfinden, prüfen Sie bitte auch Ihren Spam-Ordner.')
}
res.redirect('/account/registration')
})
}
])
}
})
// =================== USERS VERIFICATION =========================
app.get("/verifyAccount", async function(req, res){
let userId = await methods.getUserIdByVerificationToken(req.query.token)
if (!userId) {
// no user found
res.render(lang+'/account/verification', {
status: null
})
} else {
// a user found, verify the account
let userData = {
id: userId,
verificationStatus: 1
}
methods.verifyUserAccount(userData, async function(err){
if (err) {
console.log("Error: "+err)
res.render(lang+'/account/verification', {
status: false
});
} else {
// send welcome email after successful account verification
let userEmail = await methods.getUserEmailById(userId)
if (!userEmail) {
res.render(lang+'/account/verification', {
status: false
})
} else {
// send email
var emailSubject = "Herzlich willkommen"
var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>herzlich willkommen beim Transferportal der HFT Stuttgart!<br/>' +
'Sie können nun alle Dienste des Portals nutzen.<p/><br/>' + constants.mailSignature;
mailer.options.to = userEmail
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transport.sendMail(mailer.options, function(err) {
if (err) {
console.log('cannot send email')
throw err
}
})
res.render(lang+'/account/verification', {
status: true
})
}
}
})
}
})
// ==================== FORGOT PASSWORD ===========================
app.get('/forgotPwd', function (req, res) {
res.render(lang+'/account/forgotPwd', {
user: req.user
})
})
app.post('/forgotPwd', function(req, res) {
let emailAddress = req.body.inputEmail
async.waterfall([
function(done) {
crypto.randomBytes(20, function(err, buf) {
var token = buf.toString('hex')
done(err, token)
})
},
async function(token) {
let user = await methods.checkUserEmail(emailAddress)
if (!user) {
console.log('no user found')
} else {
var emailSubject = "Ihre Passwort-Anfrage an das Transferportal der HFT Stuttgart";
var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.<br/><br/>' +
'Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: '+config.app.host+'/reset/' + token + '<br/>' +
'Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.<br/></p>' + constants.mailSignature + '</div>'
var credentialData = {
user_id: user.id,
resetPasswordToken: token,
resetPasswordExpires: Date.now() + 3600000 // 1 hour
}
methods.updateCredential(credentialData, function(err) {
if (err) { console.error(err) }
})
// send email
mailer.options.to = emailAddress
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transport.sendMail(mailer.options, function(err) {
if (err) { console.error(err) }
})
}
}
], function(err) {
if (err) {
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.')
}
else {
res.flash('success', 'Wenn Ihre E-Mail-Adresse registriert ist, wurde eine E-Mail mit dem weiteren Vorgehen an ' + emailAddress + ' versendet.')
}
res.redirect('/account/forgotPwd')
})
})
// reset
app.get('/reset/:token', async function(req, res) {
let user = await methods.getUserByToken(req.params.token)
if (!user) {
res.flash('error', 'Der Schlüssel zum zurücksetzen des Passworts ist ungültig oder abgelaufen.')
res.redirect('/account/forgotPwd')
} else {
res.render(lang+'/account/reset')
}
})
app.post('/reset/:token', async function(req, res) {
var newPwd = req.body.inputNewPwd
let user = await methods.getUserByToken(req.params.token)
if (!user) {
res.flash('error', "User not found.")
res.redirect('/login')
} else {
// encrypt password
bcrypt.genSalt(saltRounds, function(err, salt) {
bcrypt.hash(newPwd, salt, function(err, hash) {
var credentialData = {
password: hash,
user_id: user.user_id
}
// update password
methods.updateCredential(credentialData, function(err){
if (err) {
res.flash('error', "Datenbankfehler: Passwort kann nicht geändert werden.")
throw err
} else {
res.flash('success', "Passwort aktualisiert!")
// send notifiaction email
mailer.options.to = user.email
mailer.options.subject = constants.updatePasswordMailSubject
mailer.options.html = constants.updatePasswordMailContent+'<div>'+constants.mailSignature+'</div>'
mailer.transport.sendMail(mailer.options, function(err) {
if (err) { console.log(err) }
})
res.redirect('/login')
}
})
});
});
}
})
// ======================= CONTACT FORM ===========================
app.get('/contact', function (req, res) {
res.render(lang+'/account/contact', {
user: req.user
})
})
app.post('/contact', function(req, res, next) {
//methods.currentDate();
let emailAddress = req.body.inputEmail;
let supportAddress = "support-transfer@hft-stuttgart.de";
let inputName = req.body.name;
let inputContent = req.body.message;
let emailContent = "Es wurde eine Anfrage an das Transferportal gestellt: \n\n NAME: " + inputName + "\n NACHRICHT:\n "+ inputContent;
let emailSubject = "Ihre Anfrage an das Transferportal";
async.waterfall([
function(done) {
// send email
mailer.options.to = supportAddress;
mailer.options.cc = emailAddress;
mailer.options.subject = emailSubject;
mailer.options.text = emailContent;
mailer.transport.sendMail(mailer.options, function(err) {
done(err, 'done');
});
}
], function(err) {
if (err) {
console.error(err)
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.');
}
else {
res.flash('success', 'Vielen Dank für Ihre Anfrage. Wir melden uns baldmöglichst bei Ihnen. Eine Kopie Ihrer Anfrage wurde an ' + emailAddress + ' versandt.');
}
res.redirect('/account/contact')
})
})
}
\ No newline at end of file
routes/public.ts 0 → 100644
View file @ 36450a27
import async from 'async'
import bcrypt from 'bcryptjs'
import methods from '../functions/methods'
import mailer from '../config/mailer'
import constants from '../config/const'
const saltRounds:number = 10
const salt:number = 64
export = function (app:any, config:any, lang:string) {
// ================== NEW USERS REGISTRATION ======================
app.get('/registration', function(req:any, res:any) {
res.render(lang+'/account/registration')
})
app.post('/registration', function(req:any, res:any) {
// user data
var curDate:Date = new Date()
var userData:any = {
salutation: req.body.inputSalutation,
title: req.body.inputTitle,
firstname: req.body.inputFirstname,
lastname: req.body.inputLastname,
email: req.body.inputEmail,
organisation: req.body.inputOrganisation,
industry: req.body.inputIndustry,
speciality: req.body.inputSpeciality,
createdDate: curDate.toISOString().slice(0,10)
}
var userEmail:any = userData.email
var pos:number = userEmail.indexOf('@')
var emailLength:number = userEmail.length
var emailDomain:any = userEmail.slice(pos, emailLength);
if ( emailDomain.toLowerCase() == "@hft-stuttgart.de") {
res.flash('error', "Fehlgeschlagen: HFT-Account")
res.redirect('/account/registration')
} else {
async.waterfall([
function(done:any) {
// generate token
let token:string = '';
let randomChars:string = 'abcdefghijklmnopqrstuvwxyz0123456789';
for ( let i = 0; i<40; i++ ) {
token += randomChars.charAt(Math.floor(Math.random() * randomChars.length));
}
// encrypt password
bcrypt.genSalt(saltRounds, function(err, salt) {
bcrypt.hash(req.body.inputPassword, salt, function(err:any, hash:any) {
var newAccount:any = {
profile: userData,
password: hash,
verificationToken: token
}
done(err, newAccount)
});
});
},
// save data
function(newAccount:any, err:any) {
methods.registerNewUser(newAccount, function(err:any){
if (err) {
res.flash('error', "Fehlgeschlagen")
}
else {
// send email
var emailSubject = "Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto"
var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. <br/>' +
'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte <a href='+config.app.host+'/verifyAccount?token='+newAccount.verificationToken+'>diesen Link</a> ' +
'<br/><br/>' +
'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + constants.mailSignature +
'</div>';
mailer.options.to = req.body.inputEmail;
mailer.options.subject = emailSubject;
mailer.options.html = emailContent;
mailer.transporter.sendMail(mailer.options, function(err:any) {
if (err) {
console.error('Cannot send email. [Error] '+err)
throw err
}
})
// user feedback
res.flash('success', 'Vielen Dank für Ihre Registrierung!'+'\r\n\r\n'+
'Wir haben Ihnen eine E-Mail an Ihre verwendete Adresse gesendet. Diese enthält einen Link zur Bestätigung Ihres Accounts.'+'\r\n'+
'Wenn Sie die Mail nicht in ihrem Postfach vorfinden, prüfen Sie bitte auch Ihren Spam-Ordner.')
}
res.redirect('/account/registration')
})
}
])
}
})
// =================== USERS VERIFICATION =========================
app.get("/verifyAccount", async function(req:any, res:any){
let userId:number = await methods.getUserIdByVerificationToken(req.query.token)
if (!userId) {
// no user found
res.render(lang+'/account/verification', {
status: null
})
} else {
// a user found, verify the account
let userData:any = {
id: userId,
verificationStatus: 1
}
methods.verifyUserAccount(userData, async function(err:any){
if (err) {
console.log("Error: "+err)
res.render(lang+'/account/verification', {
status: false
});
} else {
// send welcome email after successful account verification
let userEmail:string = await methods.getUserEmailById(userId)
if (!userEmail) {
res.render(lang+'/account/verification', {
status: false
})
} else {
// send email
var emailSubject = "Herzlich willkommen"
var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>herzlich willkommen beim Transferportal der HFT Stuttgart!<br/>' +
'Sie können nun alle Dienste des Portals nutzen.<p/><br/>' + constants.mailSignature;
mailer.options.to = userEmail
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transporter.sendMail(mailer.options, function(err:any) {
if (err) {
console.log('cannot send email')
throw err
}
})
res.render(lang+'/account/verification', {
status: true
})
}
}
})
}
})
// ==================== FORGOT PASSWORD ===========================
app.get('/forgotPwd', function (req:any, res:any) {
res.render(lang+'/account/forgotPwd', {
user: req.user
})
})
app.post('/forgotPwd', function(req:any, res:any) {
let emailAddress = req.body.inputEmail
async.waterfall([
async function(done:any) {
let user = await methods.checkUserEmail(emailAddress)
if (!user) {
console.log('No user found: '+emailAddress)
} else {
// generate token
let token:string = '';
let randomChars:string = 'abcdefghijklmnopqrstuvwxyz0123456789';
for ( let i = 0; i<40; i++ ) {
token += randomChars.charAt(Math.floor(Math.random() * randomChars.length));
}
var emailSubject = "Ihre Passwort-Anfrage an das Transferportal der HFT Stuttgart";
var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.<br/><br/>' +
'Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: '+config.app.host+'/reset/' + token + '<br/>' +
'Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.<br/></p>' + constants.mailSignature + '</div>'
var credentialData = {
user_id: user.id,
resetPasswordToken: token,
resetPasswordExpires: Date.now() + 3600000 // 1 hour
}
let result = await methods.updateCredential(credentialData)
if (!result) {
console.log('failed to update credential')
} else {
// send email
mailer.options.to = emailAddress
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transporter.sendMail(mailer.options, function(err:any) {
if (err) { console.error(err) }
})
}
}
done(null)
}
], function(err:any) {
if (err) {
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.')
}
else {
res.flash('success', 'Wenn Ihre E-Mail-Adresse registriert ist, wurde eine E-Mail mit dem weiteren Vorgehen an ' + emailAddress + ' versendet.')
}
res.redirect('/account/forgotPwd')
})
})
// reset
app.get('/reset/:token', async function(req:any, res:any) {
let user = await methods.getUserByToken(req.params.token)
if (!user) {
res.flash('error', 'Der Schlüssel zum zurücksetzen des Passworts ist ungültig oder abgelaufen.')
res.redirect('/account/forgotPwd')
} else {
res.render(lang+'/account/reset')
}
})
app.post('/reset/:token', async function(req:any, res:any) {
var newPwd = req.body.inputNewPwd
var user = await methods.getUserByToken(req.params.token)
if (!user) {
res.flash('error', "User not found.")
res.redirect('/login')
} else {
// encrypt password
bcrypt.genSalt(saltRounds, function(err, salt) {
bcrypt.hash(newPwd, salt, async function(err:any, hash) {
var credentialData = {
password: hash,
user_id: user.user_id
}
// update password
let result = await methods.updateCredential(credentialData)
if (!result) {
console.log('Failed to reset password')
res.flash('error', "Datenbankfehler: Passwort kann nicht geändert werden.")
} else {
res.flash('success', "Passwort aktualisiert!")
// send notifiaction email
mailer.options.to = user.email
mailer.options.subject = constants.updatePasswordMailSubject
mailer.options.html = constants.updatePasswordMailContent+'<div>'+constants.mailSignature+'</div>'
mailer.transporter.sendMail(mailer.options, function(err:any) {
if (err) { console.log(err) }
})
}
res.redirect('/login')
});
});
}
})
// ======================= CONTACT FORM ===========================
app.get('/contact', function (req:any, res:any) {
res.render(lang+'/account/contact', {
user: req.user
})
})
app.post('/contact', function(req:any, res:any, next:any) {
//methods.currentDate();
let emailAddress = req.body.inputEmail;
let supportAddress = "support-transfer@hft-stuttgart.de";
let inputName = req.body.name;
let inputContent = req.body.message;
let emailContent = "Es wurde eine Anfrage an das Transferportal gestellt: \n\n NAME: " + inputName + "\n NACHRICHT:\n "+ inputContent;
let emailSubject = "Ihre Anfrage an das Transferportal";
async.waterfall([
function(done:any) {
// send email
mailer.options.to = supportAddress;
mailer.options.cc = emailAddress;
mailer.options.subject = emailSubject;
mailer.options.text = emailContent;
mailer.transporter.sendMail(mailer.options, function(err:any) {
done(err, 'done');
});
}
], function(err:any) {
if (err) {
console.error(err)
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.');
}
else {
res.flash('success', 'Vielen Dank für Ihre Anfrage. Wir melden uns baldmöglichst bei Ihnen. Eine Kopie Ihrer Anfrage wurde an ' + emailAddress + ' versandt.');
}
res.redirect('/account/contact')
})
})
}
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Dies ist die Gitlab-Instanz des Transferportals der Hochschule für Technik Stuttgart. Hier geht es zurück zum Portal