Skip to content

GitLab

Commit 4450156e authored by Rosanny Sihombing's avatar Rosanny Sihombing
Browse files

cleaning codes

parent 689b3cfa
Hide whitespace changes
Inline Side-by-side
src/app.ts
View file @ 4450156e
...@@ -11,13 +11,13 @@ import helmet from 'helmet' ...@@ -11,13 +11,13 @@ import helmet from 'helmet'
import compression from 'compression' import compression from 'compression'
import methodOverride from 'method-override' import methodOverride from 'method-override'
const env = process.env.NODE_ENV || 'development' const env = process.env.NODE_ENV ?? 'testing'
const config = require('./config/config')[env] const config = require('./config/config')[env]
const lang = 'DE' const lang = 'DE'
const app = express() const app = express()
app.set('port', config.app.port) app.set('port', config.app.port)
app.set('views', path.join(__dirname + '/views')) app.set('views', path.join(path.join(__dirname, '/views')))
app.set('view engine', 'pug') app.set('view engine', 'pug')
// enable files upload // enable files upload
......
src/classes/project.ts
View file @ 4450156e
...@@ -66,4 +66,4 @@ class Project { ...@@ -66,4 +66,4 @@ class Project {
} }
} }
export = Project export { Project }
src/classes/repo.ts
View file @ 4450156e
import Project from './project' import { Project } from './project'
class Repo extends Project { class Repo extends Project {
constructor (ownerGitlabId: number, name: string, desc: string, id?: number, logo?: string, path?: string) { constructor (ownerGitlabId: number, name: string, desc: string, id?: number, logo?: string, path?: string) {
...@@ -6,4 +6,4 @@ class Repo extends Project { ...@@ -6,4 +6,4 @@ class Repo extends Project {
} }
} }
export = Repo export { Repo }
src/classes/user.ts
View file @ 4450156e
...@@ -8,12 +8,12 @@ class User { ...@@ -8,12 +8,12 @@ class User {
industry: string industry: string
organisation: string organisation: string
speciality: string speciality: string
is_m4lab_idp: number // 1 or 0 isM4labIdp: number // 1 or 0
verificationStatus: number // 1 or 0 - // should be boolean verificationStatus: number // 1 or 0 - // should be boolean
gitlabUserId?: number gitlabUserId?: number
constructor (id: number, email: string, salutation: string, title: string, firstName: string, lastName: string, industry: string, organisation: string, constructor (id: number, email: string, salutation: string, title: string, firstName: string, lastName: string, industry: string, organisation: string,
speciality: string, is_m4lab_idp: number, verificationStatus: number, gitlabUserId?: number) { speciality: string, isM4labIdp: number, verificationStatus: number, gitlabUserId?: number) {
this.id = id this.id = id
this.email = email this.email = email
this.salutation = salutation this.salutation = salutation
...@@ -23,7 +23,7 @@ class User { ...@@ -23,7 +23,7 @@ class User {
this.industry = industry this.industry = industry
this.organisation = organisation this.organisation = organisation
this.speciality = speciality this.speciality = speciality
this.is_m4lab_idp = is_m4lab_idp this.isM4labIdp = isM4labIdp
this.verificationStatus = verificationStatus this.verificationStatus = verificationStatus
this.gitlabUserId = gitlabUserId this.gitlabUserId = gitlabUserId
} }
...@@ -42,7 +42,7 @@ class User { ...@@ -42,7 +42,7 @@ class User {
} }
getIdpStatus () { getIdpStatus () {
return this.is_m4lab_idp return this.isM4labIdp
} }
getVerificationStatus () { getVerificationStatus () {
...@@ -86,8 +86,8 @@ class User { ...@@ -86,8 +86,8 @@ class User {
this.speciality = speciality this.speciality = speciality
} }
setM4lab_idp (m4lab_idp: number) { setM4lab_idp (m4labIdp: number) {
this.is_m4lab_idp = m4lab_idp this.isM4labIdp = m4labIdp
} }
setVerificationStatus (verificationStatus: number) { setVerificationStatus (verificationStatus: number) {
...@@ -110,4 +110,4 @@ class User { ...@@ -110,4 +110,4 @@ class User {
} }
} }
export = User export { User }
src/classes/website.ts
View file @ 4450156e
import Project from './project' import { Project } from './project'
class Website extends Project { class Website extends Project {
constructor (ownerGitlabId: number, name: string, desc: string, id?: number, logo?: string, path?: string) { constructor (ownerGitlabId: number, name: string, desc: string, id?: number, logo?: string, path?: string) {
...@@ -6,4 +6,4 @@ class Website extends Project { ...@@ -6,4 +6,4 @@ class Website extends Project {
} }
} }
export = Website export { Website }
src/config/config.ts
View file @ 4450156e
export = { module.exports = {
development: { development: {
app: { app: {
name: 'User Account Management', name: 'User Account Management',
port: process.env.PORT || 9989, port: process.env.PORT ?? 9989,
host: 'http://localhost:9989', host: 'http://localhost:9989',
sessionSecret: 'thisisasecret' sessionSecret: 'thisisasecret'
}, },
passport: { passport: {
strategy: 'saml', strategy: 'saml',
saml: { saml: {
path: process.env.SAML_PATH || '/saml/SSO', path: process.env.SAML_PATH ?? '/saml/SSO',
entryPoint: process.env.SAML_ENTRY_POINT || 'saml entry point', entryPoint: process.env.SAML_ENTRY_POINT || 'saml entry point',
issuer: 'SAML issuer', issuer: 'SAML issuer',
logoutUrl: 'SAML logout URL' logoutUrl: 'SAML logout URL'
...@@ -41,15 +41,15 @@ export = { ...@@ -41,15 +41,15 @@ export = {
testing: { testing: {
app: { app: {
name: 'User Account Management', name: 'User Account Management',
port: process.env.PORT || 9989, port: process.env.PORT ?? 9989,
host: 'https://m4lab.hft-stuttgart.de/account', host: 'https://m4lab.hft-stuttgart.de/account',
sessionSecret: 'thisisasecret' sessionSecret: 'thisisasecret'
}, },
passport: { passport: {
strategy: 'saml', strategy: 'saml',
saml: { saml: {
path: process.env.SAML_PATH || '/saml/SSO', path: process.env.SAML_PATH ?? '/saml/SSO',
entryPoint: process.env.SAML_ENTRY_POINT || 'saml entry point', entryPoint: process.env.SAML_ENTRY_POINT ?? 'saml entry point',
issuer: 'SAML issuer', // testing metadata issuer: 'SAML issuer', // testing metadata
logoutUrl: 'SAML logout URL' logoutUrl: 'SAML logout URL'
} }
...@@ -78,3 +78,5 @@ export = { ...@@ -78,3 +78,5 @@ export = {
} }
} }
} }
export {}
src/config/const.ts
View file @ 4450156e
export = { const miscConst = {
mailSignature: 'Mit den besten Grüßen,<br/>das Transferportal-Team der HFT Stuttgart<br/><br/>' + mailSignature: 'Mit den besten Grüßen,<br/>das Transferportal-Team der HFT Stuttgart<br/><br/>' +
'Transferportal der Hochschule für Technik Stuttgart<br/>' + 'Transferportal der Hochschule für Technik Stuttgart<br/>' +
'Schellingstr. 24 70174 Stuttgart<br/>' + 'Schellingstr. 24 70174 Stuttgart<br/>' +
'm4lab@hft-stuttgart.de<br/>' + 'm4lab@hft-stuttgart.de<br/>' +
'<a href="https://transfer.hft-stuttgart.de">https://transfer.hft-stuttgart.de</a><br/>' + '<a mailConsthref="https://transfer.hft-stuttgart.de">https://transfer.hft-stuttgart.de</a><br/>' +
'<a href="http://www.hft-stuttgart.de/Aktuell/"><img border="0" alt="HFT" src="https://m4lab.hft-stuttgart.de/img/signature/hft_logo.png" width="30" height="30"></a> &nbsp;' + '<a href="http://www.hft-stuttgart.de/Aktuell/"><img border="0" alt="HFT" src="https://m4lab.hft-stuttgart.de/img/signature/hft_logo.png" width="30" height="30"></a> &nbsp;' +
'<a href="http://www.facebook.com/hftstuttgart"><img border="0" alt="Facebook" src="https://m4lab.hft-stuttgart.de/img/signature/fb_bw.png" width="30" height="30"></a> &nbsp;' + '<a href="http://www.facebook.com/hftstuttgart"><img border="0" alt="Facebook" src="https://m4lab.hft-stuttgart.de/img/signature/fb_bw.png" width="30" height="30"></a> &nbsp;' +
'<a href="https://www.instagram.com/hft_stuttgart/"><img border="0" alt="Instagram" src="https://m4lab.hft-stuttgart.de/img/signature/instagram_bw.png" width="30" height="30"></a> &nbsp;' + '<a href="https://www.instagram.com/hft_stuttgart/"><img border="0" alt="Instagram" src="https://m4lab.hft-stuttgart.de/img/signature/instagram_bw.png" width="30" height="30"></a> &nbsp;' +
...@@ -17,3 +17,5 @@ export = { ...@@ -17,3 +17,5 @@ export = {
updatePasswordMailContent: '<div>Lieber Nutzer,<br/><br/>Ihr Passwort wurde erfolgreich geändert.<br/><br/></div>' updatePasswordMailContent: '<div>Lieber Nutzer,<br/><br/>Ihr Passwort wurde erfolgreich geändert.<br/><br/></div>'
} }
export { miscConst }
src/config/dbconn.ts
View file @ 4450156e
import mysql from 'mysql2' import mysql from 'mysql2'
const env = process.env.NODE_ENV || 'development' const env = process.env.NODE_ENV ?? 'development'
const config = require('./config')[env] const config = require('./config')[env]
// ==== USER ACOOUNT DB CONNECTION ==== // ==== USER ACOOUNT DB CONNECTION ====
...@@ -31,9 +31,9 @@ const projectConnection = mysql.createPool({ ...@@ -31,9 +31,9 @@ const projectConnection = mysql.createPool({
projectConnection.query('USE ' + config.database.dbProject) projectConnection.query('USE ' + config.database.dbProject)
const connection = { const dbConnection = {
user: userConnection, user: userConnection,
project: projectConnection project: projectConnection
} }
export = connection export { dbConnection }
src/config/mailer.ts
View file @ 4450156e
const nodemailer = require('nodemailer') const nodemailer = require('nodemailer')
const nodemailerNTLMAuth = require('nodemailer-ntlm-auth') const nodemailerNTLMAuth = require('nodemailer-ntlm-auth')
const env = process.env.NODE_ENV || 'testing' const env = process.env.NODE_ENV ?? 'testing'
const config = require('./config')[env] const config = require('./config')[env]
const smtpTransporter = nodemailer.createTransport({ const smtpTransporter = nodemailer.createTransport({
...@@ -37,4 +37,4 @@ const mailer: any = { ...@@ -37,4 +37,4 @@ const mailer: any = {
options: mailOptions options: mailOptions
} }
export = mailer export { mailer }
src/controller/dbController.ts
View file @ 4450156e
import dbconn = require('../config/dbconn') import { dbConnection } from '../config/dbconn'
const dbController = { const dbController = {
// ===================== user db ===================== // ===================== user db =====================
registerNewUser: function (data: any, callback: any) { registerNewUser: function (data: any, callback: any) {
dbconn.user.getConnection(function (err: any, thisconn) { dbConnection.user.getConnection(function (err: any, thisconn) {
thisconn.beginTransaction(function (err: any) { // START TRANSACTION thisconn.beginTransaction(function (err: any) { // START TRANSACTION
if (err) { throw err } if (err) { throw err }
// insert profile // insert profile
...@@ -66,7 +66,7 @@ const dbController = { ...@@ -66,7 +66,7 @@ const dbController = {
}, },
getUserByEmail: async function (email: any) { getUserByEmail: async function (email: any) {
try { try {
const rows: any = await dbconn.user.promise().query('SELECT id, verificationStatus, salutation, title, firstname, lastname, industry, organisation, speciality, m4lab_idp FROM user WHERE email = "' + email + '"') const rows: any = await dbConnection.user.promise().query('SELECT id, verificationStatus, salutation, title, firstname, lastname, industry, organisation, speciality, m4lab_idp FROM user WHERE email = "' + email + '"')
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0] return rows[0][0]
} else { return null } } else { return null }
...@@ -77,7 +77,7 @@ const dbController = { ...@@ -77,7 +77,7 @@ const dbController = {
}, },
getUserEmailById: async function (userId: number) { getUserEmailById: async function (userId: number) {
try { try {
const rows: any = await dbconn.user.promise().query('SELECT email FROM user WHERE id = ' + userId) const rows: any = await dbConnection.user.promise().query('SELECT email FROM user WHERE id = ' + userId)
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0].email return rows[0][0].email
} else { return null } } else { return null }
...@@ -88,7 +88,7 @@ const dbController = { ...@@ -88,7 +88,7 @@ const dbController = {
}, },
checkUserEmail: async function (email: any) { checkUserEmail: async function (email: any) {
try { try {
const rows: any = await dbconn.user.promise().query('SELECT id, email FROM user WHERE email = "' + email + '"') const rows: any = await dbConnection.user.promise().query('SELECT id, email FROM user WHERE email = "' + email + '"')
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0] return rows[0][0]
} else { return null } } else { return null }
...@@ -99,7 +99,7 @@ const dbController = { ...@@ -99,7 +99,7 @@ const dbController = {
}, },
getUserByToken: async function (token: any) { getUserByToken: async function (token: any) {
try { try {
const rows: any = await dbconn.user.promise().query('SELECT t1.user_id, t2.email FROM userdb.credential AS t1 INNER JOIN userdb.user AS t2 ON t1.user_id = t2.id AND t1.resetPasswordToken = "' + const rows: any = await dbConnection.user.promise().query('SELECT t1.user_id, t2.email FROM userdb.credential AS t1 INNER JOIN userdb.user AS t2 ON t1.user_id = t2.id AND t1.resetPasswordToken = "' +
token + '" and resetPasswordExpires > ' + Date.now()) token + '" and resetPasswordExpires > ' + Date.now())
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0] return rows[0][0]
...@@ -111,7 +111,7 @@ const dbController = { ...@@ -111,7 +111,7 @@ const dbController = {
}, },
updateUserById: async function (userId: number, userData: any) { updateUserById: async function (userId: number, userData: any) {
try { try {
const result: any = await dbconn.user.promise().query('UPDATE user SET ? WHERE id = ' + userId, userData) const result: any = await dbConnection.user.promise().query('UPDATE user SET ? WHERE id = ' + userId, userData)
return result return result
} catch (err) { } catch (err) {
console.error(err) console.error(err)
...@@ -120,7 +120,7 @@ const dbController = { ...@@ -120,7 +120,7 @@ const dbController = {
}, },
updateCredential: async function (data: any) { updateCredential: async function (data: any) {
try { try {
const result: any = await dbconn.user.promise().query('UPDATE credential SET ? WHERE user_id = ' + data.user_id, data) const result: any = await dbConnection.user.promise().query('UPDATE credential SET ? WHERE user_id = ' + data.user_id, data)
return result return result
} catch (err) { } catch (err) {
console.error(err) console.error(err)
...@@ -128,14 +128,14 @@ const dbController = { ...@@ -128,14 +128,14 @@ const dbController = {
return null return null
}, },
addUserProjectRole_OBSOLETE: function (data: any, callback: any) { addUserProjectRole_OBSOLETE: function (data: any, callback: any) {
dbconn.user.query('INSERT INTO user_project_role SET ?', data, function (err: any) { dbConnection.user.query('INSERT INTO user_project_role SET ?', data, function (err: any) {
if (err) throw err if (err) throw err
callback(err) callback(err)
}) })
}, },
getVerificationTokenByUserId: async function (userId: number) { getVerificationTokenByUserId: async function (userId: number) {
try { try {
const rows: any = await dbconn.user.promise().query('SELECT token FROM verification WHERE user_id = "' + userId + '"') const rows: any = await dbConnection.user.promise().query('SELECT token FROM verification WHERE user_id = "' + userId + '"')
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0].token return rows[0][0].token
} else { return null } } else { return null }
...@@ -146,7 +146,7 @@ const dbController = { ...@@ -146,7 +146,7 @@ const dbController = {
}, },
getUserIdByVerificationToken: async function (token: any) { getUserIdByVerificationToken: async function (token: any) {
try { try {
const rows: any = await dbconn.user.promise().query('SELECT user_id FROM verification WHERE token = "' + token + '"') const rows: any = await dbConnection.user.promise().query('SELECT user_id FROM verification WHERE token = "' + token + '"')
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0].user_id return rows[0][0].user_id
} else { } else {
...@@ -158,7 +158,7 @@ const dbController = { ...@@ -158,7 +158,7 @@ const dbController = {
return null return null
}, },
verifyUserAccount: function (userData: any, callback: any) { verifyUserAccount: function (userData: any, callback: any) {
dbconn.user.getConnection(function (err: any, thisconn) { dbConnection.user.getConnection(function (err: any, thisconn) {
thisconn.beginTransaction(function (err: any) { // START TRANSACTION thisconn.beginTransaction(function (err: any) { // START TRANSACTION
if (err) { throw err } if (err) { throw err }
// update user status // update user status
...@@ -186,7 +186,7 @@ const dbController = { ...@@ -186,7 +186,7 @@ const dbController = {
/* ===== GitLab ===== */ /* ===== GitLab ===== */
getGitlabId: async function (userId: number) { getGitlabId: async function (userId: number) {
try { try {
const rows: any = await dbconn.user.promise().query('SELECT gu.gitlab_userId FROM user_gitlab gu, user u WHERE u.id = "' + userId + '" and gu.user_id = u.id') const rows: any = await dbConnection.user.promise().query('SELECT gu.gitlab_userId FROM user_gitlab gu, user u WHERE u.id = "' + userId + '" and gu.user_id = u.id')
if (rows[0][0]) { if (rows[0][0]) {
return rows[0][0].gitlab_userId return rows[0][0].gitlab_userId
} else { } else {
...@@ -198,7 +198,7 @@ const dbController = { ...@@ -198,7 +198,7 @@ const dbController = {
} }
}, },
addGitlabUser: function (data: any, callback: any) { addGitlabUser: function (data: any, callback: any) {
dbconn.user.query('INSERT INTO user_gitlab SET ?', data, function (err: any) { dbConnection.user.query('INSERT INTO user_gitlab SET ?', data, function (err: any) {
if (err) throw err if (err) throw err
callback(err) callback(err)
}) })
......
src/controller/gitlabController.ts
View file @ 4450156e
...@@ -2,7 +2,7 @@ import axios from 'axios' ...@@ -2,7 +2,7 @@ import axios from 'axios'
import fs from 'fs' import fs from 'fs'
import formData from 'form-data' import formData from 'form-data'
const env = process.env.NODE_ENV || 'testing' const env = process.env.NODE_ENV ?? 'testing'
const config = require('../config/config')[env] const config = require('../config/config')[env]
const gitlabController = { const gitlabController = {
...@@ -124,4 +124,4 @@ const gitlabController = { ...@@ -124,4 +124,4 @@ const gitlabController = {
} }
} }
export {gitlabController} export { gitlabController }
src/controller/publicController.ts
View file @ 4450156e
import async from 'async' import async from 'async'
import mailer from '../config/mailer' import bcrypt from 'bcryptjs'
import { mailer } from '../config/mailer'
import { miscConst } from '../config/const'
import { dbController } from './dbController' import { dbController } from './dbController'
const lang = 'DE' const saltRounds: number = 10
const publicController = { const publicController = {
showRegistrationPage: function (res: any) { showRegistrationPage: function (res: any, lang: String) {
res.render(lang + '/account/registration') res.render(lang + '/account/registration')
}, },
showContactPage: function (req: any, res: any) { showContactPage: function (req: any, res: any, lang: String) {
res.render(lang + '/account/contact', { res.render(lang + '/account/contact', {
user: req.user user: req.user
}) })
}, },
showForgotPwdPage: function (req: any, res: any) { showForgotPwdPage: function (req: any, res: any, lang: String) {
res.render(lang + '/account/forgotPwd', { res.render(lang + '/account/forgotPwd', {
user: req.user user: req.user
}) })
}, },
showResetToken: async function (req: any, res: any) { showResetPassword: async function (req: any, res: any, lang: String) {
const user = await dbController.getUserByToken(req.params.token) const user = await dbController.getUserByToken(req.params.token)
if (user) { if (user) {
res.render(lang + '/account/reset') res.render(lang + '/account/reset')
...@@ -53,6 +55,221 @@ const publicController = { ...@@ -53,6 +55,221 @@ const publicController = {
res.redirect('/account/contact') res.redirect('/account/contact')
}) })
}, },
registerUser: function (req: any, res: any, config: any) {
// user data
const curDate: Date = new Date()
const userData: any = {
salutation: req.body.inputSalutation,
title: req.body.inputTitle,
firstname: req.body.inputFirstname,
lastname: req.body.inputLastname,
email: req.body.inputEmail,
organisation: req.body.inputOrganisation,
industry: req.body.inputIndustry,
speciality: req.body.inputSpeciality,
createdDate: curDate.toISOString().slice(0, 10)
}
const userEmail: any = userData.email
const pos: number = userEmail.indexOf('@')
const emailLength: number = userEmail.length
const emailDomain: any = userEmail.slice(pos, emailLength)
if (emailDomain.toLowerCase() === '@hft-stuttgart.de') {
res.flash('error', 'Fehlgeschlagen: HFT-Account')
res.redirect('/account/registration')
} else {
async.waterfall([
function (done: any) {
// generate token
let token: string = ''
const randomChars: string = 'abcdefghijklmnopqrstuvwxyz0123456789'
for (let i = 0; i < 40; i++) {
token += randomChars.charAt(Math.floor(Math.random() * randomChars.length))
}
// encrypt password
bcrypt.genSalt(saltRounds, function (err, salt) {
bcrypt.hash(req.body.inputPassword, salt, function (err: any, hash: any) {
const newAccount: any = {
profile: userData,
password: hash,
verificationToken: token
}
done(err, newAccount)
})
})
},
// save data
function (newAccount: any, err: any) {
dbController.registerNewUser(newAccount, function (err: any) {
if (err) {
res.flash('error', 'Fehlgeschlagen')
} else {
// send email
const emailSubject = 'Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto'
const emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. <br/>' +
'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte <a href=' + String(config.app.host) + '/verifyAccount?token=' + String(newAccount.verificationToken) + '>diesen Link</a> ' +
'<br/><br/>' +
'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + String(miscConst.mailSignature) +
'</div>'
mailer.options.to = req.body.inputEmail
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transporter.sendMail(mailer.options, function (err: any) {
if (err) {
console.error('Cannot send email. [Error] ' + String(err))
throw err
}
})
// user feedback
res.flash('success', 'Vielen Dank für Ihre Registrierung!' + '\r\n\r\n' +
'Wir haben Ihnen eine E-Mail an Ihre verwendete Adresse gesendet. Diese enthält einen Link zur Bestätigung Ihres Accounts.' + '\r\n' +
'Wenn Sie die Mail nicht in ihrem Postfach vorfinden, prüfen Sie bitte auch Ihren Spam-Ordner.')
}
res.redirect('/account/registration')
})
}
])
}
},
verifyAccount: async function (req: any, res: any, lang: String) {
const userId: number = await dbController.getUserIdByVerificationToken(req.query.token)
if (!userId) {
// no user found
res.render(lang + '/account/verification', {
status: null
})
} else {
// a user found, verify the account
const userData: any = {
id: userId,
verificationStatus: 1
}
dbController.verifyUserAccount(userData, async function (err: any) {
if (err) {
console.error(err)
res.render(lang + '/account/verification', {
status: false
})
} else {
// send welcome email after successful account verification
const userEmail: string = await dbController.getUserEmailById(userId)
if (!userEmail) {
res.render(lang + '/account/verification', {
status: false
})
} else {
// send email
const emailSubject = 'Herzlich willkommen'
const emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>herzlich willkommen beim Transferportal der HFT Stuttgart!<br/>' +
'Sie können nun alle Dienste des Portals nutzen.<p/><br/>' + miscConst.mailSignature
mailer.options.to = userEmail
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transporter.sendMail(mailer.options, function (err: any) {
if (err) {
console.log('cannot send email')
throw err
}
})
res.render(lang + '/account/verification', {
status: true
})
}
}
})
}
},
resetPassword: async function (req: any, res: any) {
const newPwd = req.body.inputNewPwd
const user = await dbController.getUserByToken(req.params.token)
if (!user) {
res.flash('error', 'User not found.')
res.redirect('/login')
} else {
// encrypt password
bcrypt.genSalt(saltRounds, function (err, salt) {
bcrypt.hash(newPwd, salt, async function (err: any, hash) {
const credentialData = {
password: hash,
user_id: user.user_id,
resetPasswordToken: null,
resetPasswordExpires: null
}
// update password
const result = await dbController.updateCredential(credentialData)
if (!result) {
console.log('Failed to reset password')
res.flash('error', 'Datenbankfehler: Passwort kann nicht geändert werden.')
} else {
res.flash('success', 'Passwort aktualisiert!')
// send notification email
mailer.options.to = user.email
mailer.options.subject = miscConst.updatePasswordMailSubject
mailer.options.html = miscConst.updatePasswordMailContent + '<div>' + miscConst.mailSignature + '</div>'
mailer.transporter.sendMail(mailer.options, function (err: any) {
if (err) { console.log(err) }
})
}
res.redirect('/login')
})
})
}
},
generateNewToken: function (req: any, res: any, config: any) {
const emailAddress = req.body.inputEmail
async.waterfall([
async function (done: any) {
const user = await dbController.checkUserEmail(emailAddress)
if (!user) {
console.log('No user found: ' + String(emailAddress))
} else {
// generate token
let token: string = ''
const randomChars: string = 'abcdefghijklmnopqrstuvwxyz0123456789'
for (let i = 0; i < 40; i++) {
token += randomChars.charAt(Math.floor(Math.random() * randomChars.length))
}
const emailSubject = 'Ihre Passwort-Anfrage an das Transferportal der HFT Stuttgart'
const emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.<br/><br/>' +
'Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: ' + String(config.app.host) + '/reset/' + String(token) + '<br/>' +
'Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.<br/></p>' + String(miscConst.mailSignature) + '</div>'
const credentialData = {
user_id: user.id,
resetPasswordToken: token,
resetPasswordExpires: Date.now() + 3600000 // 1 hour
}
const result = await dbController.updateCredential(credentialData)
if (!result) {
console.log('failed to update credential')
} else {
// send email
mailer.options.to = emailAddress
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transporter.sendMail(mailer.options, function (err: any) {
if (err) { console.error(err) }
})
}
}
done(null)
}
], function (err: any) {
if (err) {
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.')
} else {
res.flash('success', 'Wenn Ihre E-Mail-Adresse registriert ist, wurde eine E-Mail mit dem weiteren Vorgehen an ' + String(emailAddress) + ' versendet.')
}
res.redirect('/account/forgotPwd')
})
},
checkUserEmail: async function (req: any, res: any) { checkUserEmail: async function (req: any, res: any) {
const user = await dbController.checkUserEmail(req.params.email) const user = await dbController.checkUserEmail(req.params.email)
if (user) { res.send(false) } else { if (user) { res.send(false) } else {
......
src/functions/helpers_TBD.ts deleted 100644 → 0
View file @ 689b3cfa
const helpers = {
stringToArray: function (input: string) {
if (input != null) {
return input.split(',')
} else {
return null
}
}
}
export = helpers
src/public/js/security.js
View file @ 4450156e
...@@ -11,7 +11,7 @@ $('#inputNewPwd, #inputConfirm').on('keyup', function () { ...@@ -11,7 +11,7 @@ $('#inputNewPwd, #inputConfirm').on('keyup', function () {
} }
// match or not? // match or not?
if ($('#inputNewPwd').val() == $('#inputConfirm').val()) { if ($('#inputNewPwd').val() === $('#inputConfirm').val()) {
// $('#message').html('Matching').css('color', 'green'); // $('#message').html('Matching').css('color', 'green');
$('#message').html('Übereinstimmend').css('color', 'green') $('#message').html('Übereinstimmend').css('color', 'green')
isMatch = true isMatch = true
......
src/routes/account.ts
View file @ 4450156e
...@@ -2,14 +2,14 @@ import fs from 'fs' ...@@ -2,14 +2,14 @@ import fs from 'fs'
import async from 'async' import async from 'async'
import bcrypt from 'bcryptjs' import bcrypt from 'bcryptjs'
import * as passportSaml from 'passport-saml' import * as passportSaml from 'passport-saml'
import dbconn from '../config/dbconn' import { dbConnection } from '../config/dbconn'
import { dbController } from '../controller/dbController' import { dbController } from '../controller/dbController'
import { gitlabController } from '../controller/gitlabController' import { gitlabController } from '../controller/gitlabController'
import constants from '../config/const' import { miscConst } from '../config/const'
import mailer from '../config/mailer' import { mailer } from '../config/mailer'
import portalUser from '../classes/user' import { User } from '../classes/user'
import projectInformation from '../classes/website' import { Website } from '../classes/website'
import projectRepo from '../classes/repo' import { Repo } from '../classes/repo'
const SamlStrategy = passportSaml.Strategy const SamlStrategy = passportSaml.Strategy
const saltRounds = 10 const saltRounds = 10
...@@ -17,7 +17,7 @@ const salt = 64 // salt length ...@@ -17,7 +17,7 @@ const salt = 64 // salt length
const logoDir = 'public/upload/' const logoDir = 'public/upload/'
const defaultLogo: any = 'public/default/logo.png' const defaultLogo: any = 'public/default/logo.png'
export = function (app: any, config: any, passport: any, lang: string) { module.exports = function (app: any, config: any, passport: any, lang: string) {
// =========== PASSPORT ======= // =========== PASSPORT =======
passport.serializeUser(function (user: any, done: any) { passport.serializeUser(function (user: any, done: any) {
done(null, user) done(null, user)
...@@ -88,7 +88,7 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -88,7 +88,7 @@ export = function (app: any, config: any, passport: any, lang: string) {
console.log('no user found') console.log('no user found')
return null return null
} else { } else {
const loggedInUser = new portalUser( const loggedInUser = new User(
user.id, email, user.salutation, user.title, user.firstname, user.lastname, user.industry, user.organisation, user.speciality, user.m4lab_idp, user.verificationStatus user.id, email, user.salutation, user.title, user.firstname, user.lastname, user.industry, user.organisation, user.speciality, user.m4lab_idp, user.verificationStatus
) )
...@@ -180,27 +180,23 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -180,27 +180,23 @@ export = function (app: any, config: any, passport: any, lang: string) {
if (loggedInUser.getGitlabUserId()) { // for users who have activated their gitlab account if (loggedInUser.getGitlabUserId()) { // for users who have activated their gitlab account
const userProjects = await gitlabController.getUserProjects(loggedInUser.getGitlabUserId()!) const userProjects = await gitlabController.getUserProjects(loggedInUser.getGitlabUserId()!)
if (!userProjects) { if (userProjects) {
console.error('something went wrong') let project: any
res.status(500).render(lang + '/500', { error: 'something went wrong' }) for (project in userProjects) {
} if (userProjects[project].tag_list.includes('website')) {
const page = {
let project: any projectInformation: new Website(loggedInUser.getGitlabUserId()!, userProjects[project].name, userProjects[project].description,
for (project in userProjects) { userProjects[project].id, userProjects[project].avatar_url, userProjects[project].path_with_namespace),
if (userProjects[project].tag_list.includes('website')) { pipelineStatus: await gitlabController.getProjectPipelineLatestStatus(userProjects[project].id)
const page = { }
projectInformation: new projectInformation(loggedInUser.getGitlabUserId()!, userProjects[project].name, userProjects[project].description, gitlabPagesArr.push(page)
userProjects[project].id, userProjects[project].avatar_url, userProjects[project].path_with_namespace), } else {
pipelineStatus: await gitlabController.getProjectPipelineLatestStatus(userProjects[project].id) const repo = new Repo(loggedInUser.getGitlabUserId()!, userProjects[project].name, userProjects[project].description,
userProjects[project].id, userProjects[project].avatar_url, userProjects[project].path_with_namespace)
gitlabReposArr.push(repo)
} }
gitlabPagesArr.push(page)
} else {
const repo = new projectRepo(loggedInUser.getGitlabUserId()!, userProjects[project].name, userProjects[project].description,
userProjects[project].id, userProjects[project].avatar_url, userProjects[project].path_with_namespace)
gitlabReposArr.push(repo)
} }
} }
res.render(lang + '/account/services', { res.render(lang + '/account/services', {
user: loggedInUser, user: loggedInUser,
gitlabRepos: gitlabReposArr, gitlabRepos: gitlabReposArr,
...@@ -297,7 +293,7 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -297,7 +293,7 @@ export = function (app: any, config: any, passport: any, lang: string) {
const newPwd = req.body.inputNewPwd const newPwd = req.body.inputNewPwd
const retypePwd = req.body.inputConfirm const retypePwd = req.body.inputConfirm
dbconn.user.query('SELECT password FROM credential WHERE user_id=' + loggedInUser.getId(), function (err: any, rows: any) { dbConnection.user.query('SELECT password FROM credential WHERE user_id=' + loggedInUser.getId(), function (err: any, rows: any) {
if (err) { if (err) {
console.error(err) console.error(err)
res.status(500).render(lang + '/500', { error: err }) res.status(500).render(lang + '/500', { error: err })
...@@ -313,7 +309,7 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -313,7 +309,7 @@ export = function (app: any, config: any, passport: any, lang: string) {
res.flash('error', 'Das Passwort ist leider falsch. Bitte überprüfen Sie Ihre Eingabe.') res.flash('error', 'Das Passwort ist leider falsch. Bitte überprüfen Sie Ihre Eingabe.')
res.redirect('/account/security') res.redirect('/account/security')
} else { } else {
if (newPwd != retypePwd) { if (newPwd !== retypePwd) {
res.flash('error', 'Passwörter stimmen nicht überein. Bitte stellen Sie sicher, dass Sie das Passwort beide Male genau gleich eingeben.') res.flash('error', 'Passwörter stimmen nicht überein. Bitte stellen Sie sicher, dass Sie das Passwort beide Male genau gleich eingeben.')
res.redirect('/account/security') res.redirect('/account/security')
} else { } else {
...@@ -333,8 +329,8 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -333,8 +329,8 @@ export = function (app: any, config: any, passport: any, lang: string) {
res.flash('success', 'Passwort aktualisiert!') res.flash('success', 'Passwort aktualisiert!')
// send notifiaction email // send notifiaction email
mailer.options.to = loggedInUser.getEmail() mailer.options.to = loggedInUser.getEmail()
mailer.options.subject = constants.updatePasswordMailSubject mailer.options.subject = miscConst.updatePasswordMailSubject
mailer.options.html = constants.updatePasswordMailContent + '<div>' + constants.mailSignature + '</div>' mailer.options.html = miscConst.updatePasswordMailContent + '<div>' + miscConst.mailSignature + '</div>'
mailer.transporter.sendMail(mailer.options, function (err: any) { mailer.transporter.sendMail(mailer.options, function (err: any) {
if (err) { console.log(err) } if (err) { console.log(err) }
}) })
...@@ -368,7 +364,7 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -368,7 +364,7 @@ export = function (app: any, config: any, passport: any, lang: string) {
'<p>vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. <br/>' + '<p>vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. <br/>' +
'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: ' + config.app.host + '/verifyAccount?token=' + token + 'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: ' + config.app.host + '/verifyAccount?token=' + token +
'<br/><br/>' + '<br/><br/>' +
'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + constants.mailSignature + 'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + miscConst.mailSignature +
'</div>' '</div>'
mailer.options.to = loggedInUser.email mailer.options.to = loggedInUser.email
mailer.options.subject = emailSubject mailer.options.subject = emailSubject
...@@ -422,7 +418,7 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -422,7 +418,7 @@ export = function (app: any, config: any, passport: any, lang: string) {
const projectName = req.body.name.toLowerCase().replace(/\s/g, '-') const projectName = req.body.name.toLowerCase().replace(/\s/g, '-')
const projectDesc = req.body.description const projectDesc = req.body.description
const projectTemplate = req.body.template const projectTemplate = req.body.template
const newInformation = new projectInformation(loggedInUser.getGitlabUserId()!, projectName, projectDesc) const newInformation = new Website(loggedInUser.getGitlabUserId()!, projectName, projectDesc)
let newLogoFile = defaultLogo let newLogoFile = defaultLogo
if (req.files) { newLogoFile = req.files.logo } if (req.files) { newLogoFile = req.files.logo }
...@@ -441,7 +437,7 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -441,7 +437,7 @@ export = function (app: any, config: any, passport: any, lang: string) {
async function (newLogoFile: any) { // create a new GitLab Page async function (newLogoFile: any) { // create a new GitLab Page
const newPages = await gitlabController.createNewPages(newInformation, newLogoFile, projectTemplate) const newPages = await gitlabController.createNewPages(newInformation, newLogoFile, projectTemplate)
if (newPages.status) { if (newPages.status) {
if (newPages.data.message.name == 'has already been taken') { if (newPages.data.message.name === 'has already been taken') {
res.flash('error', "Der Projektname '" + newInformation.getName() + "' ist bereits vergeben, bitte wählen Sie einen anderen Namen.") res.flash('error', "Der Projektname '" + newInformation.getName() + "' ist bereits vergeben, bitte wählen Sie einen anderen Namen.")
} else { } else {
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut. ') res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut. ')
...@@ -486,11 +482,11 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -486,11 +482,11 @@ export = function (app: any, config: any, passport: any, lang: string) {
} else if (!project.owner) { } else if (!project.owner) {
console.log(' ========= Project cannot be accessed, since it does not have an owner') console.log(' ========= Project cannot be accessed, since it does not have an owner')
res.redirect('/account/services') res.redirect('/account/services')
} else if (project.owner.id != loggedInUser.getGitlabUserId()) { } else if (project.owner.id !== loggedInUser.getGitlabUserId()) {
console.log(' ========= Access denied: Not your project') console.log(' ========= Access denied: Not your project')
res.redirect('/account/services') res.redirect('/account/services')
} else { } else {
const curInformation = new projectInformation(loggedInUser.getGitlabUserId()!, project.name, project.description, const curInformation = new Website(loggedInUser.getGitlabUserId()!, project.name, project.description,
req.query.id, project.avatar_url, project.path_with_namespace) req.query.id, project.avatar_url, project.path_with_namespace)
res.render(lang + '/account/updateInformation', { res.render(lang + '/account/updateInformation', {
...@@ -518,7 +514,7 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -518,7 +514,7 @@ export = function (app: any, config: any, passport: any, lang: string) {
} else { } else {
const projectName = req.body.name.toLowerCase().replace(/\s/g, '-') const projectName = req.body.name.toLowerCase().replace(/\s/g, '-')
const projectDesc = req.body.description const projectDesc = req.body.description
const updatedInformation = new projectInformation(loggedInUser.getGitlabUserId()!, projectName, projectDesc, req.query.id) const updatedInformation = new Website(loggedInUser.getGitlabUserId()!, projectName, projectDesc, req.query.id)
let newLogoFile: any let newLogoFile: any
async.waterfall([ async.waterfall([
...@@ -548,7 +544,7 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -548,7 +544,7 @@ export = function (app: any, config: any, passport: any, lang: string) {
res.flash('success', 'Ihre Website wurde aktualisiert') res.flash('success', 'Ihre Website wurde aktualisiert')
} }
res.redirect('/account/updateInformation?id=' + updatedInformation.getId()) res.redirect('/account/updateInformation?id=' + String(updatedInformation.getId()))
} }
], function (err) { ], function (err) {
if (err != null) console.log(err) if (err != null) console.log(err)
...@@ -580,7 +576,7 @@ export = function (app: any, config: any, passport: any, lang: string) { ...@@ -580,7 +576,7 @@ export = function (app: any, config: any, passport: any, lang: string) {
console.log(' ========= Error or no project found') console.log(' ========= Error or no project found')
} else if (!project.owner) { } else if (!project.owner) {
console.log(' ========= Project cannot be accessed, since it does not have an owner') console.log(' ========= Project cannot be accessed, since it does not have an owner')
} else if (project.owner.id != loggedInUser.getGitlabUserId()) { } else if (project.owner.id !== loggedInUser.getGitlabUserId()) {
console.log(' ========= Access denied: Not your project') console.log(' ========= Access denied: Not your project')
} else { } else {
const isDeleted = await gitlabController.deleteProjectById(projectId) const isDeleted = await gitlabController.deleteProjectById(projectId)
......
src/routes/public.ts
View file @ 4450156e
import async from 'async'
import bcrypt from 'bcryptjs'
import { dbController } from '../controller/dbController'
import mailer from '../config/mailer'
import constants from '../config/const'
import { publicController } from '../controller/publicController' import { publicController } from '../controller/publicController'
const saltRounds: number = 10 module.exports = function (app: any, config: any, lang: any) {
const salt: number = 64
export = function (app: any, config: any, lang: string) {
// ================== NEW USERS REGISTRATION ====================== // ================== NEW USERS REGISTRATION ======================
app.get('/registration', function (req: any, res: any) { app.get('/registration', function (req: any, res: any) {
publicController.showRegistrationPage(res) publicController.showRegistrationPage(res, lang)
}) })
app.post('/registration', function (req: any, res: any) { app.post('/registration', function (req: any, res: any) {
// user data publicController.registerUser(req, res, config)
const curDate: Date = new Date()
const userData: any = {
salutation: req.body.inputSalutation,
title: req.body.inputTitle,
firstname: req.body.inputFirstname,
lastname: req.body.inputLastname,
email: req.body.inputEmail,
organisation: req.body.inputOrganisation,
industry: req.body.inputIndustry,
speciality: req.body.inputSpeciality,
createdDate: curDate.toISOString().slice(0, 10)
}
const userEmail: any = userData.email
const pos: number = userEmail.indexOf('@')
const emailLength: number = userEmail.length
const emailDomain: any = userEmail.slice(pos, emailLength)
if (emailDomain.toLowerCase() == '@hft-stuttgart.de') {
res.flash('error', 'Fehlgeschlagen: HFT-Account')
res.redirect('/account/registration')
} else {
async.waterfall([
function (done: any) {
// generate token
let token: string = ''
const randomChars: string = 'abcdefghijklmnopqrstuvwxyz0123456789'
for (let i = 0; i < 40; i++) {
token += randomChars.charAt(Math.floor(Math.random() * randomChars.length))
}
// encrypt password
bcrypt.genSalt(saltRounds, function (err, salt) {
bcrypt.hash(req.body.inputPassword, salt, function (err: any, hash: any) {
const newAccount: any = {
profile: userData,
password: hash,
verificationToken: token
}
done(err, newAccount)
})
})
},
// save data
function (newAccount: any, err: any) {
dbController.registerNewUser(newAccount, function (err: any) {
if (err) {
res.flash('error', 'Fehlgeschlagen')
} else {
// send email
const emailSubject = 'Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto'
const emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. <br/>' +
'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte <a href=' + String(config.app.host) + '/verifyAccount?token=' + String(newAccount.verificationToken) + '>diesen Link</a> ' +
'<br/><br/>' +
'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + String(constants.mailSignature) +
'</div>'
mailer.options.to = req.body.inputEmail
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transporter.sendMail(mailer.options, function (err: any) {
if (err) {
console.error('Cannot send email. [Error] ' + String(err))
throw err
}
})
// user feedback
res.flash('success', 'Vielen Dank für Ihre Registrierung!' + '\r\n\r\n' +
'Wir haben Ihnen eine E-Mail an Ihre verwendete Adresse gesendet. Diese enthält einen Link zur Bestätigung Ihres Accounts.' + '\r\n' +
'Wenn Sie die Mail nicht in ihrem Postfach vorfinden, prüfen Sie bitte auch Ihren Spam-Ordner.')
}
res.redirect('/account/registration')
})
}
])
}
}) })
// to check whether or not an account is already exist // to check whether or not an account is already exist
app.get('/email/:email', async function (req: any, res: any) { app.get('/email/:email', async function (req: any, res: any) {
...@@ -99,157 +16,29 @@ export = function (app: any, config: any, lang: string) { ...@@ -99,157 +16,29 @@ export = function (app: any, config: any, lang: string) {
// =================== USERS VERIFICATION ========================= // =================== USERS VERIFICATION =========================
app.get('/verifyAccount', async function (req: any, res: any) { app.get('/verifyAccount', async function (req: any, res: any) {
const userId: number = await dbController.getUserIdByVerificationToken(req.query.token) publicController.verifyAccount(req, res, lang)
if (!userId) {
// no user found
res.render(lang + '/account/verification', {
status: null
})
} else {
// a user found, verify the account
const userData: any = {
id: userId,
verificationStatus: 1
}
dbController.verifyUserAccount(userData, async function (err: any) {
if (err) {
console.error(err)
res.render(lang + '/account/verification', {
status: false
})
} else {
// send welcome email after successful account verification
const userEmail: string = await dbController.getUserEmailById(userId)
if (!userEmail) {
res.render(lang + '/account/verification', {
status: false
})
} else {
// send email
const emailSubject = 'Herzlich willkommen'
const emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>herzlich willkommen beim Transferportal der HFT Stuttgart!<br/>' +
'Sie können nun alle Dienste des Portals nutzen.<p/><br/>' + constants.mailSignature
mailer.options.to = userEmail
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transporter.sendMail(mailer.options, function (err: any) {
if (err) {
console.log('cannot send email')
throw err
}
})
res.render(lang + '/account/verification', {
status: true
})
}
}
})
}
}) })
// ==================== FORGOT PASSWORD =========================== // ==================== FORGOT PASSWORD ===========================
app.get('/forgotPwd', function (req: any, res: any) { app.get('/forgotPwd', function (req: any, res: any) {
publicController.showForgotPwdPage(req, res) publicController.showForgotPwdPage(req, res, lang)
}) })
app.post('/forgotPwd', function (req: any, res: any) { app.post('/forgotPwd', function (req: any, res: any) {
const emailAddress = req.body.inputEmail publicController.generateNewToken(req, res, config)
async.waterfall([
async function (done: any) {
const user = await dbController.checkUserEmail(emailAddress)
if (!user) {
console.log('No user found: ' + String(emailAddress))
} else {
// generate token
let token: string = ''
const randomChars: string = 'abcdefghijklmnopqrstuvwxyz0123456789'
for (let i = 0; i < 40; i++) {
token += randomChars.charAt(Math.floor(Math.random() * randomChars.length))
}
const emailSubject = 'Ihre Passwort-Anfrage an das Transferportal der HFT Stuttgart'
const emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.<br/><br/>' +
'Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: ' + String(config.app.host) + '/reset/' + String(token) + '<br/>' +
'Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.<br/></p>' + String(constants.mailSignature) + '</div>'
const credentialData = {
user_id: user.id,
resetPasswordToken: token,
resetPasswordExpires: Date.now() + 3600000 // 1 hour
}
const result = await dbController.updateCredential(credentialData)
if (!result) {
console.log('failed to update credential')
} else {
// send email
mailer.options.to = emailAddress
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transporter.sendMail(mailer.options, function (err: any) {
if (err) { console.error(err) }
})
}
}
done(null)
}
], function (err: any) {
if (err) {
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.')
} else {
res.flash('success', 'Wenn Ihre E-Mail-Adresse registriert ist, wurde eine E-Mail mit dem weiteren Vorgehen an ' + String(emailAddress) + ' versendet.')
}
res.redirect('/account/forgotPwd')
})
}) })
// reset // reset
app.get('/reset/:token', async function (req: any, res: any) { app.get('/reset/:token', async function (req: any, res: any) {
publicController.showResetToken(req, res) publicController.showResetPassword(req, res, lang)
}) })
app.post('/reset/:token', async function (req: any, res: any) { app.post('/reset/:token', async function (req: any, res: any) {
const newPwd = req.body.inputNewPwd publicController.resetPassword(req, res)
const user = await dbController.getUserByToken(req.params.token)
if (!user) {
res.flash('error', 'User not found.')
res.redirect('/login')
} else {
// encrypt password
bcrypt.genSalt(saltRounds, function (err, salt) {
bcrypt.hash(newPwd, salt, async function (err: any, hash) {
const credentialData = {
password: hash,
user_id: user.user_id,
resetPasswordToken: null,
resetPasswordExpires: null
}
// update password
const result = await dbController.updateCredential(credentialData)
if (!result) {
console.log('Failed to reset password')
res.flash('error', 'Datenbankfehler: Passwort kann nicht geändert werden.')
} else {
res.flash('success', 'Passwort aktualisiert!')
// send notification email
mailer.options.to = user.email
mailer.options.subject = constants.updatePasswordMailSubject
mailer.options.html = constants.updatePasswordMailContent + '<div>' + constants.mailSignature + '</div>'
mailer.transporter.sendMail(mailer.options, function (err: any) {
if (err) { console.log(err) }
})
}
res.redirect('/login')
})
})
}
}) })
// ======================= CONTACT FORM =========================== // ======================= CONTACT FORM ===========================
app.get('/contact', function (req: any, res: any) { app.get('/contact', function (req: any, res: any) {
publicController.showContactPage(req, res) publicController.showContactPage(req, res, lang)
}) })
app.post('/contact', function (req: any, res: any) { app.post('/contact', function (req: any, res: any) {
publicController.sendContactMessage(req, res) publicController.sendContactMessage(req, res)
......
src/views/DE/account/services.pug
View file @ 4450156e
...@@ -78,6 +78,9 @@ html(lang="de") ...@@ -78,6 +78,9 @@ html(lang="de")
div(class="col text-right") div(class="col text-right")
button(type="button", class="btn btn-sm btn-success" disabled) Neuer Projektdatensatz button(type="button", class="btn btn-sm btn-success" disabled) Neuer Projektdatensatz
table(class="table") table(class="table")
if gitlabRepos.length == 0
tr
td Currently you have no project codes/data
for item in gitlabRepos for item in gitlabRepos
- let img = item.logo - let img = item.logo
tr tr
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Dies ist die Gitlab-Instanz des Transferportals der Hochschule für Technik Stuttgart. Hier geht es zurück zum Portal