Skip to content

GitLab

Commit bc823d2a authored by Rosanny Sihombing's avatar Rosanny Sihombing
Browse files

Merge branch 'devel' of https://transfer.hft-stuttgart.de/gitlab/m4lab_tv1/user-account into devel

parents bafa2004 40654a4a
Show whitespace changes
Inline Side-by-side
routes/routes.js
View file @ bc823d2a
...@@ -3,8 +3,9 @@ const SamlStrategy = require('passport-saml').Strategy ...@@ -3,8 +3,9 @@ const SamlStrategy = require('passport-saml').Strategy
const dbconn = require('./dbconn') const dbconn = require('./dbconn')
const methods = require('./methods') const methods = require('./methods')
// pwd encryption // pwd encryption
const bcrypt = require('bcryptjs') const bcrypt = require('bcryptjs');
const saltRounds = 10 const saltRounds = 10;
const salt = 64; // salt length
// forgot pwd // forgot pwd
const async = require('async') const async = require('async')
const crypto = require('crypto') const crypto = require('crypto')
...@@ -53,15 +54,37 @@ module.exports = function (app, config, passport) { ...@@ -53,15 +54,37 @@ module.exports = function (app, config, passport) {
passport.use(samlStrategy); passport.use(samlStrategy);
// ============================
/*
app.all('/', function(req, res){
req.flash('test', 'it worked');
res.redirect('/test')
});
app.all('/test', function(req, res){
res.send(JSON.stringify(req.flash('test')));
});
*/
app.get('/', function (req, res) {
res.redirect('/account/profile')
});
app.get('/login',
passport.authenticate(config.passport.strategy,
{
successRedirect: '/account/',
failureRedirect: '/account/login'
})
);
// ============= SAML ============== // ============= SAML ==============
app.post(config.passport.saml.path, app.post(config.passport.saml.path,
passport.authenticate(config.passport.strategy, passport.authenticate(config.passport.strategy,
{ {
failureRedirect: '/', failureRedirect: '/account/',
failureFlash: true failureFlash: true
}), }),
function (req, res) { function (req, res) {
res.redirect('/'); res.redirect('/account/');
} }
); );
...@@ -97,14 +120,14 @@ module.exports = function (app, config, passport) { ...@@ -97,14 +120,14 @@ module.exports = function (app, config, passport) {
// ======== APP ROUTES ==================== // ======== APP ROUTES ====================
app.get('/', function (req, res) { app.get('/', function (req, res) {
res.redirect('/profile') res.redirect('/account/profile')
}); });
app.get('/login', app.get('/login',
passport.authenticate(config.passport.strategy, passport.authenticate(config.passport.strategy,
{ {
successRedirect: '/', successRedirect: '/account/',
failureRedirect: '/login' failureRedirect: '/account/login'
}) })
); );
...@@ -130,6 +153,7 @@ module.exports = function (app, config, passport) { ...@@ -130,6 +153,7 @@ module.exports = function (app, config, passport) {
}); });
}); });
app.get('/profile', function (req, res) { app.get('/profile', function (req, res) {
if (req.isAuthenticated()) { if (req.isAuthenticated()) {
methods.getUserByEmail(req.user.email, function(data, err){ methods.getUserByEmail(req.user.email, function(data, err){
...@@ -141,7 +165,7 @@ module.exports = function (app, config, passport) { ...@@ -141,7 +165,7 @@ module.exports = function (app, config, passport) {
} }
}) })
} else { } else {
res.redirect('/login'); res.redirect('/account/login');
} }
}); });
...@@ -205,7 +229,7 @@ module.exports = function (app, config, passport) { ...@@ -205,7 +229,7 @@ module.exports = function (app, config, passport) {
} }
]) ])
} else { } else {
res.redirect('/login'); res.redirect('/account/login');
} }
}); });
...@@ -216,7 +240,7 @@ module.exports = function (app, config, passport) { ...@@ -216,7 +240,7 @@ module.exports = function (app, config, passport) {
user: req.user // useful for view engine, useless for HTML user: req.user // useful for view engine, useless for HTML
}); });
} else { } else {
res.redirect('/login'); res.redirect('/account/login');
} }
}); });
...@@ -241,11 +265,11 @@ module.exports = function (app, config, passport) { ...@@ -241,11 +265,11 @@ module.exports = function (app, config, passport) {
else { else {
req.flash('success', 'Profile updated!'); req.flash('success', 'Profile updated!');
} }
res.redirect('/profile'); res.redirect('/account/profile');
}) })
} }
} else { } else {
res.redirect('/login'); res.redirect('/account/login');
} }
}); });
...@@ -260,7 +284,7 @@ module.exports = function (app, config, passport) { ...@@ -260,7 +284,7 @@ module.exports = function (app, config, passport) {
// Load hashed passwd from DB // Load hashed passwd from DB
dbconn.user.query('SELECT password FROM credential WHERE user_id='+userId, function (err, rows, fields) { dbconn.user.query('SELECT password FROM credential WHERE user_id='+userId, function (err, rows, fields) {
if (err) { if (err) {
res.redirect('/500') res.redirect('/account/500')
throw err throw err
} }
var userPwd = rows[0].password var userPwd = rows[0].password
...@@ -273,12 +297,12 @@ module.exports = function (app, config, passport) { ...@@ -273,12 +297,12 @@ module.exports = function (app, config, passport) {
} }
else if (!isMatch) { else if (!isMatch) {
req.flash('error', "Sorry, your password was incorrect. Please double-check your password.") req.flash('error', "Sorry, your password was incorrect. Please double-check your password.")
res.redirect('/security') res.redirect('/account/security')
} }
else { else {
if ( newPwd != retypePwd ) { if ( newPwd != retypePwd ) {
req.flash('error', "Passwords do no match. Please make sure you re-type your new password correctly.") req.flash('error', "Passwords do no match. Please make sure you re-type your new password correctly.")
res.redirect('/security') res.redirect('/account/security')
} }
else { else {
// update password // update password
...@@ -297,7 +321,7 @@ module.exports = function (app, config, passport) { ...@@ -297,7 +321,7 @@ module.exports = function (app, config, passport) {
req.flash('success', "Pasword updated!") req.flash('success', "Pasword updated!")
console.log('pasword updated!') console.log('pasword updated!')
} }
res.redirect('/security') res.redirect('/account/security')
}) })
}); });
}); });
...@@ -309,7 +333,7 @@ module.exports = function (app, config, passport) { ...@@ -309,7 +333,7 @@ module.exports = function (app, config, passport) {
}) })
} }
else { else {
res.redirect('/login'); res.redirect('/account/login');
} }
}); });
...@@ -342,7 +366,7 @@ module.exports = function (app, config, passport) { ...@@ -342,7 +366,7 @@ module.exports = function (app, config, passport) {
emailSubject = "M4_LAB Password Reset"; emailSubject = "M4_LAB Password Reset";
emailContent = "Hi User,\n\n"+ emailContent = "Hi User,\n\n"+
"we've received a request to reset your password. If you didn't make the request, just ignore this email.\n\n"+ "we've received a request to reset your password. If you didn't make the request, just ignore this email.\n\n"+
"Otherwise, you can reset your password using this link: http://" + req.headers.host + "/reset/" + token + "\n" + "Otherwise, you can reset your password using this link: https://" + config.app.hostname + "/reset/" + token + "\n" +
"This password reset is only valid for 1 hour.\n\n"+ "This password reset is only valid for 1 hour.\n\n"+
"Thanks,\nM4_LAB Team" "Thanks,\nM4_LAB Team"
...@@ -375,7 +399,7 @@ module.exports = function (app, config, passport) { ...@@ -375,7 +399,7 @@ module.exports = function (app, config, passport) {
else { else {
req.flash('success', 'An e-mail has been sent to ' + emailAddress + ' with further instructions.'); req.flash('success', 'An e-mail has been sent to ' + emailAddress + ' with further instructions.');
} }
res.redirect('/forgotPwd'); res.redirect('/account/forgotPwd');
}); });
}); });
...@@ -384,7 +408,7 @@ module.exports = function (app, config, passport) { ...@@ -384,7 +408,7 @@ module.exports = function (app, config, passport) {
//console.log(user); //console.log(user);
if (!user) { if (!user) {
req.flash('error', 'Password reset token is invalid or has expired.'); req.flash('error', 'Password reset token is invalid or has expired.');
res.redirect('/forgotPwd'); res.redirect('/account/forgotPwd');
} }
else { else {
res.render('reset'); res.render('reset');
...@@ -393,11 +417,12 @@ module.exports = function (app, config, passport) { ...@@ -393,11 +417,12 @@ module.exports = function (app, config, passport) {
}); });
app.post('/reset/:token', function(req, res) { app.post('/reset/:token', function(req, res) {
var newPwd = req.body.inputNewPwd
methods.checkUserToken(req.params.token, function(err, user){ methods.checkUserToken(req.params.token, function(err, user){
if (user) { if (user) {
// encrypt password // encrypt password
bcrypt.genSalt(saltRounds, function(err, salt) { bcrypt.genSalt(saltRounds, function(err, salt) {
bcrypt.hash(req.body.inputNewPwd, salt, function(err, hash) { bcrypt.hash(newPwd, salt, function(err, hash) {
var credentialData = { var credentialData = {
password: hash, password: hash,
user_id: user.user_id user_id: user.user_id
...@@ -424,7 +449,6 @@ module.exports = function (app, config, passport) { ...@@ -424,7 +449,6 @@ module.exports = function (app, config, passport) {
} }
}); });
//res.redirect('/login')
}); });
// todo: user registration with captcha // todo: user registration with captcha
...@@ -470,6 +494,10 @@ module.exports = function (app, config, passport) { ...@@ -470,6 +494,10 @@ module.exports = function (app, config, passport) {
}); });
}) })
app.get('/email/:email', function(req, res) { app.get('/email/:email', function(req, res) {
methods.checkUserEmail(req.params.email, function(err, user){ methods.checkUserEmail(req.params.email, function(err, user){
if (!err) { if (!err) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Dies ist die Gitlab-Instanz des Transferportals der Hochschule für Technik Stuttgart. Hier geht es zurück zum Portal