diff --git a/app.js b/app.js index 5680690e17ddac58af6c0f9c59b19d833042c36a..8d28149d7a4c9e75caf207b894989eb912d37c96 100644 --- a/app.js +++ b/app.js @@ -13,14 +13,9 @@ const helmet = require('helmet'); const compression = require('compression'); const methodOverride = require('method-override'); -const i18n = require('i18n'); // internationalization -i18n.configure({ - locales:['de', 'en'], - directory: './locales' -}); - var env = process.env.NODE_ENV || 'testing'; const config = require('./config/config')[env]; +const lang = 'DE'; var app = express(); @@ -44,9 +39,7 @@ app.use(cookieParser()); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({extended: false})); app.use(express.static(path.join(__dirname, 'public'))); -app.use(i18n.init); app.use((req, res, next) => { - res.setLocale('de'); next(); }); @@ -68,17 +61,18 @@ app.use(function(req, res, next) { next(); }); -require('./routes/routes-account')(app, config, passport, i18n); +require('./routes/routes-account')(app, config, passport, lang); +require('./routes/public')(app, config, lang); // Handle 404 app.use(function (req, res) { - res.status(404).render('DE/404') + res.status(404).render(lang+'/404') }) // Handle 500 - any server error app.use(function (err, req, res, next) { console.error(err.stack) - res.status(500).render('DE/500', { + res.status(500).render(lang+'/500', { error: err }) }) diff --git a/config/const.js b/config/const.js new file mode 100644 index 0000000000000000000000000000000000000000..dcbb821a4bf191c8a5ddd0dd10e9e0abab0a1c56 --- /dev/null +++ b/config/const.js @@ -0,0 +1,19 @@ +module.exports = { + + mailSignature: 'Mit den besten Grüßen,
das Transferportal-Team der HFT Stuttgart

' + + 'Transferportal der Hochschule für Technik Stuttgart
' + + 'Schellingstr. 24 70174 Stuttgart
' + + 'm4lab@hft-stuttgart.de
' + + 'https://transfer.hft-stuttgart.de
' + + 'HFT  ' + + 'Facebook  ' + + 'Instagram  ' + + 'Twitter  ' + + 'Youtube  ' + + '' + + 'Snapchat' + + '
', + updatePasswordMailSubject: "Ihr Passwort für das Transferportal wurde gespeichert.", + updatePasswordMailContent: '
Lieber Nutzer,

Ihr Passwort wurde erfolgreich geändert.

' + +} \ No newline at end of file diff --git a/routes/dbconn.js b/config/dbconn.js similarity index 95% rename from routes/dbconn.js rename to config/dbconn.js index c66d0d2d270e0cb3f396fdda23fbe29406169d3b..670032958e099606b5558a39b94cc6492eb155e4 100644 --- a/routes/dbconn.js +++ b/config/dbconn.js @@ -1,7 +1,7 @@ const mysql = require('mysql') var env = process.env.NODE_ENV || 'testing'; -const config = require('../config/config')[env] +const config = require('./config')[env] // ==== USER ACOOUNT DB CONNECTION ==== var userConnection = mysql.createConnection({ diff --git a/routes/dbconn2.js b/config/dbconn2.js similarity index 95% rename from routes/dbconn2.js rename to config/dbconn2.js index fe22f1d8cdc02d1d905b9df9da3272548bf3ab17..abbd0a012666e0d1f86b03512759cd438cd2d8fe 100644 --- a/routes/dbconn2.js +++ b/config/dbconn2.js @@ -1,7 +1,7 @@ const mysql = require('mysql2') var env = process.env.NODE_ENV || 'testing'; -const config = require('../config/config')[env] +const config = require('./config')[env] // ==== USER ACOOUNT DB CONNECTION ==== var userConnection = mysql.createConnection({ diff --git a/routes/mailer.js b/config/mailer.js similarity index 89% rename from routes/mailer.js rename to config/mailer.js index 2c51bd7d5ed5682bfdd9fa0c48788e1bd4affe19..d1e59ff03fb74925b5f57f01ad4136bba274f017 100644 --- a/routes/mailer.js +++ b/config/mailer.js @@ -1,7 +1,7 @@ const nodemailer = require('nodemailer') var env = process.env.NODE_ENV || 'testing'; -const config = require('../config/config')[env] +const config = require('./config')[env] var smtpTransport = nodemailer.createTransport({ host: config.mailer.host, diff --git a/database/userdb_role.sql b/database/userdb_role.sql deleted file mode 100644 index be18e685ca0e5b100bf1164972733c9720bb6b63..0000000000000000000000000000000000000000 --- a/database/userdb_role.sql +++ /dev/null @@ -1,51 +0,0 @@ --- MySQL dump 10.13 Distrib 8.0.15, for Win64 (x86_64) --- --- Host: localhost Database: userdb --- ------------------------------------------------------ --- Server version 8.0.15 - -/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; -/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; -/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */; - SET NAMES utf8 ; -/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */; -/*!40103 SET TIME_ZONE='+00:00' */; -/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; -/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; -/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; -/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; - --- --- Table structure for table `role` --- - -DROP TABLE IF EXISTS `role`; -/*!40101 SET @saved_cs_client = @@character_set_client */; - SET character_set_client = utf8mb4 ; -CREATE TABLE `role` ( - `id` int(11) NOT NULL, - `name` varchar(45) NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=InnoDB DEFAULT CHARSET=latin1; -/*!40101 SET character_set_client = @saved_cs_client */; - --- --- Dumping data for table `role` --- - -LOCK TABLES `role` WRITE; -/*!40000 ALTER TABLE `role` DISABLE KEYS */; -INSERT INTO `role` VALUES (1,'ADMIN'),(2,'USER'),(3,'OVERVIEW_CREATOR'); -/*!40000 ALTER TABLE `role` ENABLE KEYS */; -UNLOCK TABLES; -/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */; - -/*!40101 SET SQL_MODE=@OLD_SQL_MODE */; -/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; -/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; -/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; -/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; -/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; -/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; - --- Dump completed on 2020-03-19 9:21:39 diff --git a/routes/gitlab.js b/functions/gitlab.js similarity index 100% rename from routes/gitlab.js rename to functions/gitlab.js diff --git a/routes/helpers.js b/functions/helpers.js similarity index 100% rename from routes/helpers.js rename to functions/helpers.js diff --git a/routes/methods.js b/functions/methods.js similarity index 88% rename from routes/methods.js rename to functions/methods.js index 625734291559e3fcb5cb26fd3f61ab74452ae11b..722ca56be9fd1978ef25a0f74f004436f3b2b1d6 100644 --- a/routes/methods.js +++ b/functions/methods.js @@ -1,5 +1,5 @@ -const dbconn_OBSOLETE = require('./dbconn') // DO NOT USE THIS FOR NEW FEATURE -const dbconn = require('./dbconn2') +const dbconn_OBSOLETE = require('../config/dbconn') // DO NOT USE THIS FOR NEW FUNCTIONS +const dbconn = require('../config/dbconn2') var methods = { // ===================== user db ===================== @@ -65,18 +65,6 @@ var methods = { callback(err) }) }, - getUserByEmail_OBSOLETE: function(email, callback) { - dbconn_OBSOLETE.user.query('SELECT id, verificationStatus, salutation, title, firstname, lastname, industry, organisation, speciality, m4lab_idp FROM user WHERE email = "' +email+'"', function (err, rows, fields) { - let user - if (err) { throw err } - else { - if ( rows.length > 0) { - user = rows[0] - } - } - callback(user, err) - }); - }, getUserByEmail: async function(email) { try { let rows = await dbconn.user.promise().query('SELECT id, verificationStatus, salutation, title, firstname, lastname, industry, organisation, speciality, m4lab_idp FROM user WHERE email = "' +email+'"') @@ -213,18 +201,6 @@ var methods = { }) }, /* ===== GitLab ===== */ - getGitlabId_OBSOLETE: function(userId, callback){ - let gitlabUserId - dbconn_OBSOLETE.user.query('SELECT gu.gitlab_userId FROM user_gitlab gu, user u WHERE u.id = "' +userId+'" and gu.user_id = u.id', function (err, rows) { - if (err) { - throw err - } - else if(rows[0]) { - gitlabUserId = rows[0].gitlab_userId - } - callback(gitlabUserId, err) - }) - }, getGitlabId: async function(userId) { try { let rows = await dbconn.user.promise().query('SELECT gu.gitlab_userId FROM user_gitlab gu, user u WHERE u.id = "' +userId+'" and gu.user_id = u.id') diff --git a/locales/de.json b/locales/de.json deleted file mode 100644 index 13a9c09210fdde2225ce2a378649592f2e9826db..0000000000000000000000000000000000000000 --- a/locales/de.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "Hello World": "Hallo Welt", - "Hello": "Hallo" -} \ No newline at end of file diff --git a/locales/en.json b/locales/en.json deleted file mode 100644 index 0873ff891aa278c7cf58ff1bb548db68ed5b2edf..0000000000000000000000000000000000000000 --- a/locales/en.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "Hello World": "Hello World", - "Hello": "Hello", -} \ No newline at end of file diff --git a/routes/routes-account.js b/routes/account.js similarity index 58% rename from routes/routes-account.js rename to routes/account.js index 6c931ed90aa943dbd1d0e702b122063331276c1b..eb99e1fae75d320baf71d319b1e7fb9c69aa7c52 100644 --- a/routes/routes-account.js +++ b/routes/account.js @@ -1,8 +1,9 @@ const fs = require('fs') const SamlStrategy = require('passport-saml').Strategy -const dbconn = require('./dbconn') -const methods = require('./methods') -const gitlab = require('./gitlab') +const dbconn = require('../config/dbconn') +const methods = require('../functions/methods') +const gitlab = require('../functions/gitlab') +const constants = require('../config/const') // pwd encryption const bcrypt = require('bcryptjs'); const saltRounds = 10; @@ -10,7 +11,7 @@ const salt = 64; // salt length // forgot pwd const async = require('async') const crypto = require('crypto') -const mailer = require('./mailer') +const mailer = require('../config/mailer') const logoDir = 'public/upload/' const defaultLogo = 'public/default/logo.png' const tpGitlabURL = 'https://transfer.hft-stuttgart.de/gitlab/' @@ -20,7 +21,7 @@ const portalUser = require('../classes/user') const projectInformation = require('../classes/website') const projectRepo = require('../classes/repo') -module.exports = function (app, config, passport, i18n) { +module.exports = function (app, config, passport, lang) { // =========== PASSPORT ======= passport.serializeUser(function (user, done) { @@ -31,20 +32,6 @@ module.exports = function (app, config, passport, i18n) { done(null, user); }); - const mailSignature = 'Mit den besten Grüßen,
das Transferportal-Team der HFT Stuttgart

' + - 'Transferportal der Hochschule für Technik Stuttgart
' + - 'Schellingstr. 24 70174 Stuttgart
' + - 'm4lab@hft-stuttgart.de
' + - 'https://transfer.hft-stuttgart.de
' + - 'HFT  ' + - 'Facebook  ' + - 'Instagram  ' + - 'Twitter  ' + - 'Youtube  ' + - '' + - 'Snapchat' + - '
' - var samlStrategy = new SamlStrategy({ // URL that goes from the Identity Provider -> Service Provider callbackUrl: config.passport.saml.path, @@ -98,18 +85,7 @@ module.exports = function (app, config, passport, i18n) { } ); - // ================ test i18n ================== - i18n.setLocale('de'); - app.get('/de', function(req, res) { - var greeting = i18n.__('Hello World') - res.send(greeting) - }); - - var lang = 'DE' - // ======== APP ROUTES - ACCOUNT ==================== - var updatePasswordMailSubject = "Ihr Passwort für das Transferportal wurde gespeichert." - var updatePasswordMailContent = '
Lieber Nutzer,

Ihr Passwort wurde erfolgreich geändert.

' + mailSignature + '
'; async function getLoggedInUserData(email) { let user = await methods.getUserByEmail(email) @@ -337,8 +313,8 @@ module.exports = function (app, config, passport, i18n) { } else { res.flash('success', "Passwort aktualisiert!") mailer.options.to = req.user.email - mailer.options.subject = updatePasswordMailSubject - mailer.options.html = updatePasswordMailContent + mailer.options.subject = constants.updatePasswordMailSubject + mailer.options.html = constants.updatePasswordMailContent+'
'+constants.mailSignature+'
' mailer.transport.sendMail(mailer.options, function(err) { if (err) { console.log(err) } }); @@ -353,124 +329,61 @@ module.exports = function (app, config, passport, i18n) { }) } }); - - app.get('/forgotPwd', function (req, res) { - res.render(lang+'/account/forgotPwd', { - user: req.user - }); - }); - - app.post('/forgotPwd', function(req, res, next) { - let emailAddress = req.body.inputEmail - async.waterfall([ - function(done) { - crypto.randomBytes(20, function(err, buf) { - var token = buf.toString('hex'); - done(err, token); - }); - }, - function(token, done) { - methods.checkUserEmail(emailAddress, function(err, user){ - if (user) { - console.log("email: user found"); - var emailSubject = "Ihre Passwort-Anfrage an das Transferportal der HFT Stuttgart"; - // var emailContent = "Lieber Nutzer,\n\n"+ - // "wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.\n\n"+ - // "Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: http://localhost:9989/reset/" + token + "\n" + // localhost - // "Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.\n\n"+mailSignature - - var emailContent = '
Lieber Nutzer, Varun

' + - '

wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.

' + - 'Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: http://m4lab.hft-stuttgart.de/account/reset/' + token + '
' + // test server - 'Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.

' + mailSignature + '
'; - - var credentialData = { - user_id: user.id, - resetPasswordToken: token, - resetPasswordExpires: Date.now() + 3600000 // 1 hour - } - methods.updateCredential(credentialData, function(err) { - done(err, token, user); - }); - - // send email - mailer.options.to = emailAddress; - mailer.options.subject = emailSubject; - mailer.options.html = emailContent; - mailer.transport.sendMail(mailer.options, function(err) { - done(err, 'done'); - }); - } - else { - done(err, 'no user found'); - } - }); - } - ], function(err) { - if (err) { - res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.'); - } - else { - res.flash('success', 'Wenn Ihre E-Mail-Adresse registriert ist, wurde eine E-Mail mit dem weiteren Vorgehen an ' + emailAddress + ' versendet.'); - } - res.redirect('/account/forgotPwd'); - }); - }); - - app.get('/reset/:token', function(req, res) { - methods.getUserByToken(req.params.token, function(err, user){ - if (!user) { - res.flash('error', 'Der Schlüssel zum zurücksetzen des Passworts ist ungültig oder abgelaufen.') - res.redirect('/account/forgotPwd') - } - else { - res.render(lang+'/account/reset') - } - }); - }); - - app.post('/reset/:token', function(req, res) { - var newPwd = req.body.inputNewPwd - methods.getUserByToken(req.params.token, function(err, user){ - if (user) { - // encrypt password - bcrypt.genSalt(saltRounds, function(err, salt) { - bcrypt.hash(newPwd, salt, function(err, hash) { - var credentialData = { - password: hash, - user_id: user.user_id - } - // update password - methods.updateCredential(credentialData, function(err){ - if (err) { - res.flash('error', "Datenbankfehler: Passwort kann nicht geändert werden.") - throw err - } - else { - res.flash('success', "Passwort aktualisiert!") - // send notifiaction email - mailer.options.to = user.email - mailer.options.subject = updatePasswordMailSubject - mailer.options.html = updatePasswordMailContent + + app.get("/resendVerificationEmail", function(req, res){ + if (req.isAuthenticated()) { + var emailAddress = req.user.email + + methods.getUserIdByEmail(req.user.email, function(userId, err) { + if (!err) { + // get token + methods.getVerificationTokenByUserId(userId, function(token, err){ + if (!err) { + if (token) { + // send email + var emailSubject = "Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto" + var emailContent = '
Lieber Nutzer,

' + + '

vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart.
' + + 'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: ' + config.app.host + '/verifyAccount?token=' + token + + '

' + + 'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.


' + constants.mailSignature + + '
'; + mailer.options.to = emailAddress; + mailer.options.subject = emailSubject; + mailer.options.html = emailContent; mailer.transport.sendMail(mailer.options, function(err) { if (err) { - console.log(err) + console.log('cannot send email') + throw err } - }); - // redirect to login page - res.redirect('/login') + }) + res.send(true) } - }) - }); - }); - } - else { - res.flash('error', "User not found.") - res.redirect('/login') - } - }); + else { + res.send(false) + } + } + else { + console.log(err) + } + }) + } + }) + } + }) - }); + app.get('/email/:email', function(req, res) { + methods.checkUserEmail(req.params.email, function(err, user){ + if (!err) { + if (user) { + res.send(false) + } + else { + res.send(true) + } + } + }) + }) // ============= NEW GITLAB PAGES =========================== @@ -668,242 +581,4 @@ module.exports = function (app, config, passport, i18n) { } }) - // ============= NEW USERS REGISTRATION =========================== - app.get('/registration', function(req, res) { - res.render(lang+'/account/registration') - }) - app.post('/registration', function(req, res) { - // user data - var curDate = new Date() - var userData = { - salutation: req.body.inputSalutation, - title: req.body.inputTitle, - firstname: req.body.inputFirstname, - lastname: req.body.inputLastname, - email: req.body.inputEmail, - organisation: req.body.inputOrganisation, - industry: req.body.inputIndustry, - speciality: req.body.inputSpeciality, - createdDate: curDate.toISOString().slice(0,10) - } - - var userEmail = userData.email - var pos = userEmail.indexOf('@') - var emailLength = userEmail.length - var emailDomain = userEmail.slice(pos, emailLength); - - if ( emailDomain.toLowerCase() == "@hft-stuttgart.de") { - res.flash('error', "Fehlgeschlagen: HFT-Account") - res.redirect('/account/registration') - } - else { - let token - async.waterfall([ - function(done) { - crypto.randomBytes(20, function(err, buf) { - token = buf.toString('hex'); - done(err, token); - }); - }, - // encrypt password - function(token, done) { - bcrypt.genSalt(saltRounds, function(err, salt) { - bcrypt.hash(req.body.inputPassword, salt, function(err, hash) { - var newAccount = { - profile: userData, - password: hash, - verificationToken: token - } - done(err, newAccount) - }); - }); - }, - // save data - function(newAccount, err) { - methods.registerNewUser(newAccount, function(err){ - if (err) { - res.flash('error', "Fehlgeschlagen") - } - else { - // send email - var emailSubject = "Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto" - // var emailContent = "Lieber Nutzer,\n\n"+ - // "vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart.\n"+ - // "Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: "+config.app.host+"/verifyAccount?token="+token+"\n"+ - // "Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.\n\n"+ - // "Sollten Sie sich selbst nicht mit Ihren Daten am Transferportal registriert haben, ignorieren Sie diese E-Mail bitte.\n\n"+mailSignature - var emailContent = '
Lieber Nutzer,

' + - '

vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart.
' + - 'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: ' + config.app.host + '/verifyAccount?token=' + token + - '

' + - 'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.


' + mailSignature + - '
'; - mailer.options.to = req.body.inputEmail; - mailer.options.subject = emailSubject; - mailer.options.html = emailContent; - mailer.transport.sendMail(mailer.options, function(err) { - if (err) { - console.log('cannot send email') - throw err - } - }) - // user feedback - res.flash('success', 'Vielen Dank für Ihre Registrierung!'+'\r\n\r\n'+ - 'Wir haben Ihnen eine E-Mail an Ihre verwendete Adresse gesendet. Diese enthält einen Link zur Bestätigung Ihres Accounts.'+'\r\n'+ - 'Wenn Sie die Mail nicht in ihrem Postfach vorfinden, prüfen Sie bitte auch Ihren Spam-Ordner.') - } - res.redirect('/account/registration') - }) - } - ]) - } - }) - - // ============= USER VERIFICATION ================================ - app.get("/verifyAccount", function(req, res){ - methods.getUserIdByVerificationToken(req.query.token, function(userId, err){ - if (userId) { - let userData = { - id: userId, - verificationStatus: 1 - } - methods.verifyUserAccount(userData, function(err){ - if (err) { - console.log("Error: "+err) - res.render(lang+'/account/verification', { - status: false - }); - } - else { - // send welcome email after successful account verification - methods.getUserById(userId, function(data, err){ - if (err) { - console.log("Error: "+err) - } - else { - // send email - var emailSubject = "Herzlich willkommen" - var emailContent = '
Lieber Nutzer,

' + - '

herzlich willkommen beim Transferportal der HFT Stuttgart!
' + - 'Sie können nun alle Dienste des Portals nutzen.


' + mailSignature; - mailer.options.to = data.email; - mailer.options.subject = emailSubject; - mailer.options.html = emailContent; - mailer.transport.sendMail(mailer.options, function(err) { - if (err) { - console.log('cannot send email') - throw err - } - }) - } - }) - - res.render(lang+'/account/verification', { - status: true - }); - } - }) - } - else { - res.render(lang+'/account/verification', { - status: null - }); - } - }) - }) - app.get("/resendVerificationEmail", function(req, res){ - if (req.isAuthenticated()) { - var emailAddress = req.user.email - - methods.getUserIdByEmail(req.user.email, function(userId, err) { - if (!err) { - // get token - methods.getVerificationTokenByUserId(userId, function(token, err){ - if (!err) { - if (token) { - // send email - var emailSubject = "Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto" - // var emailContent = "Lieber Nutzer,\n\n"+ - // "vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. "+ - // "\nUm Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: "+config.app.host+"/verifyAccount?token="+token+ - // "\n\nOhne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.\n\n"+mailSignature - var emailContent = '

Lieber Nutzer,

' + - '

vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart.
' + - 'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: ' + config.app.host + '/verifyAccount?token=' + token + - '

' + - 'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.


' + mailSignature + - '
'; - mailer.options.to = emailAddress; - mailer.options.subject = emailSubject; - mailer.options.html = emailContent; - mailer.transport.sendMail(mailer.options, function(err) { - if (err) { - console.log('cannot send email') - throw err - } - }) - res.send(true) - } - else { - res.send(false) - } - } - else { - console.log(err) - } - }) - } - }) - } - }) - - app.get('/email/:email', function(req, res) { - methods.checkUserEmail(req.params.email, function(err, user){ - if (!err) { - if (user) { - res.send(false) - } - else { - res.send(true) - } - } - }) - }) - - app.get('/contact', function (req, res) { - res.render(lang+'/account/contact', { - user: req.user - }) - }) - - app.post('/contact', function(req, res, next) { - //methods.currentDate(); - let emailAddress = req.body.inputEmail; - let supportAddress = "support-transfer@hft-stuttgart.de"; - let inputName = req.body.name; - let inputContent = req.body.message; - let emailContent = "Es wurde eine Anfrage an das Transferportal gestellt: \n\n NAME: " + inputName + "\n NACHRICHT:\n "+ inputContent; - let emailSubject = "Ihre Anfrage an das Transferportal"; - async.waterfall([ - function(done) { - // send email - mailer.options.to = supportAddress; - mailer.options.cc = emailAddress; - mailer.options.subject = emailSubject; - mailer.options.text = emailContent; - mailer.transport.sendMail(mailer.options, function(err) { - done(err, 'done'); - }); - } - ], function(err) { - if (err) { - res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.'); - } - else { - res.flash('success', 'Vielen Dank für Ihre Anfrage. Wir melden uns baldmöglichst bei Ihnen. Eine Kopie Ihrer Anfrage wurde an ' + emailAddress + ' versandt.'); - } - res.redirect('/account/contact') - }) - }) - } \ No newline at end of file diff --git a/routes/public.js b/routes/public.js new file mode 100644 index 0000000000000000000000000000000000000000..19ce7da250b99b0602a6d45123cc8c544a2648e8 --- /dev/null +++ b/routes/public.js @@ -0,0 +1,301 @@ +const methods = require('../functions/methods') +const async = require('async') +const mailer = require('../config/mailer') +const constants = require('../config/const') +// pwd encryption +const crypto = require('crypto') +const bcrypt = require('bcryptjs') +const saltRounds = 10 +const salt = 64 + +module.exports = function (app, config, lang) { + + // ================== NEW USERS REGISTRATION ====================== + + app.get('/registration', function(req, res) { + res.render(lang+'/account/registration') + }) + app.post('/registration', function(req, res) { + // user data + var curDate = new Date() + var userData = { + salutation: req.body.inputSalutation, + title: req.body.inputTitle, + firstname: req.body.inputFirstname, + lastname: req.body.inputLastname, + email: req.body.inputEmail, + organisation: req.body.inputOrganisation, + industry: req.body.inputIndustry, + speciality: req.body.inputSpeciality, + createdDate: curDate.toISOString().slice(0,10) + } + + var userEmail = userData.email + var pos = userEmail.indexOf('@') + var emailLength = userEmail.length + var emailDomain = userEmail.slice(pos, emailLength); + + if ( emailDomain.toLowerCase() == "@hft-stuttgart.de") { + res.flash('error', "Fehlgeschlagen: HFT-Account") + res.redirect('/account/registration') + } else { + let token + async.waterfall([ + function(done) { + crypto.randomBytes(20, function(err, buf) { + token = buf.toString('hex'); + done(err, token); + }); + }, + // encrypt password + function(token, done) { + bcrypt.genSalt(saltRounds, function(err, salt) { + bcrypt.hash(req.body.inputPassword, salt, function(err, hash) { + var newAccount = { + profile: userData, + password: hash, + verificationToken: token + } + done(err, newAccount) + }); + }); + }, + // save data + function(newAccount, err) { + methods.registerNewUser(newAccount, function(err){ + if (err) { + res.flash('error', "Fehlgeschlagen") + } + else { + // send email + var emailSubject = "Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto" + var emailContent = '
Lieber Nutzer,

' + + '

vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart.
' + + 'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link ' + + '

' + + 'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.


' + constants.mailSignature + + '
'; + mailer.options.to = req.body.inputEmail; + mailer.options.subject = emailSubject; + mailer.options.html = emailContent; + mailer.transport.sendMail(mailer.options, function(err) { + if (err) { + console.log('cannot send email') + throw err + } + }) + // user feedback + res.flash('success', 'Vielen Dank für Ihre Registrierung!'+'\r\n\r\n'+ + 'Wir haben Ihnen eine E-Mail an Ihre verwendete Adresse gesendet. Diese enthält einen Link zur Bestätigung Ihres Accounts.'+'\r\n'+ + 'Wenn Sie die Mail nicht in ihrem Postfach vorfinden, prüfen Sie bitte auch Ihren Spam-Ordner.') + } + res.redirect('/account/registration') + }) + } + ]) + } + }) + + // =================== USERS VERIFICATION ========================= + + app.get("/verifyAccount", function(req, res){ + methods.getUserIdByVerificationToken(req.query.token, function(userId, err){ + if (userId) { + let userData = { + id: userId, + verificationStatus: 1 + } + methods.verifyUserAccount(userData, function(err){ + if (err) { + console.log("Error: "+err) + res.render(lang+'/account/verification', { + status: false + }); + } + else { + // send welcome email after successful account verification + methods.getUserById(userId, function(data, err){ + if (err) { + console.log("Error: "+err) + } + else { + // send email + var emailSubject = "Herzlich willkommen" + var emailContent = '
Lieber Nutzer,

' + + '

herzlich willkommen beim Transferportal der HFT Stuttgart!
' + + 'Sie können nun alle Dienste des Portals nutzen.


' + constants.mailSignature; + mailer.options.to = data.email; + mailer.options.subject = emailSubject; + mailer.options.html = emailContent; + mailer.transport.sendMail(mailer.options, function(err) { + if (err) { + console.log('cannot send email') + throw err + } + }) + } + }) + + res.render(lang+'/account/verification', { + status: true + }); + } + }) + } + else { + res.render(lang+'/account/verification', { + status: null + }); + } + }) + }) + + // ==================== FORGOT PASSWORD =========================== + + app.get('/forgotPwd', function (req, res) { + res.render(lang+'/account/forgotPwd', { + user: req.user + }) + }) + app.post('/forgotPwd', function(req, res, next) { + let emailAddress = req.body.inputEmail + async.waterfall([ + function(done) { + crypto.randomBytes(20, function(err, buf) { + var token = buf.toString('hex') + done(err, token) + }) + }, + function(token, done) { + methods.checkUserEmail(emailAddress, function(err, user){ + if (user) { + var emailSubject = "Ihre Passwort-Anfrage an das Transferportal der HFT Stuttgart"; + var emailContent = '

Lieber Nutzer,

' + + '

wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.

' + + 'Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: '+config.app.host+'/reset/' + token + '
' + + 'Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.

' + constants.mailSignature + '
' + + var credentialData = { + user_id: user.id, + resetPasswordToken: token, + resetPasswordExpires: Date.now() + 3600000 // 1 hour + } + methods.updateCredential(credentialData, function(err) { + done(err, token, user); + }) + + // send email + mailer.options.to = emailAddress + mailer.options.subject = emailSubject + mailer.options.html = emailContent + mailer.transport.sendMail(mailer.options, function(err) { + done(err, 'done') + }); + } + else { + done(err, 'no user found') + } + }); + } + ], function(err) { + if (err) { + res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.') + } + else { + res.flash('success', 'Wenn Ihre E-Mail-Adresse registriert ist, wurde eine E-Mail mit dem weiteren Vorgehen an ' + emailAddress + ' versendet.') + } + res.redirect('/account/forgotPwd') + }); + }) + + // reset + app.get('/reset/:token', function(req, res) { + methods.getUserByToken(req.params.token, function(err, user){ + if (!user) { + res.flash('error', 'Der Schlüssel zum zurücksetzen des Passworts ist ungültig oder abgelaufen.') + res.redirect('/account/forgotPwd') + } else { + res.render(lang+'/account/reset') + } + }) + }) + app.post('/reset/:token', function(req, res) { + var newPwd = req.body.inputNewPwd + methods.getUserByToken(req.params.token, function(err, user){ + if (user) { + // encrypt password + bcrypt.genSalt(saltRounds, function(err, salt) { + bcrypt.hash(newPwd, salt, function(err, hash) { + var credentialData = { + password: hash, + user_id: user.user_id + } + // update password + methods.updateCredential(credentialData, function(err){ + if (err) { + res.flash('error', "Datenbankfehler: Passwort kann nicht geändert werden.") + throw err + } + else { + res.flash('success', "Passwort aktualisiert!") + // send notifiaction email + mailer.options.to = user.email + mailer.options.subject = constants.updatePasswordMailSubject + mailer.options.html = constants.updatePasswordMailContent+'
'+constants.mailSignature+'
' + mailer.transport.sendMail(mailer.options, function(err) { + if (err) { + console.log(err) + } + }); + // redirect to login page + res.redirect('/login') + } + }) + }); + }); + } + else { + res.flash('error', "User not found.") + res.redirect('/login') + } + }) + }) + + // ======================= CONTACT FORM =========================== + + app.get('/contact', function (req, res) { + res.render(lang+'/account/contact', { + user: req.user + }) + }) + app.post('/contact', function(req, res, next) { + //methods.currentDate(); + let emailAddress = req.body.inputEmail; + let supportAddress = "support-transfer@hft-stuttgart.de"; + let inputName = req.body.name; + let inputContent = req.body.message; + let emailContent = "Es wurde eine Anfrage an das Transferportal gestellt: \n\n NAME: " + inputName + "\n NACHRICHT:\n "+ inputContent; + let emailSubject = "Ihre Anfrage an das Transferportal"; + async.waterfall([ + function(done) { + // send email + mailer.options.to = supportAddress; + mailer.options.cc = emailAddress; + mailer.options.subject = emailSubject; + mailer.options.text = emailContent; + mailer.transport.sendMail(mailer.options, function(err) { + done(err, 'done'); + }); + } + ], function(err) { + if (err) { + res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut.'); + } + else { + res.flash('success', 'Vielen Dank für Ihre Anfrage. Wir melden uns baldmöglichst bei Ihnen. Eine Kopie Ihrer Anfrage wurde an ' + emailAddress + ' versandt.'); + } + res.redirect('/account/contact') + }) + }) + +} \ No newline at end of file diff --git a/views/DE/account/contact.pug b/views/DE/account/contact.pug index 937926036ae76d55d45a43e1f67d6828c3de912e..99c37ce949e6a54d2e8c31b406d8a674edc73058 100644 --- a/views/DE/account/contact.pug +++ b/views/DE/account/contact.pug @@ -6,10 +6,7 @@ html(lang="de") meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no") link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css") link(rel="stylesheet", type="text/css", href="/css/m4lab.css") - link(rel="stylesheet", type="text/css", href="/fonts/ionicons.min.css") link(rel="stylesheet", type="text/css", href="/css/Contact-Form-Clean.css") - link(rel="stylesheet", type="text/css", href="/css/Testimonials.css") - link(rel="stylesheet", type="text/css", href="/css/custom/login.css") link(rel="stylesheet", href="https://use.fontawesome.com/releases/v5.8.2/css/all.css", integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay", crossorigin="anonymous") body div(class="container") @@ -32,9 +29,9 @@ html(lang="de") div(class="form-group") textarea#message(class="form-control" name="message" placeholder="Nachricht" rows="14") div(class="form-group") - input#submitBtn(class="btn contact_send_btn" type="submit" value="SENDEN") + input#submitBtn(class="btn btn-primary" type="submit" value="SENDEN") div(class="contact-clean contact_footer") - form(method="POST") + form p(class="m_top_25") Hochschule für Technik Stuttgart
Institut für Angewandte Forschung
Innovative Hochschule - Projekt M4_LAB
Schellingstr. 24
70174 Stuttgart
Deutschland

support-transfer@hft-stuttgart.de

www.hft-stuttgart.de / www.hft-stuttgart.de/M4LAB
div(class="background_8a348b") div(class="container") diff --git a/views/DE/account/security.pug b/views/DE/account/security.pug index bd021a682c64235580b13c2a2892205116e9b676..897086e660881f7ddbd4ec9121e4b300536f1ec1 100644 --- a/views/DE/account/security.pug +++ b/views/DE/account/security.pug @@ -20,7 +20,7 @@ html(lang="de") ul(class="flex-md-column flex-row navbar-nav w-100 justify-content-between") li(class="nav-item") a(class="nav-link pl-0 text-nowrap" href="/account/") - span(class="font-weight-bold color_black") #{user.firstname} #{user.lastname} + span(class="font-weight-bold color_black") #{user.firstName} #{user.lastName} li(class="nav-item") a(class="nav-link pl-0" href="/account/profile") i(class="fa fa-user fa-fw")