mifi/Eventment-API
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

- More, more, more...

Browse Source
This commit is contained in:
Mike Fitzpatrick
2019-07-04 23:06:04 -04:00
parent 6d5d238d34
commit af13551042
16 changed files with 348 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
routes/auth.js
View File

@@ -2,17 +2,17 @@ const errors = require('restify-errors');
const config = require('../config');
const handlePassportResponse = (req, res, next) => (err, passportUser, info) => {
const handlePassportResponse = (req, res, next) => (err, user, info) => {
if (err) {
return next(err);
}
const isVerifiedUser = passportUser.isRegistrationVerified();
if (passportUser && isVerifiedUser) {
const user = passportUser;
user.token = passportUser.generateJWT();
const isVerifiedUser = user &&
user.isRegistrationVerified();
if (user && isVerifiedUser) {
return res.send({ ...user.toAuthJSON() });
} else if (passportUser && !isVerifiedUser){
} else if (user && !isVerifiedUser){
return res.send({
registrationSuccess: true,
nextSteps: 'Check your email for our confirmation email, you will not be able to login without confirming.'
@@ -71,7 +71,7 @@ module.exports = function (server, auth) {
/* Facebook */
server.get(
'/auth/facebook',
'/auth/facebook/login',
passport.authenticate('facebook', {
scope: ['email', 'public_profile'],
session: false,
@@ -79,7 +79,7 @@ module.exports = function (server, auth) {
);
server.get(
'/auth/facebook/callback',
'/auth/facebook/loggedin',
(req, res, next) => {
const callback = handlePassportResponse(req, res, next);
return passport.authenticate(
@@ -89,4 +89,50 @@ module.exports = function (server, auth) {
)(req, res, next);
}
);
server.get(
'/auth/facebook/link',
auth.secure,
(req, res, next) => {
req.user.record.setLinkCheckBit((err, linkCheckBit) => {
passport.authenticate('facebookLink', {
scope: ['email', 'public_profile'],
session: false,
state: linkCheckbit,
})(req, res, next),
});
},
);
server.get(
'/auth/facebook/linked',
(req, res, next) => {
const linkCheckBit = req.query.state;
return passport.authenticate(
'facebook',
{ failureRedirect: '/profile' },
(err, profile) => {
if (err) {
return next(err);
}
User.linkFacebookProfile(linkCheckBit, profile, (err, user) => {
if (err) {
return next(err);
}
if (!user) {
return next(err, false, 'Linking the account to Facebook was unsuccessful, please try again.');
}
res.send({
success: true,
info: 'Facerbook account successfully linked',
});
});
},
)(req, res, next);
}
);
};

1
routes/events.js
View File

@@ -4,7 +4,6 @@ const Event = require('../models/event');
module.exports = function (server, auth) {
server.post('/events', auth.manager, (req, res, next) => {
let data = req.body || {};
let event = new Event(data);

1
routes/index.js
View File

@@ -4,6 +4,7 @@ module.exports = function(server, auth) {
require('./events.js')(server, auth);
require('./installs.js')(server, auth);
require('./items.js')(server, auth);
require('./reset.js')(server, auth);
require('./sales.js')(server, auth);
require('./users.js')(server, auth);
};

68
routes/reset.js Normal file
View File

@@ -0,0 +1,68 @@
const errors = require('restify-errors');
const jwt = require('jsonwebtoken');
const config = require('../config');
const User = require('../models/user');
const {
api: { url },
security: { reset: { route, tokenPlaceholder } },
} = config;
const routes = {
resetWithToken: `${route}/${tokenPlaceholder}([A-Za-z0-9_]+\.{3})`,
getTestToken: `${route}/generate`,
};
module.exports = function (server, auth) {
server.get(routes.getTestToken, auth.secure, function (req, res, next) {
const { record: user } = req.user;
const resetToken = user.generateResetToken();
const resetUrl = `${url}${route}/${resetToken}`;
res.send({ resetToken, resetUrl });
next();
});
server.post(routes.resetWithToken, auth.bypass, function (req, res, next) {
const { reset_token } = req.params;
const { password } = req.body;
if (!reset_token) {
return next(
new errors.InvalidContentError('A reset token was not provided.'),
);
}
if (!password) {
return next(
new errors.InvalidContentError('Password cannot be empty.'),
);
}
User.verifyTokenAndResetPassword(reset_token, password, (err, user, info) => {
if (err) {
console.error(err);
return next(
new errors.InvalidContentError(err),
);
}
if (!user) {
console.error(err);
res.send({
success: false,
info: 'Password reset failed. ' + info,
});
return next();
}
res.send({
success: true,
info: 'Password reset successful.',
...user.toAuthJSON()
});
next();
});
});
};

44
routes/signup.js
View File

@@ -26,17 +26,55 @@ module.exports = function (server, auth) {
if (info) {
res.send(200, {
registrationSuccess: false,
success: false,
nextSteps: 'Please fix the problems indicated and try again.'
...info
});
return next();
}
res.send(200, {
registrationSuccess: true,
success: true,
nextSteps: 'Check your email for our confirmation email, you will not be able to login without confirming.'
})
});
next();
});
});
server.post('/signup/verify/resend', (req, res, next) => {
const { body: { email = null } = {} } = req;
User.resendVerificationEmail(email, (err, user, info) => {
if (err) {
next(err);
}
if (!user) {
res.send(200, {
success: false,
nextSteps: 'There was no user located with the email address provided. Please try again.',
});
return next();
}
if (user && info.success) {
res.send(200, {
success: true,
nextSteps: 'Check your email for our confirmation email, you will not be able to login without confirming.',
});
return next();
}
res.send(200, {
success: false,
nextSteps: 'There was a problem resending the verification email. Please try again later.',
});
next();
});
});
};

61
routes/users.js
View File

@@ -1,6 +1,7 @@
const aqp = require('api-query-params');
const errors = require('restify-errors');
const config = require('../config');
const User = require('../models/user');
const { PUBLIC, STAFF } = require('../strategies/selects/user');
@@ -93,66 +94,6 @@ module.exports = function (server, auth) {
});
});
server.put('/users/password/:user_id/:reset_token?', function (req, res, next) {
let {
currentPassword = null,
newPassword = null,
...data
} = req.body || {};
if (!newPassword) {
return next(
new errors.InvalidContentError('Password cannot be empty.'),
);
}
let filter = { _id: req.params.user_id };
let resetToken = req.params.reset_token || null;
if (resetToken) {
fiter.resetToken = resetToken;
}
User.findOne(filter, function (err, user) {
if (err) {
console.error(err);
return next(
new errors.InvalidContentError(err),
);
}
if (!user) {
return next(
new errors.ResourceNotFoundError(
'The user you requested could not be found.',
),
);
}
if (!resetToken &&
!!user.getAuthStrategy('local') &&
!user.validatePassword(currentPassword)
) {
return next(
new errors.InvalidContentError(
'The current password was incorrect.',
),
);
}
user.setPassword(newPassword, function (err) {
if (err) {
console.error(err);
return next(
new errors.InvalidContentError(err),
);
}
res.send(200, data);
next();
});
});
});
server.del('/users/:user_id', auth.manager, (req, res, next) => {
User.deleteOne({ _id: req.params.user_id }, function (err) {
if (err) {