jonathan/hostr
jonathan/hostr
1
0
Fork 0
Code Issues Pull requests 4 Projects Releases Packages 1 Wiki Activity Actions

Get linting passing again

Browse source
This commit is contained in:
Jonathan Cremin 2016-06-06 15:37:00 +01:00
parent 4f95f27400
commit 494f66d388
21 changed files with 367 additions and 212 deletions
Download patch file Download diff file Expand all files Collapse all files

73
web/routes/user.js
View file

@ -1,10 +1,14 @@
import { authenticate, setupSession, signup as signupUser, activateUser, sendResetToken, validateResetToken, updatePassword } from '../lib/auth';
import {
authenticate, setupSession, signup as signupUser, activateUser, sendResetToken,
validateResetToken, updatePassword,
} from '../lib/auth';
import debugname from 'debug';
const debug = debugname('hostr-web:user');
export function* signin() {
if (!this.request.body.email) {
return yield this.render('signin', {csrf: this.csrf});
yield this.render('signin', { csrf: this.csrf });
return;
}
this.statsd.incr('auth.attempt', 1);
@ -12,9 +16,14 @@ export function* signin() {
const user = yield authenticate.call(this, this.request.body.email, this.request.body.password);
if (!user) {
this.statsd.incr('auth.failure', 1);
return yield this.render('signin', {error: 'Invalid login details', csrf: this.csrf});
yield this.render('signin', { error: 'Invalid login details', csrf: this.csrf });
return;
} else if (user.activationCode) {
return yield this.render('signin', {error: 'Your account hasn\'t been activated yet. Check your for an activation email.', csrf: this.csrf});
yield this.render('signin', {
error: 'Your account hasn\'t been activated yet. Check your for an activation email.',
csrf: this.csrf,
});
return;
}
this.statsd.incr('auth.success', 1);
yield setupSession.call(this, user);
@ -24,16 +33,22 @@ export function* signin() {
export function* signup() {
if (!this.request.body.email) {
return yield this.render('signup', {csrf: this.csrf});
yield this.render('signup', { csrf: this.csrf });
return;
}
this.assertCSRF(this.request.body);
if (this.request.body.email !== this.request.body.confirm_email) {
return yield this.render('signup', {error: 'Emails do not match.', csrf: this.csrf});
yield this.render('signup', { error: 'Emails do not match.', csrf: this.csrf });
return;
} else if (this.request.body.email && !this.request.body.terms) {
return yield this.render('signup', {error: 'You must agree to the terms of service.', csrf: this.csrf});
yield this.render('signup', { error: 'You must agree to the terms of service.',
csrf: this.csrf });
return;
} else if (this.request.body.password && this.request.body.password.length < 7) {
return yield this.render('signup', {error: 'Password must be at least 7 characters long.', csrf: this.csrf});
yield this.render('signup', { error: 'Password must be at least 7 characters long.',
csrf: this.csrf });
return;
}
const ip = this.headers['x-real-ip'] || this.ip;
const email = this.request.body.email;
@ -41,10 +56,15 @@ export function* signup() {
try {
yield signupUser.call(this, email, password, ip);
} catch (e) {
return yield this.render('signup', {error: e.message, csrf: this.csrf});
yield this.render('signup', { error: e.message, csrf: this.csrf });
return;
}
this.statsd.incr('auth.signup', 1);
return yield this.render('signup', {message: 'Thanks for signing up, we\'ve sent you an email to activate your account.', csrf: ''});
yield this.render('signup', {
message: 'Thanks for signing up, we\'ve sent you an email to activate your account.',
csrf: '',
});
return;
}
@ -55,14 +75,19 @@ export function* forgot() {
if (this.request.body.password) {
if (this.request.body.password.length < 7) {
return yield this.render('forgot', {error: 'Password needs to be at least 7 characters long.', token: token, csrf: this.csrf});
yield this.render('forgot', {
error: 'Password needs to be at least 7 characters long.',
csrf: this.csrf,
token,
});
return;
}
this.assertCSRF(this.request.body);
const tokenUser = yield validateResetToken.call(this, token);
const userId = tokenUser._id;
yield updatePassword.call(this, userId, this.request.body.password);
yield Reset.deleteOne({_id: userId});
const user = yield Users.findOne({_id: userId});
yield Reset.deleteOne({ _id: userId });
const user = yield Users.findOne({ _id: userId });
yield setupSession.call(this, user);
this.statsd.incr('auth.reset.success', 1);
this.redirect('/');
@ -70,28 +95,40 @@ export function* forgot() {
const tokenUser = yield validateResetToken.call(this, token);
if (!tokenUser) {
this.statsd.incr('auth.reset.fail', 1);
return yield this.render('forgot', {error: 'Invalid password reset token. It might be expired, or has already been used.', token: null, csrf: this.csrf});
yield this.render('forgot', {
error: 'Invalid password reset token. It might be expired, or has already been used.',
csrf: this.csrf,
token: null,
});
return;
}
return yield this.render('forgot', {token: token, csrf: this.csrf});
yield this.render('forgot', { csrf: this.csrf, token });
return;
} else if (this.request.body.email) {
this.assertCSRF(this.request.body);
try {
const email = this.request.body.email;
yield sendResetToken.call(this, email);
this.statsd.incr('auth.reset.request', 1);
return yield this.render('forgot', {message: 'We\'ve sent an email with a link to reset your password. Be sure to check your spam folder if you it doesn\'t appear within a few minutes', token: null, csrf: this.csrf});
yield this.render('forgot', {
message: `We've sent an email with a link to reset your password.
Be sure to check your spam folder if you it doesn't appear within a few minutes`,
csrf: this.csrf,
token: null,
});
return;
} catch (error) {
debug(error);
}
} else {
yield this.render('forgot', {token: null, csrf: this.csrf});
yield this.render('forgot', { csrf: this.csrf, token: null });
}
}
export function* logout() {
this.statsd.incr('auth.logout', 1);
this.cookies.set('r', {expires: new Date(1), path: '/'});
this.cookies.set('r', { expires: new Date(1), path: '/' });
this.session = null;
this.redirect('/');
}