specter/CyTube
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add profile page, fix some redirects

Browse source
This commit is contained in:
calzoneman 2014-01-20 12:42:20 -06:00
parent fd6b95920a
commit e075d2f95a
3 changed files with 142 additions and 57 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

57
lib/web/account.js
View file

@ -239,7 +239,7 @@ function handleNewChannel(req, res) {
});
return;
}
db.channels.register(name, user.name, function (err, channel) {
db.channels.listUserChannels(loginName, function (err2, channels) {
sendJade(res, 'account-channels', {
@ -284,7 +284,7 @@ function handleDeleteChannel(req, res) {
});
return;
}
db.channels.lookup(name, function (err, channel) {
if (channel.owner !== user.name && user.global_rank < 255) {
db.channels.listUserChannels(loginName, function (err2, channels) {
@ -330,7 +330,7 @@ function handleAccountProfilePage(req, res) {
}
db.users.getProfile(loginName, function (err, profile) {
if (err) {
if (err) {
sendJade(res, 'account-profile', {
loggedIn: true,
loginName: loginName,
@ -355,7 +355,56 @@ function handleAccountProfilePage(req, res) {
* Handles a POST request to edit a profile
*/
function handleAccountProfile(req, res) {
res.send(500);
logRequest(req);
var loginName = false;
if (req.cookies.auth) {
loginName = req.cookies.auth.split(':')[0];
} else {
sendJade(res, 'account-profile', {
loggedIn: false,
profileImage: "",
profileText: "",
profileError: "You must be logged in to edit your profile",
});
return;
}
var image = req.body.image;
var text = req.body.text;
db.users.verifyAuth(req.cookies.auth, function (err, user) {
if (err) {
sendJade(res, 'account-profile', {
loggedIn: false,
profileImage: "",
profileText: "",
profileError: err
});
return;
}
db.users.setProfile(user.name, { image: image, text: text }, function (err) {
if (err) {
sendJade(res, 'account-profile', {
loggedIn: true,
loginName: user.name,
profileImage: "",
profileText: "",
profileError: err
});
return;
}
sendJade(res, 'account-profile', {
loggedIn: true,
loginName: user.name,
profileImage: image,
profileText: text,
profileError: false
});
});
});
}
module.exports = {

129
lib/web/auth.js
View file

@ -4,14 +4,14 @@
* @author Calvin Montgomery <cyzon@cyzon.us>
*/
var jade = require('jade');
var fs = require('fs');
var path = require('path');
var webserver = require('./webserver');
var sendJade = require('./jade').sendJade;
var Logger = require('../logger');
var $util = require('../utilities');
var db = require('../database');
var jade = require("jade");
var fs = require("fs");
var path = require("path");
var webserver = require("./webserver");
var sendJade = require("./jade").sendJade;
var Logger = require("../logger");
var $util = require("../utilities");
var db = require("../database");
/**
* Processes a login request. Sets a cookie upon successful authentication
@ -20,7 +20,7 @@ function handleLogin(req, res) {
var name = req.body.name;
var password = req.body.password;
if (typeof name !== 'string' || typeof password !== 'string') {
if (typeof name !== "string" || typeof password !== "string") {
res.send(400);
return;
}
@ -29,20 +29,42 @@ function handleLogin(req, res) {
db.users.verifyLogin(name, password, function (err, user) {
if (err) {
if (err === 'Invalid username/password combination') {
Logger.syslog.log('Login failed (bad password): ' + name
+ '@' + webserver.ipForRequest(req));
if (err === "Invalid username/password combination") {
Logger.syslog.log("Login failed (bad password): " + name
+ "@" + webserver.ipForRequest(req));
}
sendJade(res, 'login', {
sendJade(res, "login", {
loggedIn: false,
loginError: err
});
} else {
res.cookie('auth', user.name + ':' + user.hash, {
res.cookie("auth", user.name + ":" + user.hash, {
expires: new Date(Date.now() + 60*60*1000),
httpOnly: true
});
res.redirect("back");
// Try to find an appropriate redirect
var ref = req.header("referrer");
if (!ref) {
ref = req.body.redirect;
}
if (typeof ref !== "string") {
ref = "";
}
if (ref.match(/login|logout/)) {
ref = "";
}
if (ref) {
res.redirect(ref);
} else {
sendJade(res, "login", {
loggedIn: true,
loginName: user.name
});
}
}
});
}
@ -52,9 +74,9 @@ function handleLogin(req, res) {
*/
function handleLoginPage(req, res) {
if (req.cookies.auth) {
var split = req.cookies.auth.split(':');
var split = req.cookies.auth.split(":");
if (split.length === 2) {
sendJade(res, 'login', {
sendJade(res, "login", {
wasAlreadyLoggedIn: true,
loggedIn: true,
loginName: split[0]
@ -62,9 +84,9 @@ function handleLoginPage(req, res) {
return;
}
}
sendJade(res, 'login', {
sendJade(res, "login", {
loggedIn: false,
redirect: req.header('Referrer')
redirect: req.header("Referrer")
});
}
@ -72,13 +94,26 @@ function handleLoginPage(req, res) {
* Handles a request for /logout. Clears auth cookie
*/
function handleLogout(req, res) {
res.clearCookie('auth');
res.redirect("back");
/*
sendJade(res, 'logout', {
redirect: req.body.redirect || req.header('Referrer')
});
*/
res.clearCookie("auth");
// Try to find an appropriate redirect
var ref = req.header("referrer");
if (!ref) {
ref = req.body.redirect;
}
if (typeof ref !== "string") {
ref = "";
}
if (ref.match(/login|logout/)) {
ref = "";
}
if (ref) {
res.redirect(ref);
} else {
sendJade(res, "logout", {});
}
}
/**
@ -86,16 +121,16 @@ function handleLogout(req, res) {
*/
function handleRegisterPage(req, res) {
if (req.cookies.auth) {
var split = req.cookies.auth.split(':');
var split = req.cookies.auth.split(":");
if (split.length === 2) {
sendJade(res, 'register', {
sendJade(res, "register", {
loggedIn: true,
loginName: split[0]
});
return;
}
}
sendJade(res, 'register', {
sendJade(res, "register", {
registered: false,
registerError: false
});
@ -108,26 +143,26 @@ function handleRegister(req, res) {
var name = req.body.name;
var password = req.body.password;
var email = req.body.email;
if (typeof email !== 'string') {
email = '';
if (typeof email !== "string") {
email = "";
}
var ip = webserver.ipForRequest(req);
if (typeof name !== 'string' || typeof password !== 'string') {
if (typeof name !== "string" || typeof password !== "string") {
res.send(400);
return;
}
if (name.length === 0) {
sendJade(res, 'register', {
registerError: 'Username must not be empty'
sendJade(res, "register", {
registerError: "Username must not be empty"
});
return;
}
if (password.length === 0) {
sendJade(res, 'register', {
registerError: 'Password must not be empty'
sendJade(res, "register", {
registerError: "Password must not be empty"
});
return;
}
@ -135,21 +170,21 @@ function handleRegister(req, res) {
password = password.substring(0, 100);
if (email.length > 0 && !$util.isValidEmail(email)) {
sendJade(res, 'register', {
registerError: 'Invalid email address'
sendJade(res, "register", {
registerError: "Invalid email address"
});
return;
}
db.users.register(name, password, email, ip, function (err) {
if (err) {
sendJade(res, 'register', {
sendJade(res, "register", {
registerError: err
});
} else {
Logger.syslog.log(ip + ' registered account: ' + name +
(email.length > 0 ? ' <' + email + '>' : ''));
sendJade(res, 'register', {
Logger.syslog.log(ip + " registered account: " + name +
(email.length > 0 ? " <" + email + ">" : ""));
sendJade(res, "register", {
registered: true,
registerName: name,
redirect: req.body.redirect
@ -163,10 +198,10 @@ module.exports = {
* Initializes auth callbacks
*/
init: function (app) {
app.get('/login', handleLoginPage);
app.post('/login', handleLogin);
app.get('/logout', handleLogout);
app.get('/register', handleRegisterPage);
app.post('/register', handleRegister);
app.get("/login", handleLoginPage);
app.post("/login", handleLogin);
app.get("/logout", handleLogout);
app.get("/register", handleRegisterPage);
app.post("/register", handleRegister);
}
};

13
templates/account-profile.jade
View file

@ -26,11 +26,10 @@ html(lang="en")
.alert.alert-danger.center.messagebox
strong Profile Error
p= profileError
.media
a.pull-left(href="#")
img.media-object(src=profileImage, alt="Profile Image")
.media-body
= profileText
.profile-box(style="position: inherit")
img.profile-image(src=profileImage)
strong= loginName
p= profileText
h3 Edit Profile
form(action="/account/profile", method="post", role="form")
.form-group
@ -38,8 +37,10 @@ html(lang="en")
input#profileimage.form-control(type="text", name="image")
.form-group
label.control-label(for="profiletext") Text
textarea#profiletext.form-control(cols="10")
textarea#profiletext.form-control(cols="10", name="text")= profileText
button.btn.btn-primary.btn-block(type="submit") Save
include footer
mixin footer()
script(type="text/javascript").
$("#profileimage").val("#{profileImage}");