Add profile page, fix some redirects
This commit is contained in:
parent
fd6b95920a
commit
e075d2f95a
|
@ -355,7 +355,56 @@ function handleAccountProfilePage(req, res) {
|
|||
* Handles a POST request to edit a profile
|
||||
*/
|
||||
function handleAccountProfile(req, res) {
|
||||
res.send(500);
|
||||
logRequest(req);
|
||||
|
||||
var loginName = false;
|
||||
if (req.cookies.auth) {
|
||||
loginName = req.cookies.auth.split(':')[0];
|
||||
} else {
|
||||
sendJade(res, 'account-profile', {
|
||||
loggedIn: false,
|
||||
profileImage: "",
|
||||
profileText: "",
|
||||
profileError: "You must be logged in to edit your profile",
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
var image = req.body.image;
|
||||
var text = req.body.text;
|
||||
|
||||
db.users.verifyAuth(req.cookies.auth, function (err, user) {
|
||||
if (err) {
|
||||
sendJade(res, 'account-profile', {
|
||||
loggedIn: false,
|
||||
profileImage: "",
|
||||
profileText: "",
|
||||
profileError: err
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
db.users.setProfile(user.name, { image: image, text: text }, function (err) {
|
||||
if (err) {
|
||||
sendJade(res, 'account-profile', {
|
||||
loggedIn: true,
|
||||
loginName: user.name,
|
||||
profileImage: "",
|
||||
profileText: "",
|
||||
profileError: err
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
sendJade(res, 'account-profile', {
|
||||
loggedIn: true,
|
||||
loginName: user.name,
|
||||
profileImage: image,
|
||||
profileText: text,
|
||||
profileError: false
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
|
|
129
lib/web/auth.js
129
lib/web/auth.js
|
@ -4,14 +4,14 @@
|
|||
* @author Calvin Montgomery <cyzon@cyzon.us>
|
||||
*/
|
||||
|
||||
var jade = require('jade');
|
||||
var fs = require('fs');
|
||||
var path = require('path');
|
||||
var webserver = require('./webserver');
|
||||
var sendJade = require('./jade').sendJade;
|
||||
var Logger = require('../logger');
|
||||
var $util = require('../utilities');
|
||||
var db = require('../database');
|
||||
var jade = require("jade");
|
||||
var fs = require("fs");
|
||||
var path = require("path");
|
||||
var webserver = require("./webserver");
|
||||
var sendJade = require("./jade").sendJade;
|
||||
var Logger = require("../logger");
|
||||
var $util = require("../utilities");
|
||||
var db = require("../database");
|
||||
|
||||
/**
|
||||
* Processes a login request. Sets a cookie upon successful authentication
|
||||
|
@ -20,7 +20,7 @@ function handleLogin(req, res) {
|
|||
var name = req.body.name;
|
||||
var password = req.body.password;
|
||||
|
||||
if (typeof name !== 'string' || typeof password !== 'string') {
|
||||
if (typeof name !== "string" || typeof password !== "string") {
|
||||
res.send(400);
|
||||
return;
|
||||
}
|
||||
|
@ -29,20 +29,42 @@ function handleLogin(req, res) {
|
|||
|
||||
db.users.verifyLogin(name, password, function (err, user) {
|
||||
if (err) {
|
||||
if (err === 'Invalid username/password combination') {
|
||||
Logger.syslog.log('Login failed (bad password): ' + name
|
||||
+ '@' + webserver.ipForRequest(req));
|
||||
if (err === "Invalid username/password combination") {
|
||||
Logger.syslog.log("Login failed (bad password): " + name
|
||||
+ "@" + webserver.ipForRequest(req));
|
||||
}
|
||||
sendJade(res, 'login', {
|
||||
sendJade(res, "login", {
|
||||
loggedIn: false,
|
||||
loginError: err
|
||||
});
|
||||
} else {
|
||||
res.cookie('auth', user.name + ':' + user.hash, {
|
||||
res.cookie("auth", user.name + ":" + user.hash, {
|
||||
expires: new Date(Date.now() + 60*60*1000),
|
||||
httpOnly: true
|
||||
});
|
||||
res.redirect("back");
|
||||
|
||||
// Try to find an appropriate redirect
|
||||
var ref = req.header("referrer");
|
||||
if (!ref) {
|
||||
ref = req.body.redirect;
|
||||
}
|
||||
|
||||
if (typeof ref !== "string") {
|
||||
ref = "";
|
||||
}
|
||||
|
||||
if (ref.match(/login|logout/)) {
|
||||
ref = "";
|
||||
}
|
||||
|
||||
if (ref) {
|
||||
res.redirect(ref);
|
||||
} else {
|
||||
sendJade(res, "login", {
|
||||
loggedIn: true,
|
||||
loginName: user.name
|
||||
});
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
@ -52,9 +74,9 @@ function handleLogin(req, res) {
|
|||
*/
|
||||
function handleLoginPage(req, res) {
|
||||
if (req.cookies.auth) {
|
||||
var split = req.cookies.auth.split(':');
|
||||
var split = req.cookies.auth.split(":");
|
||||
if (split.length === 2) {
|
||||
sendJade(res, 'login', {
|
||||
sendJade(res, "login", {
|
||||
wasAlreadyLoggedIn: true,
|
||||
loggedIn: true,
|
||||
loginName: split[0]
|
||||
|
@ -62,9 +84,9 @@ function handleLoginPage(req, res) {
|
|||
return;
|
||||
}
|
||||
}
|
||||
sendJade(res, 'login', {
|
||||
sendJade(res, "login", {
|
||||
loggedIn: false,
|
||||
redirect: req.header('Referrer')
|
||||
redirect: req.header("Referrer")
|
||||
});
|
||||
}
|
||||
|
||||
|
@ -72,13 +94,26 @@ function handleLoginPage(req, res) {
|
|||
* Handles a request for /logout. Clears auth cookie
|
||||
*/
|
||||
function handleLogout(req, res) {
|
||||
res.clearCookie('auth');
|
||||
res.redirect("back");
|
||||
/*
|
||||
sendJade(res, 'logout', {
|
||||
redirect: req.body.redirect || req.header('Referrer')
|
||||
});
|
||||
*/
|
||||
res.clearCookie("auth");
|
||||
// Try to find an appropriate redirect
|
||||
var ref = req.header("referrer");
|
||||
if (!ref) {
|
||||
ref = req.body.redirect;
|
||||
}
|
||||
|
||||
if (typeof ref !== "string") {
|
||||
ref = "";
|
||||
}
|
||||
|
||||
if (ref.match(/login|logout/)) {
|
||||
ref = "";
|
||||
}
|
||||
|
||||
if (ref) {
|
||||
res.redirect(ref);
|
||||
} else {
|
||||
sendJade(res, "logout", {});
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -86,16 +121,16 @@ function handleLogout(req, res) {
|
|||
*/
|
||||
function handleRegisterPage(req, res) {
|
||||
if (req.cookies.auth) {
|
||||
var split = req.cookies.auth.split(':');
|
||||
var split = req.cookies.auth.split(":");
|
||||
if (split.length === 2) {
|
||||
sendJade(res, 'register', {
|
||||
sendJade(res, "register", {
|
||||
loggedIn: true,
|
||||
loginName: split[0]
|
||||
});
|
||||
return;
|
||||
}
|
||||
}
|
||||
sendJade(res, 'register', {
|
||||
sendJade(res, "register", {
|
||||
registered: false,
|
||||
registerError: false
|
||||
});
|
||||
|
@ -108,26 +143,26 @@ function handleRegister(req, res) {
|
|||
var name = req.body.name;
|
||||
var password = req.body.password;
|
||||
var email = req.body.email;
|
||||
if (typeof email !== 'string') {
|
||||
email = '';
|
||||
if (typeof email !== "string") {
|
||||
email = "";
|
||||
}
|
||||
var ip = webserver.ipForRequest(req);
|
||||
|
||||
if (typeof name !== 'string' || typeof password !== 'string') {
|
||||
if (typeof name !== "string" || typeof password !== "string") {
|
||||
res.send(400);
|
||||
return;
|
||||
}
|
||||
|
||||
if (name.length === 0) {
|
||||
sendJade(res, 'register', {
|
||||
registerError: 'Username must not be empty'
|
||||
sendJade(res, "register", {
|
||||
registerError: "Username must not be empty"
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
if (password.length === 0) {
|
||||
sendJade(res, 'register', {
|
||||
registerError: 'Password must not be empty'
|
||||
sendJade(res, "register", {
|
||||
registerError: "Password must not be empty"
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
@ -135,21 +170,21 @@ function handleRegister(req, res) {
|
|||
password = password.substring(0, 100);
|
||||
|
||||
if (email.length > 0 && !$util.isValidEmail(email)) {
|
||||
sendJade(res, 'register', {
|
||||
registerError: 'Invalid email address'
|
||||
sendJade(res, "register", {
|
||||
registerError: "Invalid email address"
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
db.users.register(name, password, email, ip, function (err) {
|
||||
if (err) {
|
||||
sendJade(res, 'register', {
|
||||
sendJade(res, "register", {
|
||||
registerError: err
|
||||
});
|
||||
} else {
|
||||
Logger.syslog.log(ip + ' registered account: ' + name +
|
||||
(email.length > 0 ? ' <' + email + '>' : ''));
|
||||
sendJade(res, 'register', {
|
||||
Logger.syslog.log(ip + " registered account: " + name +
|
||||
(email.length > 0 ? " <" + email + ">" : ""));
|
||||
sendJade(res, "register", {
|
||||
registered: true,
|
||||
registerName: name,
|
||||
redirect: req.body.redirect
|
||||
|
@ -163,10 +198,10 @@ module.exports = {
|
|||
* Initializes auth callbacks
|
||||
*/
|
||||
init: function (app) {
|
||||
app.get('/login', handleLoginPage);
|
||||
app.post('/login', handleLogin);
|
||||
app.get('/logout', handleLogout);
|
||||
app.get('/register', handleRegisterPage);
|
||||
app.post('/register', handleRegister);
|
||||
app.get("/login", handleLoginPage);
|
||||
app.post("/login", handleLogin);
|
||||
app.get("/logout", handleLogout);
|
||||
app.get("/register", handleRegisterPage);
|
||||
app.post("/register", handleRegister);
|
||||
}
|
||||
};
|
||||
|
|
|
@ -26,11 +26,10 @@ html(lang="en")
|
|||
.alert.alert-danger.center.messagebox
|
||||
strong Profile Error
|
||||
p= profileError
|
||||
.media
|
||||
a.pull-left(href="#")
|
||||
img.media-object(src=profileImage, alt="Profile Image")
|
||||
.media-body
|
||||
= profileText
|
||||
.profile-box(style="position: inherit")
|
||||
img.profile-image(src=profileImage)
|
||||
strong= loginName
|
||||
p= profileText
|
||||
h3 Edit Profile
|
||||
form(action="/account/profile", method="post", role="form")
|
||||
.form-group
|
||||
|
@ -38,8 +37,10 @@ html(lang="en")
|
|||
input#profileimage.form-control(type="text", name="image")
|
||||
.form-group
|
||||
label.control-label(for="profiletext") Text
|
||||
textarea#profiletext.form-control(cols="10")
|
||||
textarea#profiletext.form-control(cols="10", name="text")= profileText
|
||||
button.btn.btn-primary.btn-block(type="submit") Save
|
||||
|
||||
include footer
|
||||
mixin footer()
|
||||
script(type="text/javascript").
|
||||
$("#profileimage").val("#{profileImage}");
|
||||
|
|
Loading…
Reference in a new issue