[qomet.git] / routes / users.js

let router = require("express").Router();
const validator = require('../public/javascripts/utils/validation');
const UserModel = require('../models/user');
const UserEntity = require('../entities/user');
const maild = require('../utils/mailer');
const TokenGen = require("../utils/tokenGenerator");
const access = require("../utils/access");
const params = require("../config/parameters");

// to: object user
function sendLoginToken(subject, to, res)
{
	// Set login token and send welcome(back) email with auth link
	let token = TokenGen.generate(params.token.length);
	UserEntity.setLoginToken(token, to._id, to.ip, (err,ret) => {
		access.checkRequest(res, err, ret, "Cannot set login token", () => {
			maild.send({
				from: params.mail.from,
				to: to.email,
				subject: subject,
				body: "Hello " + to.initials + "!\n" +
					"Access your account here: " +
					params.siteURL + "/authenticate?token=" + token + "\\n" +
					"Token will expire in " + params.token.expire/(1000*60) + " minutes."
			}, err => {
				res.json(err || {});
			});
		});
	});
}

router.get('/register', access.ajax, access.unlogged, (req,res) => {
	let email = decodeURIComponent(req.query.email);
	let forename = decodeURIComponent(req.query.forename);
	let name = decodeURIComponent(req.query.name);
	const newUser = {
		email: email,
		name: name,
		forename: forename,
	};
	let error = validator(newUser, "User");
	if (error.length > 0)
		return res.json({errmsg:error});
	if (!UserModel.whitelistCheck(newUser.email))
		return res.json({errmsg: "Email not in whitelist"});
	UserEntity.getByEmail(newUser.email, (err,user0) => {
		access.checkRequest(res, err, !user0?["ok"]:{}, "An account exists with this email", () => {
			UserModel.create(newUser, (err,user) => {
				access.checkRequest(res, err, user, "Registration failed", () => {
					user.ip = req.ip;
					sendLoginToken("Welcome to " + params.siteURL, user, res);
				});
			});
		});
	});
});

// Login:
router.get('/sendtoken', access.ajax, access.unlogged, (req,res) => {
	let email = decodeURIComponent(req.query.email);
	let error = validator({email:email}, "User");
	if (error.length > 0)
		return res.json({errmsg:error});
	UserEntity.getByEmail(email, (err,user) => {
		access.checkRequest(res, err, user, "Unknown user", () => {
			user.ip = req.ip;
			sendLoginToken("Token for " + params.siteURL, user, res);
		});
	});
});

// Authentication process, optionally with email changing:
router.get('/authenticate', access.unlogged, (req,res) => {
	let loginToken = req.query.token;
	let error = validator({token:loginToken}, "User");
	if (error.length > 0)
		return res.json({errmsg:error});
	UserEntity.getByLoginToken(loginToken, (err,user) => {
		access.checkRequest(res, err, user, "Invalid token", () => {
			if (user.loginToken.ip != req.ip)
				return res.json({errmsg: "IP address mismatch"});
			let now = new Date();
			let tsNow = now.getTime();
			// If token older than params.tokenExpire, do nothing
			if (user.loginToken.timestamp + params.token.expire < tsNow)
				return res.json({errmsg: "Token expired"});
			// Generate and update session token + destroy login token
			let token = TokenGen.generate(params.token.length);
			UserEntity.setSessionToken(token, user._id, (err,ret) => {
				access.checkRequest(res, err, ret, "Authentication failed", () => {
					// Set cookies and redirect to user main control panel
					res.cookie("token", token, {
						httpOnly: true,
						maxAge: params.cookieExpire,
					});
					res.cookie("initials", user.initials, {
						httpOnly: true,
						maxAge: params.cookieExpire,
					});
					res.redirect("/" + user.initials);
				});
			});
		});
	});
});

router.get('/logout', access.logged, (req,res) => {
	UserModel.logout(req.user._id, req.cookies.token, (err,ret) => {
		access.checkRequest(res, err, ret, "Logout failed", () => {
			res.clearCookie("initials");
			res.clearCookie("token");
			res.redirect('/');
		});
	});
});

module.exports = router;
Commit	Line	Data
e99c53fb BA	1	let router = require("express").Router();
	2	const validator = require('../public/javascripts/utils/validation');
	3	const UserModel = require('../models/user');
	4	const UserEntity = require('../entities/user');
	5	const maild = require('../utils/mailer');
	6	const TokenGen = require("../utils/tokenGenerator");
	7	const access = require("../utils/access");
	8	const params = require("../config/parameters");
	9
	10	// to: object user
	11	function sendLoginToken(subject, to, res)
	12	{
	13	// Set login token and send welcome(back) email with auth link
	14	let token = TokenGen.generate(params.token.length);
	15	UserEntity.setLoginToken(token, to._id, to.ip, (err,ret) => {
	16	access.checkRequest(res, err, ret, "Cannot set login token", () => {
	17	maild.send({
	18	from: params.mail.from,
	19	to: to.email,
	20	subject: subject,
	21	body: "Hello " + to.initials + "!\n" +
	22	"Access your account here: " +
	23	params.siteURL + "/authenticate?token=" + token + "\\n" +
	24	"Token will expire in " + params.token.expire/(1000*60) + " minutes."
	25	}, err => {
	26	res.json(err \|\| {});
	27	});
	28	});
	29	});
	30	}
	31
	32	router.get('/register', access.ajax, access.unlogged, (req,res) => {
	33	let email = decodeURIComponent(req.query.email);
	34	let forename = decodeURIComponent(req.query.forename);
	35	let name = decodeURIComponent(req.query.name);
	36	const newUser = {
	37	email: email,
	38	name: name,
	39	forename: forename,
	40	};
	41	let error = validator(newUser, "User");
	42	if (error.length > 0)
	43	return res.json({errmsg:error});
	44	if (!UserModel.whitelistCheck(newUser.email))
	45	return res.json({errmsg: "Email not in whitelist"});
	46	UserEntity.getByEmail(newUser.email, (err,user0) => {
	47	access.checkRequest(res, err, !user0?["ok"]:{}, "An account exists with this email", () => {
	48	UserModel.create(newUser, (err,user) => {
	49	access.checkRequest(res, err, user, "Registration failed", () => {
	50	user.ip = req.ip;
	51	sendLoginToken("Welcome to " + params.siteURL, user, res);
	52	});
	53	});
	54	});
	55	});
	56	});
	57
	58	// Login:
	59	router.get('/sendtoken', access.ajax, access.unlogged, (req,res) => {
	60	let email = decodeURIComponent(req.query.email);
	61	let error = validator({email:email}, "User");
	62	if (error.length > 0)
	63	return res.json({errmsg:error});
	64	UserEntity.getByEmail(email, (err,user) => {
65	access.checkRequest(res, err, user, "Unknown user", () => {
66	user.ip = req.ip;
67	sendLoginToken("Token for " + params.siteURL, user, res);
68	});
69	});
70	});
71
72	// Authentication process, optionally with email changing:
73	router.get('/authenticate', access.unlogged, (req,res) => {
74	let loginToken = req.query.token;
75	let error = validator({token:loginToken}, "User");
76	if (error.length > 0)
77	return res.json({errmsg:error});
78	UserEntity.getByLoginToken(loginToken, (err,user) => {
79	access.checkRequest(res, err, user, "Invalid token", () => {
80	if (user.loginToken.ip != req.ip)
81	return res.json({errmsg: "IP address mismatch"});
82	let now = new Date();
83	let tsNow = now.getTime();
84	// If token older than params.tokenExpire, do nothing
85	if (user.loginToken.timestamp + params.token.expire < tsNow)
86	return res.json({errmsg: "Token expired"});
87	// Generate and update session token + destroy login token
88	let token = TokenGen.generate(params.token.length);
89	UserEntity.setSessionToken(token, user._id, (err,ret) => {
90	access.checkRequest(res, err, ret, "Authentication failed", () => {
91	// Set cookies and redirect to user main control panel
92	res.cookie("token", token, {
93	httpOnly: true,
94	maxAge: params.cookieExpire,
95	});
96	res.cookie("initials", user.initials, {
97	httpOnly: true,
98	maxAge: params.cookieExpire,
99	});
100	res.redirect("/" + user.initials);
101	});
102	});
103	});
104	});
105	});
106
107	router.get('/logout', access.logged, (req,res) => {
108	UserModel.logout(req.user._id, req.cookies.token, (err,ret) => {
109	access.checkRequest(res, err, ret, "Logout failed", () => {
110	res.clearCookie("initials");
111	res.clearCookie("token");
112	res.redirect('/');
113	});
114	});
115	});
116
117	module.exports = router;