Przeglądaj źródła

Add reseting of password

Lee Morgan 5 lat temu
rodzic
commit
9db82c5019
3 zmienionych plików z 40 dodań i 5 usunięć
  1. 31 3
      controllers/passwordReset.js
  2. 2 1
      routes.js
  3. 7 1
      views/passwordResetPages/password.ejs

+ 31 - 3
controllers/passwordReset.js

@@ -1,9 +1,11 @@
 const Merchant = require("../models/merchant.js");
 
 const helper = require("./helper.js");
-const mailgun = require("mailgun-js")({apiKey: process.env.MG_SUBLINE_APIKEY, domain: "mail.thesubline.net"});
 const passwordReset = require("../emails/passwordReset.js");
 
+const mailgun = require("mailgun-js")({apiKey: process.env.MG_SUBLINE_APIKEY, domain: "mail.thesubline.net"});
+const bcrypt = require("bcryptjs");
+
 module.exports = {
     enterEmail: function(req, res){
         return res.render("passwordResetPages/email");
@@ -25,7 +27,7 @@ module.exports = {
                     subject: "Password Reset",
                     html: passwordReset({
                         name: merchant.name,
-                        link: `${process.env.SITE}/reset/${merchant.verifyId}`
+                        link: `${process.env.SITE}/reset/${merchant._id}/${merchant.verifyId}`
                     })
                 };
                 mailgun.messages().send(mailgunData, (err, body)=>{
@@ -46,6 +48,32 @@ module.exports = {
     },
 
     enterPassword: function(req, res){
-        return res.render("passwordResetPages/password", {code: req.params.code});
+        return res.render("passwordResetPages/password", {id: req.params.id, code: req.params.code});
+    },
+
+    resetPassword: function(req, res){
+        Merchant.findOne({_id: req.body.id})
+            .then((merchant)=>{
+                if(merchant.verifyId !== req.body.code){
+                    req.session.error = "YOUR ACCOUNT COULD NOT BE VERIFIED.  PLEASE CONTACT US IF THE PROBLEM PERSISTS.";
+                    return res.redirect("/");
+                }
+
+                const salt = bcrypt.genSaltSync(10);
+                const hash = bcrypt.hashSync(req.body.password, salt);
+
+                merchant.password = hash;
+                merchant.verifyId = undefined;
+
+                return merchant.save();
+            })
+            .then((merchant)=>{
+                req.session.error = "PASSWORD SUCCESSFULLY UPDATED.  PLEASE LOG IN";
+                return res.redirect("/");
+            })
+            .catch((err)=>{
+                req.session.error = "ERROR: UNABLE TO UPDATE YOUR PASSWORD AT THIS TIME";
+                return res.redirect("/");
+            })
     }
 }

+ 2 - 1
routes.js

@@ -71,5 +71,6 @@ module.exports = function(app){
     //Password reset
     app.get("/reset/email", passwordReset.enterEmail);
     app.post("/reset/email", passwordReset.generateCode);
-    app.get("/reset/:code", passwordReset.enterPassword);
+    app.get("/reset/:id/:code", passwordReset.enterPassword);
+    app.post("/reset", passwordReset.resetPassword);
 }

+ 7 - 1
views/passwordResetPages/password.ejs

@@ -12,13 +12,19 @@
     <body>
         <% include ../shared/header %>
 
+        <% include ../shared/banner %>
+
         <h1 class="title">Reset Password</h1>
 
-        <form class="form" action="" method="post">
+        <form class="form" action="/reset" method="post">
             <input name="password" type="password" class="formInput" placeholder="password">
 
             <input name="confirmPassword" type="password" class="formInput" placeholder="confirm password">
 
+            <input name="code" type="hidden" value="<%=code%>">
+
+            <input name="id" type="hidden" value="<%=id%>">
+
             <input class="button" type="submit" value="RESET PASSWORD">
         </form>