Răsfoiți Sursa

Change email verification to use session Id instead of verifyId.
Change password changing to use session Id instead of verifyId.
Remove verifyId from merchants.

Lee Morgan 5 ani în urmă
părinte
comite
a519223ef6

+ 2 - 3
controllers/emailVerification.js

@@ -13,7 +13,7 @@ module.exports = {
                     subject: "Email verification",
                     html: verifyEmail({
                         name: merchant.name,
-                        link: `${process.env.SITE}/verify/${merchant._id}/${merchant.verifyId}`,
+                        link: `${process.env.SITE}/verify/${merchant._id}/${merchant.session.sessionId}`,
                     })
                 };
                 mailgun.messages().send(mailgunData, (err, body)=>{});
@@ -59,11 +59,10 @@ module.exports = {
     verify: function(req, res){
         Merchant.findOne({_id: req.params.id})
             .then((merchant)=>{
-                if(req.params.code !== merchant.verifyId){
+                if(req.params.code !== merchant.session.sessionId){
                     throw "UNABLE TO VERIFY EMAIL ADDRESS.  INCORRECT LINK";
                 }
 
-                merchant.verifyId = undefined;
                 merchant.status.splice(merchant.status.indexOf("unverified"), 1);
 
                 const mailgunList = mailgun.lists("clientsupport@mail.thesubline.com");

+ 1 - 2
controllers/merchantData.js

@@ -51,7 +51,6 @@ module.exports = {
             status: ["unverified"],
             inventory: [],
             recipes: [],
-            verifyId: helper.generateId(15),
             session: {
                 sessionId: helper.generateId(25),
                 expiration: expirationDate
@@ -196,7 +195,7 @@ module.exports = {
                 subject: "Email Verification",
                 html: verifyEmail({
                     name: res.locals.merchant.name,
-                    link: `${process.env.SITE}/verify/${res.locals.merchant._id}/${res.locals.merchant.verifyId}`
+                    link: `${process.env.SITE}/verify/${res.locals.merchant._id}/${res.locals.merchant.sessionId}`
                 })
             };
             mailgun.messages().send(mailgunData, (err, body)=>{});

+ 4 - 10
controllers/passwordReset.js

@@ -18,8 +18,6 @@ module.exports = {
                     req.session.error = "USER WITH THIS EMAIL DOES NOT EXIST";
                     return res.redirect("/");
                 }
-
-                merchant.verifyId = helper.generateId(15);
                 
                 const mailgunData = {
                     from: "The Subline <clientsupport@thesubline.net>",
@@ -27,14 +25,11 @@ module.exports = {
                     subject: "Password Reset",
                     html: passwordReset({
                         name: merchant.name,
-                        link: `${process.env.SITE}/reset/${merchant._id}/${merchant.verifyId}`
+                        link: `${process.env.SITE}/reset/${merchant._id}/${merchant.session.sessionId}`
                     })
                 };
                 mailgun.messages().send(mailgunData, (err, body)=>{});
 
-                return merchant.save();
-            })
-            .then((merchant)=>{
                 req.session.success = "PASSWORD RESET EMAIL SENT";
                 return res.redirect("/");
             })
@@ -51,26 +46,25 @@ module.exports = {
     resetPassword: function(req, res){
         Merchant.findOne({_id: req.body.id})
             .then((merchant)=>{
-                if(merchant.verifyId !== req.body.code){
+                if(merchant.session.sessionId !== req.body.code){
                     req.session.error = "YOUR ACCOUNT COULD NOT BE VERIFIED.  PLEASE CONTACT US IF THE PROBLEM PERSISTS.";
                     return res.redirect("/");
                 }
 
                 if(req.body.password !== req.body.confirmPassword){
                     req.session.error = "PASSWORDS DO NOT MATCH";
-                    return res.redirect(`/reset/${merchant._id}/${merchant.verifyId}`);
+                    return res.redirect(`/reset/${merchant._id}/${merchant.session.sessionId}`);
                 }
 
                 if(req.body.password.length < 10){
                     req.session.error = "PASSWORD MUST CONTAIN AT LEAST 10 CHARACTERS";
-                    return res.redirect(`/reset/${merchant._id}/${merchant.verifyId}`);
+                    return res.redirect(`/reset/${merchant._id}/${merchant.session.sessionId}`);
                 }
 
                 const salt = bcrypt.genSaltSync(10);
                 const hash = bcrypt.hashSync(req.body.password, salt);
 
                 merchant.password = hash;
-                merchant.verifyId = undefined;
 
                 return merchant.save();
             })

+ 1 - 2
models/merchant.js

@@ -69,8 +69,7 @@ const MerchantSchema = new mongoose.Schema({
             index: true
         },
         expiration: Date
-    },
-    verifyId: String
+    }
 });
 
 module.exports = mongoose.model("Merchant", MerchantSchema);