passwordReset.js 3.6 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394
  1. const Merchant = require("../models/merchant.js");
  2. const helper = require("./helper.js");
  3. const passwordReset = require("../emails/passwordReset.js");
  4. const mailgun = require("mailgun-js")({apiKey: process.env.MG_SUBLINE_APIKEY, domain: "mail.thesubline.net"});
  5. const bcrypt = require("bcryptjs");
  6. module.exports = {
  7. enterEmail: function(req, res){
  8. return res.render("passwordResetPages/email");
  9. },
  10. generateCode: function(req, res){
  11. Merchant.findOne({email: req.body.email.toLowerCase()})
  12. .then((merchant)=>{
  13. if(merchant === null){
  14. req.session.error = "USER WITH THIS EMAIL DOES NOT EXIST";
  15. return res.redirect("/");
  16. }
  17. merchant.verifyId = helper.generateId(15);
  18. const mailgunData = {
  19. from: "The Subline <clientsupport@thesubline.net>",
  20. to: merchant.email,
  21. subject: "Password Reset",
  22. html: passwordReset({
  23. name: merchant.name,
  24. link: `${process.env.SITE}/reset/${merchant._id}/${merchant.verifyId}`
  25. })
  26. };
  27. mailgun.messages().send(mailgunData, (err, body)=>{});
  28. return merchant.save();
  29. })
  30. .then((merchant)=>{
  31. req.session.success = "PASSWORD RESET EMAIL SENT";
  32. return res.redirect("/");
  33. })
  34. .catch((err)=>{
  35. req.session.error = "ERROR: UNABLE TO RESET PASSWORD AT THIS TIME";
  36. return res.redirect("/");
  37. });
  38. },
  39. enterPassword: function(req, res){
  40. return res.render("passwordResetPages/password", {id: req.params.id, code: req.params.code, banner: res.locals.banner});
  41. },
  42. resetPassword: function(req, res){
  43. Merchant.findOne({_id: req.body.id})
  44. .then((merchant)=>{
  45. if(merchant.verifyId !== req.body.code){
  46. req.session.error = "YOUR ACCOUNT COULD NOT BE VERIFIED. PLEASE CONTACT US IF THE PROBLEM PERSISTS.";
  47. return res.redirect("/");
  48. }
  49. if(req.body.password !== req.body.confirmPassword){
  50. req.session.error = "PASSWORDS DO NOT MATCH";
  51. return res.redirect(`/reset/${merchant._id}/${merchant.verifyId}`);
  52. }
  53. if(req.body.password.length < 10){
  54. req.session.error = "PASSWORD MUST CONTAIN AT LEAST 10 CHARACTERS";
  55. return res.redirect(`/reset/${merchant._id}/${merchant.verifyId}`);
  56. }
  57. const salt = bcrypt.genSaltSync(10);
  58. const hash = bcrypt.hashSync(req.body.password, salt);
  59. merchant.password = hash;
  60. merchant.verifyId = undefined;
  61. return merchant.save();
  62. })
  63. .then((merchant)=>{
  64. if(merchant !== undefined){
  65. req.session.success = "PASSWORD SUCCESSFULLY UPDATED. PLEASE LOG IN";
  66. return res.redirect("/login");
  67. }
  68. })
  69. .catch((err)=>{
  70. if(typeof(err) === "string"){
  71. req.session.error = err;
  72. }else if(err.name === "ValidationError"){
  73. req.session.error = err.errors[Object.keys(err.errors)[0]].properties.message;
  74. }else{
  75. req.session.error = "ERROR: UNABLE TO UPDATE YOUR PASSWORD AT THIS TIME";
  76. }
  77. return res.redirect("/");
  78. });
  79. }
  80. }