passwordReset.js 3.7 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495
  1. const Merchant = require("../models/merchant.js");
  2. const helper = require("./helper.js");
  3. const passwordReset = require("../emails/passwordReset.js");
  4. const mailgun = require("mailgun-js")({apiKey: process.env.MG_SUBLINE_APIKEY, domain: "mail.thesubline.net"});
  5. const bcrypt = require("bcryptjs");
  6. module.exports = {
  7. enterEmail: function(req, res){
  8. return res.render("passwordResetPages/email");
  9. },
  10. generateCode: function(req, res){
  11. Merchant.findOne({email: req.body.email.toLowerCase()})
  12. .then((merchant)=>{
  13. if(merchant === null){
  14. req.session.error = "USER WITH THIS EMAIL DOES NOT EXIST";
  15. return res.redirect("/");
  16. }
  17. merchant.verifyId = helper.generateId(15);
  18. const mailgunData = {
  19. from: "The Subline <clientsupport@thesubline.net>",
  20. to: merchant.email,
  21. subject: "Password Reset",
  22. html: passwordReset({
  23. name: merchant.name,
  24. link: `${process.env.SITE}/reset/${merchant._id}/${merchant.verifyId}`
  25. })
  26. };
  27. mailgun.messages().send(mailgunData, (err, body)=>{});
  28. return merchant.save();
  29. })
  30. .then((merchant)=>{
  31. req.session.success = "PASSWORD RESET EMAIL SENT";
  32. return res.redirect("/");
  33. })
  34. .catch((err)=>{
  35. req.session.error = "ERROR: UNABLE TO RESET PASSWORD AT THIS TIME";
  36. return res.redirect("/");
  37. });
  38. },
  39. enterPassword: function(req, res){
  40. return res.render("passwordResetPages/password", {id: req.params.id, code: req.params.code});
  41. },
  42. resetPassword: function(req, res){
  43. Merchant.findOne({_id: req.body.id})
  44. .then((merchant)=>{
  45. if(merchant.verifyId !== req.body.code){
  46. req.session.error = "YOUR ACCOUNT COULD NOT BE VERIFIED. PLEASE CONTACT US IF THE PROBLEM PERSISTS.";
  47. return res.redirect("/");
  48. }
  49. //TODO: add banners to the relevant pages
  50. if(req.body.password !== req.body.confirmPassword){
  51. req.session.error = "PASSWORDS DO NOT MATCH";
  52. return res.redirect(`/reset/${merchant._id}/${merchant.verifyId}`);
  53. }
  54. if(req.body.password.length < 10){
  55. req.session.error = "PASSWORD MUST CONTAIN AT LEAST 10 CHARACTERS";
  56. return res.redirect(`/reset/${merchant._id}/${merchant.verifyId}`);
  57. }
  58. const salt = bcrypt.genSaltSync(10);
  59. const hash = bcrypt.hashSync(req.body.password, salt);
  60. merchant.password = hash;
  61. merchant.verifyId = undefined;
  62. return merchant.save();
  63. })
  64. .then((merchant)=>{
  65. if(merchant !== undefined){
  66. req.session.success = "PASSWORD SUCCESSFULLY UPDATED. PLEASE LOG IN";
  67. return res.redirect("/login");
  68. }
  69. })
  70. .catch((err)=>{
  71. if(typeof(err) === "string"){
  72. req.session.error = err;
  73. }else if(err.name === "ValidationError"){
  74. req.session.error = err.errors[Object.keys(err.errors)[0]].properties.message;
  75. }else{
  76. req.session.error = "ERROR: UNABLE TO UPDATE YOUR PASSWORD AT THIS TIME";
  77. }
  78. return res.redirect("/");
  79. });
  80. }
  81. }