passwordReset.js 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687
  1. const Merchant = require("../models/merchant.js");
  2. const passwordReset = require("../emails/passwordReset.js");
  3. const mailgun = require("mailgun-js")({apiKey: process.env.MG_SUBLINE_APIKEY, domain: "mail.thesubline.net"});
  4. const bcrypt = require("bcryptjs");
  5. module.exports = {
  6. enterEmail: function(req, res){
  7. return res.render("passwordResetPages/email");
  8. },
  9. generateCode: function(req, res){
  10. Merchant.findOne({email: req.body.email.toLowerCase()})
  11. .then((merchant)=>{
  12. if(merchant === null){
  13. req.session.error = "USER WITH THIS EMAIL DOES NOT EXIST";
  14. return res.redirect("/");
  15. }
  16. const mailgunData = {
  17. from: "The Subline <clientsupport@thesubline.net>",
  18. to: merchant.email,
  19. subject: "Password Reset",
  20. html: passwordReset({
  21. name: merchant.name,
  22. link: `${process.env.SITE}/reset/${merchant._id}/${merchant.session.sessionId}`
  23. })
  24. };
  25. mailgun.messages().send(mailgunData, (err, body)=>{});
  26. req.session.success = "PASSWORD RESET EMAIL SENT";
  27. return res.redirect("/");
  28. })
  29. .catch((err)=>{
  30. req.session.error = "ERROR: UNABLE TO RESET PASSWORD AT THIS TIME";
  31. return res.redirect("/");
  32. });
  33. },
  34. enterPassword: function(req, res){
  35. return res.render("passwordResetPages/password", {id: req.params.id, code: req.params.code, banner: res.locals.banner});
  36. },
  37. resetPassword: function(req, res){
  38. Merchant.findOne({_id: req.body.id})
  39. .then((merchant)=>{
  40. if(merchant.session.sessionId !== req.body.code){
  41. req.session.error = "YOUR ACCOUNT COULD NOT BE VERIFIED. PLEASE CONTACT US IF THE PROBLEM PERSISTS.";
  42. return res.redirect("/");
  43. }
  44. if(req.body.password !== req.body.confirmPassword){
  45. req.session.error = "PASSWORDS DO NOT MATCH";
  46. return res.redirect(`/reset/${merchant._id}/${merchant.session.sessionId}`);
  47. }
  48. if(req.body.password.length < 10){
  49. req.session.error = "PASSWORD MUST CONTAIN AT LEAST 10 CHARACTERS";
  50. return res.redirect(`/reset/${merchant._id}/${merchant.session.sessionId}`);
  51. }
  52. const salt = bcrypt.genSaltSync(10);
  53. const hash = bcrypt.hashSync(req.body.password, salt);
  54. merchant.password = hash;
  55. return merchant.save();
  56. })
  57. .then((merchant)=>{
  58. if(merchant !== undefined){
  59. req.session.success = "PASSWORD SUCCESSFULLY UPDATED. PLEASE LOG IN";
  60. return res.redirect("/login");
  61. }
  62. })
  63. .catch((err)=>{
  64. if(typeof(err) === "string"){
  65. req.session.error = err;
  66. }else if(err.name === "ValidationError"){
  67. req.session.error = err.errors[Object.keys(err.errors)[0]].properties.message;
  68. }else{
  69. req.session.error = "ERROR: UNABLE TO UPDATE YOUR PASSWORD AT THIS TIME";
  70. }
  71. return res.redirect("/");
  72. });
  73. }
  74. }