passwordReset.js 3.7 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798
  1. const Owner = require("../models/owner.js");
  2. const passwordReset = require("../emails/passwordReset.js");
  3. const queryString = require("querystring");
  4. const axios = require("axios");
  5. const bcrypt = require("bcryptjs");
  6. module.exports = {
  7. enterEmail: function(req, res){
  8. return res.render("passwordResetPages/email");
  9. },
  10. generateCode: function(req, res){
  11. Owner.findOne({email: req.body.email.toLowerCase()})
  12. .then((owner)=>{
  13. if(owner === null){
  14. req.session.error = "USER WITH THIS EMAIL DOES NOT EXIST";
  15. return res.redirect("/");
  16. }
  17. axios({
  18. method: "post",
  19. url: "https://api.mailgun.net/v3/mg.leemorgan.dev/messages",
  20. headers: {
  21. "Content-Type": "application/x-www-form-urlencoded"
  22. },
  23. auth: {
  24. username: "api",
  25. password: process.env.SUBLINE_MAILGUN_API
  26. },
  27. data: queryString.stringify({
  28. from: "The Subline <subline@leemorgan.dev>",
  29. to: owner.email,
  30. subject: "Password Reset for The Subline",
  31. html: passwordReset({
  32. name: owner.name,
  33. link: `${process.env.SITE}/reset/${owner._id}/${owner.session.sessionId}`
  34. })
  35. })
  36. });
  37. req.session.success = "PASSWORD RESET EMAIL SENT";
  38. return res.redirect("/");
  39. })
  40. .catch((err)=>{
  41. req.session.error = "ERROR: UNABLE TO RESET PASSWORD AT THIS TIME";
  42. return res.redirect("/");
  43. });
  44. },
  45. enterPassword: function(req, res){
  46. return res.render("passwordResetPages/password", {id: req.params.id, code: req.params.code, banner: res.locals.banner});
  47. },
  48. resetPassword: function(req, res){
  49. Owner.findOne({_id: req.body.id})
  50. .then((owner)=>{
  51. if(owner.session.sessionId !== req.body.code){
  52. req.session.error = "YOUR ACCOUNT COULD NOT BE VERIFIED. PLEASE CONTACT US IF THE PROBLEM PERSISTS.";
  53. return res.redirect("/");
  54. }
  55. if(req.body.password !== req.body.confirmPassword){
  56. req.session.error = "PASSWORDS DO NOT MATCH";
  57. return res.redirect(`/reset/${owner._id}/${owner.session.sessionId}`);
  58. }
  59. if(req.body.password.length < 10){
  60. req.session.error = "PASSWORD MUST CONTAIN AT LEAST 10 CHARACTERS";
  61. return res.redirect(`/reset/${owner._id}/${owner.session.sessionId}`);
  62. }
  63. const salt = bcrypt.genSaltSync(10);
  64. const hash = bcrypt.hashSync(req.body.password, salt);
  65. owner.password = hash;
  66. return owner.save();
  67. })
  68. .then((owner)=>{
  69. if(owner !== undefined){
  70. req.session.success = "PASSWORD SUCCESSFULLY UPDATED. PLEASE LOG IN";
  71. return res.redirect("/login");
  72. }
  73. })
  74. .catch((err)=>{
  75. if(typeof(err) === "string"){
  76. req.session.error = err;
  77. }else if(err.name === "ValidationError"){
  78. req.session.error = err.errors[Object.keys(err.errors)[0]].properties.message;
  79. }else{
  80. req.session.error = "ERROR: UNABLE TO UPDATE YOUR PASSWORD";
  81. }
  82. return res.redirect("/");
  83. });
  84. }
  85. }