Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- reset.hbs
- <div class="row">
- <div style="margin: auto; margin-top: 5em" class="card col-xs-8 col-sm-8 col-md-8">
- <div class="card-block">
- {{#if messages.error}}
- <div class="alert alert-danger">
- {{ messages.error }}
- </div>
- {{/if}}
- {{#if messages.info}}
- <div class="alert alert-info">
- {{ messages.info }}
- </div>
- {{/if}}
- {{#if messages.success}}
- <div class="alert alert-success">
- {{ messages.success }}
- </div>
- {{/if}}
- <!--Header-->
- <div class="form-header blue">
- <h3></i>Reset Password</h3>
- </div>
- <form method="POST" action="">
- <div>
- New Password
- </div>
- <div>
- <input type="password" name="password">
- </div>
- <div>
- Confirm Password
- </div>
- <div>
- <input type="password" name="confirm">
- </div>
- <div>
- <input type="hidden" name="token" value="{{ resetToken }}">
- <input type="hidden" name="_csrf" value="{{ csrfToken }}">
- <button class="btn btn-primary" type="submit">Reset</button>
- </div>
- </form>
- </div>
- </div>
- </div>
- forgot.hbs
- <div class="row">
- <div style="margin: auto; margin-top: 5em" class="card col-xs-8 col-sm-8 col-md-8">
- <div class="card-block">
- {{#if messages.error}}
- <div class="alert alert-danger">
- {{ messages.error }}
- </div>
- {{/if}}
- {{#if messages.info}}
- <div class="alert alert-info">
- {{ messages.info }}
- </div>
- {{/if}}
- {{#if messages.success}}
- <div class="alert alert-success">
- {{ messages.success }}
- </div>
- {{/if}}
- <h1>Password Reset Request</h1>
- <form method="POST" action="/forgot">
- <input type="text" name="email" value="" autofocus>
- <input type="hidden" name="_csrf" value="{{ csrfToken }}">
- <input type="submit" value="forgot password">
- </form>
- </div>
- </div>
- </div>
- index.js
- var express = require('express');
- var router = express.Router();
- var csrf = require('csurf');
- var passport = require('passport');
- var nodemailer = require('nodemailer');
- var async = require('async');
- var crypto = require('crypto');
- var User = require('../models/user');
- var bcrypt = require('bcrypt-nodejs');
- var csrfProtection = csrf();
- router.use(csrfProtection);
- /* GET home page. */
- router.get('/', function(req, res, next) {
- res.render('shop/index', { title: 'Camtradr' });
- });
- router.get('/signup', function(req,res,next) {
- var messages = req.flash('error');
- res.render('user/signup', {csrfToken: req.csrfToken() , messages: messages, hasErrors: messages.length > 0});
- });
- router.post('/signup', passport.authenticate('local.signup', {
- successRedirect: '/profile',
- failureRedirect: '/signup',
- failureFlash: true
- }));
- router.get('/logout', function( req, res, next ) {
- req.logout();
- res.redirect('/');
- });
- router.get('/profile', isLoggedIn, function(req,res,next) {
- res.render('user/profile',{ username: req.user.username});
- });
- router.get('/signin', function(req,res,next) {
- var messages = req.flash('error') || req.flash('info') || req.flash('success');
- res.render('user/signin', {csrfToken: req.csrfToken() , messages: messages, hasErrors: messages.length > 0});
- });
- router.post('/signin', passport.authenticate('local.signin', {
- successRedirect: '/profile',
- failureRedirect: '/signin',
- failureFlash: true
- }));
- router.get('/forgot', function(req, res) {
- res.render('user/forgot', {
- user: req.user,
- csrfToken: req.csrfToken(),
- messages: {
- info: req.flash('info'),
- success: req.flash('success'),
- error: req.flash('error')
- }
- });
- });
- router.post('/forgot', function(req, res, next) {
- async.waterfall([
- function(done) {
- crypto.randomBytes(20, function(err, buf) {
- var token = buf.toString('hex');
- done(err, token);
- });
- },
- function(token, done) {
- User.findOne({ email: req.body.email }, function(err, user) {
- if (!user) {
- var messages = req.flash('error', 'No account with that email address exists.');
- return res.redirect('/forgot');
- }
- user.resetPasswordToken = token;
- user.resetPasswordExpires = Date.now() + 3600000; // 1 hour
- user.save(function(err) {
- done(err, token, user);
- });
- });
- },
- function(token, user, done) {
- var transport = nodemailer.createTransport({
- service: 'SendGrid',
- auth: {
- user: 'halfcab123',
- pass: 'a1s2d3f4g5'
- }
- });
- var mailOptions = {
- to: user.email,
- from: 'passwordreset@camtradr.com',
- subject: 'Camtradr Password Reset',
- text: user.username + ', You are receiving this because you (or someone else) have requested the reset of the password for your account.\n\n' +
- 'Please click on the following link, or paste this into your browser to complete the process:\n\n' +
- 'http://' + req.headers.host + '/reset/' + token + '\n\n' +
- 'If you did not request this, please ignore this email and your password will remain unchanged.\n'
- };
- transport.sendMail(mailOptions, function(err) {
- req.flash('info', 'An e-mail has been sent to ' + user.email + ' with further instructions.');
- return done(err, 'done');
- });
- }
- ], function(err) {
- if (err) return next(err);
- req.flash('error', err);
- res.redirect('/forgot');
- });
- });
- router.get('/reset/:token', function(req, res) {
- User.findOne({ resetPasswordToken: req.params.token, resetPasswordExpires: { $gt: Date.now() } }, function(err, user) {
- if (!user) {
- req.flash('error', 'Password reset token is invalid or has expired.');
- return res.redirect('/forgot');
- }
- res.render('user/reset', {
- user: req.user,
- csrfToken: req.csrfToken(),
- token: req.params.token,
- messages: {
- info: req.flash('info'),
- success: req.flash('success'),
- error: req.flash('error')
- }
- });
- });
- });
- router.post('/reset/:token', function(req, res) {
- async.waterfall([
- function(done) {
- console.log(req.params.token);
- User.findOne({ resetPasswordToken: req.params.token, resetPasswordExpires: { $gt: Date.now() } }, function(err, user) {
- if (!user) {
- req.flash('error', 'Password reset token is invalid or has expired.');
- return res.redirect('back');
- }
- user.password = bcrypt.hashSync(req.body.password, bcrypt.genSaltSync(5), null);
- user.resetPasswordToken = undefined;
- user.resetPasswordExpires = undefined;
- user.save(function(err) {
- req.logIn(user, function(err) {
- done(err, user);
- });
- });
- });
- },
- function(user, done) {
- var smtpTransport = nodemailer.createTransport({
- service: 'SendGrid',
- auth: {
- user: 'halfcab123',
- pass: 'a1s2d3f4g5'
- }
- });
- var mailOptions = {
- to: user.email,
- from: 'passwordreset@camtradr.com',
- subject: 'Your password has been changed',
- text: 'Hello,\n\n' +
- 'This is a confirmation that the password for your account ' + user.email + ' has just been changed.\n'
- };
- smtpTransport.sendMail(mailOptions, function(err) {
- req.flash('success', 'Success! Your password has been changed.');
- done(err);
- });
- }
- ], function(err) {
- res.redirect('/signin');
- });
- });
- module.exports = router;
- //Middleware to protect routes from non-users
- function isLoggedIn(req, res, next) {
- if (req.isAuthenticated()) {
- return next();
- }
- res.redirect('/');
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement