cengiz-demir/authController.js

## authController.js
const passport = require('passport');
const crypto = require('crypto');
const mongoose = require('mongoose');
const User = mongoose.model('User');
const promisify = require('es6-promisify');

exports.login = passport.authenticate('local', {
  failureRedirect: '/login',
  failureFlash: 'Failed Login!',
  successRedirect: '/',
  successFlash: 'You are now logged in!'
});

exports.logout = (req, res) => {
  req.logout();
  req.flash('success', 'You are now logged out! 👋');
  res.redirect('/');
};

exports.isLoggedIn = (req, res, next) => {
  // first check if the user is authenticated
  if (req.isAuthenticated()) {
    next(); // carry on! They are logged in!
    return;
  }
  req.flash('error', 'Oops you must be logged in to do that!');
  res.redirect('/login');
};

exports.forgot = async (req, res) => {
  // 1. See if a user with that email exists
  const user = await User.findOne({ email: req.body.email });
  if (!user) {
    req.flash('error', 'No account with that email exists.');
    return res.redirect('/login');
  }
  // 2. Set reset tokens and expiry on their account
  /* Note : crypto bize random bir key verir  */
  user.resetPasswordToken = crypto.randomBytes(20).toString('hex');
  user.resetPasswordExpires = Date.now() + 3600000; // 1 hour from now
  await user.save();
  // 3. Send them an email with the token
  const resetURL = `http://${req.headers.host}/account/reset/${user.resetPasswordToken}`;
  await mail.send({
    user,
    filename: 'password-reset',
    subject: 'Password Reset',
    resetURL
  });
  req.flash('success', `You have been emailed a password reset link.`);
  // 4. redirect to login page
  res.redirect('/login');
};

exports.reset = async (req, res) => {
  const user = await User.findOne({
    resetPasswordToken: req.params.token,
    resetPasswordExpires: { $gt: Date.now() }
     /*  Note: Datayi kaydederken
      1 hour from now, yapmistik gt: buyukmudur sorusudur  greater than
      simdiki zaman resetten
     */
  });
  if (!user) {
    req.flash('error', 'Password reset is invalid or has expired');
    return res.redirect('/login');
  }
  // if there is a user, show the rest password form
  res.render('reset', { title: 'Reset your Password' });
};

exports.confirmedPasswords = (req, res, next) => {
  if (req.body.password === req.body['password-confirm']) {
    next(); // keepit going!
    return;
  }
  req.flash('error', 'Passwords do not match!');
  res.redirect('back');
};

exports.update = async (req, res) => {
  const user = await User.findOne({
    resetPasswordToken: req.params.token,
    resetPasswordExpires: { $gt: Date.now() }
  });

  if (!user) {
    req.flash('error', 'Password reset is invalid or has expired');
    return res.redirect('/login');
  }

  const setPassword = promisify(user.setPassword, user);
  await setPassword(req.body.password);
  /* Note: undifined veri veri tabaninda tutulmaz!
    islemler bitince veri tabaninda o satirlar silinecekmis gibi dusunmek gerekiyor.
  */
  user.resetPasswordToken = undefined;
  user.resetPasswordExpires = undefined;
  const updatedUser = await user.save();
  await req.login(updatedUser);
  req.flash('success', '💃 Nice! Your password has been reset! You are now logged in!');
  res.redirect('/');
};

## userController.js
const mongoose = require('mongoose');
const User = mongoose.model('User');
const promisify = require('es6-promisify');

exports.loginForm = (req, res) => {
  res.render('login', { title: 'Login' });
};

exports.registerForm = (req, res) => {
  res.render('register', { title: 'Register' });
};

exports.validateRegister = (req, res, next) => {
  req.sanitizeBody('name');
  req.checkBody('name', 'You must supply a name!').notEmpty();
  req.checkBody('email', 'That Email is not valid!').isEmail();
  req.sanitizeBody('email').normalizeEmail({
    gmail_remove_dots: false,
    remove_extension: false,
    gmail_remove_subaddress: false
  });
  req.checkBody('password', 'Password Cannot be Blank!').notEmpty();
  req.checkBody('password-confirm', 'Confirmed Password cannot be blank!').notEmpty();
  req.checkBody('password-confirm', 'Oops! Your passwords do not match').equals(req.body.password);

  const errors = req.validationErrors();
  if (errors) {
    req.flash('error', errors.map(err => err.msg));
    res.render('register', { title: 'Register', body: req.body, flashes: req.flash() });
    return; // stop the fn from running
  }
  next(); // there were no errors!
};


/* Note : promisify kutufphanesinin kullanimi:

exports.resgister = async (req, res, next) => {
  const user = new User({ email: req.body.email, name: req.body.name});

  User.register(user, req.body.password, function(err, user){
  User.register  register kutuphanesi promoselari desteklemiyor bu yuzden
    promosify library ye iihtiyac gerekiyor.
    birde asycn await kullanimlari icin.

    birincisi method ikinci parameri bind ettirecegimiz eleman
  })
}
*/
exports.register = async (req, res, next) => {
  const user = new User({ email: req.body.email, name: req.body.name });
  const register = promisify(User.register, User);
  await register(user, req.body.password);
  next(); // pass to authController.login
};

exports.account = (req, res) => {
  res.render('account', { title: 'Edit Your Account' });
};

exports.updateAccount = async (req, res) => {
  const updates = {
    name: req.body.name,
    email: req.body.email
  };
/* findOneAndUpdate (query, update, optional) */
  const user = await User.findOneAndUpdate(
    { _id: req.user._id },
    { $set: updates },
    { new: true, runValidators: true, context: 'query' }
  );
  req.flash('success', 'Updated the profile!');
  res.redirect('back');
};
	const passport = require('passport');
	const crypto = require('crypto');
	const mongoose = require('mongoose');
	const User = mongoose.model('User');
	const promisify = require('es6-promisify');

	exports.login = passport.authenticate('local', {
	failureRedirect: '/login',
	failureFlash: 'Failed Login!',
	successRedirect: '/',
	successFlash: 'You are now logged in!'
	});

	exports.logout = (req, res) => {
	req.logout();
	req.flash('success', 'You are now logged out! 👋');
	res.redirect('/');
	};

	exports.isLoggedIn = (req, res, next) => {
	// first check if the user is authenticated
	if (req.isAuthenticated()) {
	next(); // carry on! They are logged in!
	return;
	}
	req.flash('error', 'Oops you must be logged in to do that!');
	res.redirect('/login');
	};

	exports.forgot = async (req, res) => {
	// 1. See if a user with that email exists
	const user = await User.findOne({ email: req.body.email });
	if (!user) {
	req.flash('error', 'No account with that email exists.');
	return res.redirect('/login');
	}
	// 2. Set reset tokens and expiry on their account
	/* Note : crypto bize random bir key verir */
	user.resetPasswordToken = crypto.randomBytes(20).toString('hex');
	user.resetPasswordExpires = Date.now() + 3600000; // 1 hour from now
	await user.save();
	// 3. Send them an email with the token
	const resetURL = `http://${req.headers.host}/account/reset/${user.resetPasswordToken}`;
	await mail.send({
	user,
	filename: 'password-reset',
	subject: 'Password Reset',
	resetURL
	});
	req.flash('success', `You have been emailed a password reset link.`);
	// 4. redirect to login page
	res.redirect('/login');
	};

	exports.reset = async (req, res) => {
	const user = await User.findOne({
	resetPasswordToken: req.params.token,
	resetPasswordExpires: { $gt: Date.now() }
	/* Note: Datayi kaydederken
	1 hour from now, yapmistik gt: buyukmudur sorusudur greater than
	simdiki zaman resetten
	*/
	});
	if (!user) {
	req.flash('error', 'Password reset is invalid or has expired');
	return res.redirect('/login');
	}
	// if there is a user, show the rest password form
	res.render('reset', { title: 'Reset your Password' });
	};

	exports.confirmedPasswords = (req, res, next) => {
	if (req.body.password === req.body['password-confirm']) {
	next(); // keepit going!
	return;
	}
	req.flash('error', 'Passwords do not match!');
	res.redirect('back');
	};

	exports.update = async (req, res) => {
	const user = await User.findOne({
	resetPasswordToken: req.params.token,
	resetPasswordExpires: { $gt: Date.now() }
	});

	if (!user) {
	req.flash('error', 'Password reset is invalid or has expired');
	return res.redirect('/login');
	}

	const setPassword = promisify(user.setPassword, user);
	await setPassword(req.body.password);
	/* Note: undifined veri veri tabaninda tutulmaz!
	islemler bitince veri tabaninda o satirlar silinecekmis gibi dusunmek gerekiyor.
	*/
	user.resetPasswordToken = undefined;
	user.resetPasswordExpires = undefined;
	const updatedUser = await user.save();
	await req.login(updatedUser);
	req.flash('success', '💃 Nice! Your password has been reset! You are now logged in!');
	res.redirect('/');
	};