Created
May 5, 2018 12:38
-
-
Save cengiz-demir/6fac8fdd95bedc94d89e727e3b4c24c5 to your computer and use it in GitHub Desktop.
Forget Password
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const passport = require('passport'); | |
const crypto = require('crypto'); | |
const mongoose = require('mongoose'); | |
const User = mongoose.model('User'); | |
const promisify = require('es6-promisify'); | |
exports.login = passport.authenticate('local', { | |
failureRedirect: '/login', | |
failureFlash: 'Failed Login!', | |
successRedirect: '/', | |
successFlash: 'You are now logged in!' | |
}); | |
exports.logout = (req, res) => { | |
req.logout(); | |
req.flash('success', 'You are now logged out! 👋'); | |
res.redirect('/'); | |
}; | |
exports.isLoggedIn = (req, res, next) => { | |
// first check if the user is authenticated | |
if (req.isAuthenticated()) { | |
next(); // carry on! They are logged in! | |
return; | |
} | |
req.flash('error', 'Oops you must be logged in to do that!'); | |
res.redirect('/login'); | |
}; | |
exports.forgot = async (req, res) => { | |
// 1. See if a user with that email exists | |
const user = await User.findOne({ email: req.body.email }); | |
if (!user) { | |
req.flash('error', 'No account with that email exists.'); | |
return res.redirect('/login'); | |
} | |
// 2. Set reset tokens and expiry on their account | |
/* Note : crypto bize random bir key verir */ | |
user.resetPasswordToken = crypto.randomBytes(20).toString('hex'); | |
user.resetPasswordExpires = Date.now() + 3600000; // 1 hour from now | |
await user.save(); | |
// 3. Send them an email with the token | |
const resetURL = `http://${req.headers.host}/account/reset/${user.resetPasswordToken}`; | |
await mail.send({ | |
user, | |
filename: 'password-reset', | |
subject: 'Password Reset', | |
resetURL | |
}); | |
req.flash('success', `You have been emailed a password reset link.`); | |
// 4. redirect to login page | |
res.redirect('/login'); | |
}; | |
exports.reset = async (req, res) => { | |
const user = await User.findOne({ | |
resetPasswordToken: req.params.token, | |
resetPasswordExpires: { $gt: Date.now() } | |
/* Note: Datayi kaydederken | |
1 hour from now, yapmistik gt: buyukmudur sorusudur greater than | |
simdiki zaman resetten | |
*/ | |
}); | |
if (!user) { | |
req.flash('error', 'Password reset is invalid or has expired'); | |
return res.redirect('/login'); | |
} | |
// if there is a user, show the rest password form | |
res.render('reset', { title: 'Reset your Password' }); | |
}; | |
exports.confirmedPasswords = (req, res, next) => { | |
if (req.body.password === req.body['password-confirm']) { | |
next(); // keepit going! | |
return; | |
} | |
req.flash('error', 'Passwords do not match!'); | |
res.redirect('back'); | |
}; | |
exports.update = async (req, res) => { | |
const user = await User.findOne({ | |
resetPasswordToken: req.params.token, | |
resetPasswordExpires: { $gt: Date.now() } | |
}); | |
if (!user) { | |
req.flash('error', 'Password reset is invalid or has expired'); | |
return res.redirect('/login'); | |
} | |
const setPassword = promisify(user.setPassword, user); | |
await setPassword(req.body.password); | |
/* Note: undifined veri veri tabaninda tutulmaz! | |
islemler bitince veri tabaninda o satirlar silinecekmis gibi dusunmek gerekiyor. | |
*/ | |
user.resetPasswordToken = undefined; | |
user.resetPasswordExpires = undefined; | |
const updatedUser = await user.save(); | |
await req.login(updatedUser); | |
req.flash('success', '💃 Nice! Your password has been reset! You are now logged in!'); | |
res.redirect('/'); | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const mongoose = require('mongoose'); | |
const User = mongoose.model('User'); | |
const promisify = require('es6-promisify'); | |
exports.loginForm = (req, res) => { | |
res.render('login', { title: 'Login' }); | |
}; | |
exports.registerForm = (req, res) => { | |
res.render('register', { title: 'Register' }); | |
}; | |
exports.validateRegister = (req, res, next) => { | |
req.sanitizeBody('name'); | |
req.checkBody('name', 'You must supply a name!').notEmpty(); | |
req.checkBody('email', 'That Email is not valid!').isEmail(); | |
req.sanitizeBody('email').normalizeEmail({ | |
gmail_remove_dots: false, | |
remove_extension: false, | |
gmail_remove_subaddress: false | |
}); | |
req.checkBody('password', 'Password Cannot be Blank!').notEmpty(); | |
req.checkBody('password-confirm', 'Confirmed Password cannot be blank!').notEmpty(); | |
req.checkBody('password-confirm', 'Oops! Your passwords do not match').equals(req.body.password); | |
const errors = req.validationErrors(); | |
if (errors) { | |
req.flash('error', errors.map(err => err.msg)); | |
res.render('register', { title: 'Register', body: req.body, flashes: req.flash() }); | |
return; // stop the fn from running | |
} | |
next(); // there were no errors! | |
}; | |
/* Note : promisify kutufphanesinin kullanimi: | |
exports.resgister = async (req, res, next) => { | |
const user = new User({ email: req.body.email, name: req.body.name}); | |
User.register(user, req.body.password, function(err, user){ | |
User.register register kutuphanesi promoselari desteklemiyor bu yuzden | |
promosify library ye iihtiyac gerekiyor. | |
birde asycn await kullanimlari icin. | |
birincisi method ikinci parameri bind ettirecegimiz eleman | |
}) | |
} | |
*/ | |
exports.register = async (req, res, next) => { | |
const user = new User({ email: req.body.email, name: req.body.name }); | |
const register = promisify(User.register, User); | |
await register(user, req.body.password); | |
next(); // pass to authController.login | |
}; | |
exports.account = (req, res) => { | |
res.render('account', { title: 'Edit Your Account' }); | |
}; | |
exports.updateAccount = async (req, res) => { | |
const updates = { | |
name: req.body.name, | |
email: req.body.email | |
}; | |
/* findOneAndUpdate (query, update, optional) */ | |
const user = await User.findOneAndUpdate( | |
{ _id: req.user._id }, | |
{ $set: updates }, | |
{ new: true, runValidators: true, context: 'query' } | |
); | |
req.flash('success', 'Updated the profile!'); | |
res.redirect('back'); | |
}; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment