mercmobily/gist:2ab69a2d40b19e10d7fb7d8eb417192a

## gistfile1.txt
// POST /auth/recover ( body: { anyId: 43343 } )
exports.recoverPostRoute = function( req, res, next ) {

  hotCoreStore.getAllStores( function( err, allStores ){
    if( err ) return next( err );

    // Needs to be logged in for this to work
    if( req.session.userId ) return res.status( 403 ).json( { message: 'You are not authorized' } );

    var anyId = req.body.anyId;

    // Tags must be passed
    if( typeof( anyId ) != 'string' ) return res.status( 422 ).json( { message: 'Required field: anyId' } );

    function findUser( anyId, cb ){

      // Get the rest of the info
      allStores.usersInfo.dbLayer.selectByHash( { email: anyId }, function( err, record ){
        if( err ) return done( err );

        // Found! End of story: we have userId AND email!
        if( record ) return cb( null, record.userId, record.email );

        allStores.usersStrategies.dbLayer.selectByHash( { field1: anyId }, function( err, data, total ){
          if( err ) return next( err );

          // That's it: not even user name NOR facebook ID matched
          if( !total ) return cb( null, null, null );

          // There is a result!
          var userId = data[ 0 ].userId;

          // Attempt to find the email address
          // Get the rest of the info
          allStores.usersInfo.dbLayer.selectById( userId, function( err, record ){
            if( err ) return done( err );

            if( ! record || ! record.email = '' ) return cb( null, userId, null );

            return cb( null, userId, record.email );
          });
        });
      });
    }

    findUser( anyId, function( err, userId, email ){
      if( err) return done( err );

      if( !userId ) return res.status( 422 ).json( { message: 'User info not found' } );
      if( !email ) return res.status( 422 ).json( { message: 'User does not have an email address on file' } );

      hotCoreAuth.createToken( userId, function( err, token ){
        if( err ) return next( err );

        // Make up email body
        var text = `Hello there!

You haverecently requested us to help you reset your password for Wonder.

If you would like to do so, please visit:

http://www.wonder-app.com/auth/recoverPageLanding/${token}

Thank you!

The Wonder team`

        // create reusable transporter object using the default SMTP transport
        var transporter = nodemailer.createTransport('smtps://smtp-relay.gmail.com');

        // setup e-mail data with unicode symbols
        var mailOptions = {
            from: '"Wonder App 👥" <contact@wonder-app.com>', // sender address
            to: record.email, // list of receivers
            subject: 'Reset password for Wonder-app ✔', // Subject line
            text: text, // plaintext body
            //html: '<b>Hello world 🐴</b>' // html body
        };

        // send mail with defined transport object
        transporter.sendMail( mailOptions, function( err, info){
          if( err ) return next( err );

          res.status( 200 ).json( { message: 'Email sent' } );
          //console.log( "HERE:", info && info.response );

        });
      });
    });
  });
}
	// POST /auth/recover ( body: { anyId: 43343 } )
	exports.recoverPostRoute = function( req, res, next ) {

	hotCoreStore.getAllStores( function( err, allStores ){
	if( err ) return next( err );

	// Needs to be logged in for this to work
	if( req.session.userId ) return res.status( 403 ).json( { message: 'You are not authorized' } );

	var anyId = req.body.anyId;

	// Tags must be passed
	if( typeof( anyId ) != 'string' ) return res.status( 422 ).json( { message: 'Required field: anyId' } );

	function findUser( anyId, cb ){

	// Get the rest of the info
	allStores.usersInfo.dbLayer.selectByHash( { email: anyId }, function( err, record ){
	if( err ) return done( err );

	// Found! End of story: we have userId AND email!
	if( record ) return cb( null, record.userId, record.email );

	allStores.usersStrategies.dbLayer.selectByHash( { field1: anyId }, function( err, data, total ){
	if( err ) return next( err );

	// That's it: not even user name NOR facebook ID matched
	if( !total ) return cb( null, null, null );

	// There is a result!
	var userId = data[ 0 ].userId;

	// Attempt to find the email address
	// Get the rest of the info
	allStores.usersInfo.dbLayer.selectById( userId, function( err, record ){
	if( err ) return done( err );

	if( ! record \|\| ! record.email = '' ) return cb( null, userId, null );

	return cb( null, userId, record.email );
	});
	});
	});
	}

	findUser( anyId, function( err, userId, email ){
	if( err) return done( err );

	if( !userId ) return res.status( 422 ).json( { message: 'User info not found' } );
	if( !email ) return res.status( 422 ).json( { message: 'User does not have an email address on file' } );

	hotCoreAuth.createToken( userId, function( err, token ){
	if( err ) return next( err );

	// Make up email body
	var text = `Hello there!

	You haverecently requested us to help you reset your password for Wonder.

	If you would like to do so, please visit:

	http://www.wonder-app.com/auth/recoverPageLanding/${token}

	Thank you!

	The Wonder team`

	// create reusable transporter object using the default SMTP transport
	var transporter = nodemailer.createTransport('smtps://smtp-relay.gmail.com');

	// setup e-mail data with unicode symbols
	var mailOptions = {
	from: '"Wonder App 👥" <contact@wonder-app.com>', // sender address
	to: record.email, // list of receivers
	subject: 'Reset password for Wonder-app ✔', // Subject line
	text: text, // plaintext body
	//html: '<b>Hello world 🐴</b>' // html body
	};

	// send mail with defined transport object
	transporter.sendMail( mailOptions, function( err, info){
	if( err ) return next( err );

	res.status( 200 ).json( { message: 'Email sent' } );
	//console.log( "HERE:", info && info.response );

	});
	});
	});
	});
	}