Skip to content

Instantly share code, notes, and snippets.

@sailsinaction

sailsinaction/000 - Chapter 9 - Gists

Last active May 12, 2016 00:34
Show Gist options
  • Save sailsinaction/b12d5d6fb55f7a15a3ed to your computer and use it in GitHub Desktop.
Save sailsinaction/b12d5d6fb55f7a15a3ed to your computer and use it in GitHub Desktop.
Download ZIP
Chapter 9 - Gists
Raw
000 - Chapter 9 - Gists
.d8888b. 888 888 .d8888b. .d8888b. d8b 888
d88P Y88b 888 888 d88P Y88b d88P Y88b Y8P 888
888 888 888 888 888 888 888 888 888
888 88888b. 8888b. 88888b. 888888 .d88b. 888d888 Y88b. d888 888 888 .d8888b 888888 .d8888b
888 888 "88b "88b 888 "88b 888 d8P Y8b 888P" "Y888P888 888 88888 888 88K 888 88K
888 888 888 888 .d888888 888 888 888 88888888 888 888 888888 888 888 888 "Y8888b. 888 "Y8888b.
Y88b d88P 888 888 888 888 888 d88P Y88b. Y8b. 888 Y88b d88P Y88b d88P 888 X88 Y88b. X88
"Y8888P" 888 888 "Y888888 88888P" "Y888 "Y8888 888 "Y8888P" "Y8888P88 888 88888P' "Y888 88888P'
888
888
888
Raw
001 - Listing 9.1 Adding the login route
module.exports.routes = {
/*************************************************************
* JSON API *
*************************************************************/
'PUT /login': 'UserController.login',
/*************************************************************
* Server-rendered HTML Pages *
*************************************************************/
'GET /videos': {
view: 'videos',
locals: {
me: null
}
},
'GET /profile': {
view: 'profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /edit-profile': {
view: 'edit-profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /signup': {
view: 'signup',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /restore-profile': {
view: 'restore-profile',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /administration': {
view: 'adminUsers',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
}
}
}
};
Raw
002 - Listing 9.2 Adding the login action
/**
* UserController
*
* @description :: Server-side logic for managing users
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
var Emailaddresses = require('machinepack-emailaddresses');
var Passwords = require('machinepack-passwords');
var Gravatar = require('machinepack-gravatar');
module.exports = {
login: function (req, res) {
User.findOne({
or : [
{ email: req.param('email') },
{ username: req.param('username') }
]
}, function foundUser(err, createdUser) {
if (err) return res.negotiate(err);
if (!createdUser) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: createdUser.encryptedPassword
}).exec({
error: function (err){
return res.negotiate(err);
},
incorrect: function (){
return res.notFound();
},
success: function (){
if (createdUser.deleted) {
return res.forbidden("'Your our account has been deleted. Please visit http://brushfire.io/restore to restore your account.'");
}
if (createdUser.banned) {
return res.forbidden("'Your our account has been banned, most likely for adding dog videos in violation of the Terms of Service. Please contact Chad or his mother.'");
}
// Response with a 200 status
return res.ok();
}
});
});
},
signup: function(req, res) {
if (_.isUndefined(req.param('email'))) {
return res.badRequest('An email address is required!');
}
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
if (_.isUndefined(req.param('username'))) {
return res.badRequest('A username is required!');
}
// username must be at least 6 characters
if (req.param('username').length < 6) {
return res.badRequest('Username must be at least 6 characters!');
}
// Username must contain only numbers and letters.
if (!_.isString(req.param('username')) || req.param('username').match(/[^a-z0-9]/i)) {
return res.badRequest('Invalid username: must consist of numbers and letters only.');
}
Emailaddresses.validate({
string: req.param('email'),
}).exec({
// An unexpected error occurred.
error: function(err) {
return res.serverError(err);
},
// The provided string is not an email address.
invalid: function() {
return res.badRequest('Doesn\'t look like an email address to me!');
},
// OK.
success: function() {
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
var options = {};
try {
options.gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
} catch (err) {
return res.serverError(err);
}
options.email = req.param('email');
options.username = splitUsername;
options.encryptedPassword = result;
options.deleted = false;
options.admin = false;
options.banned = false;
User.create(options).exec(function(err, createdUser) {
if (err) {
console.log('the error is: ', err.invalidAttributes);
if (err.invalidAttributes && err.invalidAttributes.email && err.invalidAttributes.email[0] && err.invalidAttributes.email[0].rule === 'unique') {
// return res.send(409, 'Email address is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
if (err.invalidAttributes && err.invalidAttributes.username && err.invalidAttributes.username[0] && err.invalidAttributes.username[0].rule === 'unique') {
// return res.send(409, 'Username is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
return res.negotiate(err);
}
return res.json(createdUser);
});
}
});
}
});
},
profile: function(req, res) {
// Try to look up user using the provided email address
User.findOne(req.param('id')).exec(function foundUser(err, user) {
// Handle error
if (err) return res.negotiate(err);
// Handle no user being found
if (!user) return res.notFound();
// Return the user
return res.json(user);
});
},
delete: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.destroy({
id: req.param('id')
}).exec(function(err, usersDestroyed) {
if (err) return res.negotiate(err);
if (usersDestroyed.length === 0) {
return res.notFound();
}
return res.ok();
});
},
removeProfile: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.update({
id: req.param('id')
}, {
deleted: true
}, function(err, removedUser) {
if (err) return res.negotiate(err);
if (removedUser.length === 0) {
return res.notFound();
}
return res.ok();
});
},
restoreProfile: function(req, res) {
User.findOne({
email: req.param('email')
}, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: user.encryptedPassword
}).exec({
error: function(err) {
return res.negotiate(err);
},
incorrect: function() {
return res.notFound();
},
success: function() {
User.update({
id: user.id
}, {
deleted: false
}).exec(function(err, updatedUser) {
return res.json(updatedUser);
});
}
});
});
},
restoreGravatarURL: function(req, res) {
try {
var restoredGravatarURL = gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
return res.json(restoredGravatarURL);
} catch (err) {
return res.serverError(err);
}
},
updateProfile: function(req, res) {
User.update({
id: req.param('id')
}, {
gravatarURL: req.param('gravatarURL')
}, function(err, updatedUser) {
if (err) return res.negotiate(err);
return res.json(updatedUser);
});
},
changePassword: function(req, res) {
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
User.update({
id: req.param('id')
}, {
encryptedPassword: result
}).exec(function(err, updatedUser) {
if (err) {
return res.negotiate(err);
}
return res.json(updatedUser);
});
}
});
},
adminUsers: function(req, res) {
User.find().exec(function(err, users){
if (err) return res.negotiate(err);
return res.json(users);
});
},
updateAdmin: function(req, res) {
User.update(req.param('id'), {
admin: req.param('admin')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateBanned: function(req, res) {
User.update(req.param('id'), {
banned: req.param('banned')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateDeleted: function(req, res) {
User.update(req.param('id'), {
deleted: req.param('deleted')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
}
};
Raw
003 - Listing 9.3 Simulating an unauthenticated state in the root route
module.exports.routes = {
/*************************************************************
* JSON API *
*************************************************************/
'PUT /login': 'UserController.login',
/*************************************************************
* Server-rendered HTML Pages *
*************************************************************/
'GET /': {
view: 'homepage',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /videos': {
view: 'videos',
locals: {
me: null
}
},
'GET /profile': {
view: 'profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /edit-profile': {
view: 'edit-profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /signup': {
view: 'signup',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /restore-profile': {
view: 'restore-profile',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /administration': {
view: 'adminUsers',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
}
}
}
};
Raw
004 - Listing 9.4 Adding setSession and getSession actions to better understand sessiosn
/**
* UserController
*
* @description :: Server-side logic for managing users
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
var Emailaddresses = require('machinepack-emailaddresses');
var Passwords = require('machinepack-passwords');
var Gravatar = require('machinepack-gravatar');
module.exports = {
setSession: function(req, res) {
req.session.userId = req.param('sessionVar');
return res.json(req.session.userId || 'not yet set');
},
getSession: function(req, res) {
return res.json(req.session.userId || 'not yet set');
},
login: function (req, res) {
User.findOne({
or : [
{ email: req.param('email') },
{ username: req.param('username') }
]
}, function foundUser(err, createdUser) {
if (err) return res.negotiate(err);
if (!createdUser) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: createdUser.encryptedPassword
}).exec({
error: function (err){
return res.negotiate(err);
},
incorrect: function (){
return res.notFound();
},
success: function (){
if (createdUser.deleted) {
return res.forbidden("'Your our account has been deleted. Please visit http://brushfire.io/restore to restore your account.'");
}
if (createdUser.banned) {
return res.forbidden("'Your our account has been banned, most likely for adding dog videos in violation of the Terms of Service. Please contact Chad or his mother.'");
}
// Respond with a 200 status
return res.ok();
}
});
});
},
signup: function(req, res) {
if (_.isUndefined(req.param('email'))) {
return res.badRequest('An email address is required!');
}
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
if (_.isUndefined(req.param('username'))) {
return res.badRequest('A username is required!');
}
// username must be at least 6 characters
if (req.param('username').length < 6) {
return res.badRequest('Username must be at least 6 characters!');
}
// Username must contain only numbers and letters.
if (!_.isString(req.param('username')) || req.param('username').match(/[^a-z0-9]/i)) {
return res.badRequest('Invalid username: must consist of numbers and letters only.');
}
Emailaddresses.validate({
string: req.param('email'),
}).exec({
// An unexpected error occurred.
error: function(err) {
return res.serverError(err);
},
// The provided string is not an email address.
invalid: function() {
return res.badRequest('Doesn\'t look like an email address to me!');
},
// OK.
success: function() {
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
var options = {};
try {
options.gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
} catch (err) {
return res.serverError(err);
}
options.email = req.param('email');
options.username = splitUsername;
options.encryptedPassword = result;
options.deleted = false;
options.admin = false;
options.banned = false;
User.create(options).exec(function(err, createdUser) {
if (err) {
console.log('the error is: ', err.invalidAttributes);
if (err.invalidAttributes && err.invalidAttributes.email && err.invalidAttributes.email[0] && err.invalidAttributes.email[0].rule === 'unique') {
// return res.send(409, 'Email address is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
if (err.invalidAttributes && err.invalidAttributes.username && err.invalidAttributes.username[0] && err.invalidAttributes.username[0].rule === 'unique') {
// return res.send(409, 'Username is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
return res.negotiate(err);
}
return res.json(createdUser);
});
}
});
}
});
},
profile: function(req, res) {
// Try to look up user using the provided email address
User.findOne(req.param('id')).exec(function foundUser(err, user) {
// Handle error
if (err) return res.negotiate(err);
// Handle no user being found
if (!user) return res.notFound();
// Return the user
return res.json(user);
});
},
delete: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.destroy({
id: req.param('id')
}).exec(function(err, usersDestroyed) {
if (err) return res.negotiate(err);
if (usersDestroyed.length === 0) {
return res.notFound();
}
return res.ok();
});
},
removeProfile: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.update({
id: req.param('id')
}, {
deleted: true
}, function(err, removedUser) {
if (err) return res.negotiate(err);
if (removedUser.length === 0) {
return res.notFound();
}
return res.ok();
});
},
restoreProfile: function(req, res) {
User.findOne({
email: req.param('email')
}, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: user.encryptedPassword
}).exec({
error: function(err) {
return res.negotiate(err);
},
incorrect: function() {
return res.notFound();
},
success: function() {
User.update({
id: user.id
}, {
deleted: false
}).exec(function(err, updatedUser) {
return res.json(updatedUser);
});
}
});
});
},
restoreGravatarURL: function(req, res) {
try {
var restoredGravatarURL = gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
return res.json(restoredGravatarURL);
} catch (err) {
return res.serverError(err);
}
},
updateProfile: function(req, res) {
User.update({
id: req.param('id')
}, {
gravatarURL: req.param('gravatarURL')
}, function(err, updatedUser) {
if (err) return res.negotiate(err);
return res.json(updatedUser);
});
},
changePassword: function(req, res) {
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
User.update({
id: req.param('id')
}, {
encryptedPassword: result
}).exec(function(err, updatedUser) {
if (err) {
return res.negotiate(err);
}
return res.json(updatedUser);
});
}
});
},
adminUsers: function(req, res) {
User.find().exec(function(err, users){
if (err) return res.negotiate(err);
return res.json(users);
});
},
updateAdmin: function(req, res) {
User.update(req.param('id'), {
admin: req.param('admin')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateBanned: function(req, res) {
User.update(req.param('id'), {
banned: req.param('banned')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateDeleted: function(req, res) {
User.update(req.param('id'), {
deleted: req.param('deleted')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
}
};
Raw
005 - Listing 9.5 Adding a userId property to the session on a successful password check
/**
* UserController
*
* @description :: Server-side logic for managing users
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
var Emailaddresses = require('machinepack-emailaddresses');
var Passwords = require('machinepack-passwords');
var Gravatar = require('machinepack-gravatar');
module.exports = {
login: function (req, res) {
User.findOne({
or : [
{ email: req.param('email') },
{ username: req.param('username') }
]
}, function foundUser(err, createdUser) {
if (err) return res.negotiate(err);
if (!createdUser) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: createdUser.encryptedPassword
}).exec({
error: function (err){
return res.negotiate(err);
},
incorrect: function (){
return res.notFound();
},
success: function (){
if (createdUser.deleted) {
return res.forbidden("'Your our account has been deleted. Please visit http://brushfire.io/restore to restore your account.'");
}
if (createdUser.banned) {
return res.forbidden("'Your our account has been banned, most likely for adding dog videos in violation of the Terms of Service. Please contact Chad or his mother.'");
}
// Login user
req.session.userId = user.id;
// Respond with a 200 status
return res.ok();
}
});
});
},
signup: function(req, res) {
if (_.isUndefined(req.param('email'))) {
return res.badRequest('An email address is required!');
}
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
if (_.isUndefined(req.param('username'))) {
return res.badRequest('A username is required!');
}
// username must be at least 6 characters
if (req.param('username').length < 6) {
return res.badRequest('Username must be at least 6 characters!');
}
// Username must contain only numbers and letters.
if (!_.isString(req.param('username')) || req.param('username').match(/[^a-z0-9]/i)) {
return res.badRequest('Invalid username: must consist of numbers and letters only.');
}
Emailaddresses.validate({
string: req.param('email'),
}).exec({
// An unexpected error occurred.
error: function(err) {
return res.serverError(err);
},
// The provided string is not an email address.
invalid: function() {
return res.badRequest('Doesn\'t look like an email address to me!');
},
// OK.
success: function() {
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
var options = {};
try {
options.gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
} catch (err) {
return res.serverError(err);
}
options.email = req.param('email');
options.username = splitUsername;
options.encryptedPassword = result;
options.deleted = false;
options.admin = false;
options.banned = false;
User.create(options).exec(function(err, createdUser) {
if (err) {
console.log('the error is: ', err.invalidAttributes);
if (err.invalidAttributes && err.invalidAttributes.email && err.invalidAttributes.email[0] && err.invalidAttributes.email[0].rule === 'unique') {
// return res.send(409, 'Email address is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
if (err.invalidAttributes && err.invalidAttributes.username && err.invalidAttributes.username[0] && err.invalidAttributes.username[0].rule === 'unique') {
// return res.send(409, 'Username is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
return res.negotiate(err);
}
return res.json(createdUser);
});
}
});
}
});
},
profile: function(req, res) {
// Try to look up user using the provided email address
User.findOne(req.param('id')).exec(function foundUser(err, user) {
// Handle error
if (err) return res.negotiate(err);
// Handle no user being found
if (!user) return res.notFound();
// Return the user
return res.json(user);
});
},
delete: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.destroy({
id: req.param('id')
}).exec(function(err, usersDestroyed) {
if (err) return res.negotiate(err);
if (usersDestroyed.length === 0) {
return res.notFound();
}
return res.ok();
});
},
removeProfile: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.update({
id: req.param('id')
}, {
deleted: true
}, function(err, removedUser) {
if (err) return res.negotiate(err);
if (removedUser.length === 0) {
return res.notFound();
}
return res.ok();
});
},
restoreProfile: function(req, res) {
User.findOne({
email: req.param('email')
}, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: user.encryptedPassword
}).exec({
error: function(err) {
return res.negotiate(err);
},
incorrect: function() {
return res.notFound();
},
success: function() {
User.update({
id: user.id
}, {
deleted: false
}).exec(function(err, updatedUser) {
return res.json(updatedUser);
});
}
});
});
},
restoreGravatarURL: function(req, res) {
try {
var restoredGravatarURL = gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
return res.json(restoredGravatarURL);
} catch (err) {
return res.serverError(err);
}
},
updateProfile: function(req, res) {
User.update({
id: req.param('id')
}, {
gravatarURL: req.param('gravatarURL')
}, function(err, updatedUser) {
if (err) return res.negotiate(err);
return res.json(updatedUser);
});
},
changePassword: function(req, res) {
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
User.update({
id: req.param('id')
}, {
encryptedPassword: result
}).exec(function(err, updatedUser) {
if (err) {
return res.negotiate(err);
}
return res.json(updatedUser);
});
}
});
},
adminUsers: function(req, res) {
User.find().exec(function(err, users){
if (err) return res.negotiate(err);
return res.json(users);
});
},
updateAdmin: function(req, res) {
User.update(req.param('id'), {
admin: req.param('admin')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateBanned: function(req, res) {
User.update(req.param('id'), {
banned: req.param('banned')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateDeleted: function(req, res) {
User.update(req.param('id'), {
deleted: req.param('deleted')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
}
};
Raw
006 - Listing 9.6 Creating the logout route.
module.exports.routes = {
/*************************************************************
* JSON API *
*************************************************************/
'PUT /login': 'UserController.login',
'GET /logout': 'UserController.logout',
/*************************************************************
* Server-rendered HTML Pages *
*************************************************************/
'GET /': {
view: 'homepage',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /videos': {
view: 'videos',
locals: {
me: null
}
},
'GET /profile': {
view: 'profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /edit-profile': {
view: 'edit-profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /signup': {
view: 'signup',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /restore-profile': {
view: 'restore-profile',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /administration': {
view: 'adminUsers',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
}
}
}
};
Raw
007 - Listing 9.7 Adding the logout action in the user controller
/**
* UserController
*
* @description :: Server-side logic for managing users
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
var Emailaddresses = require('machinepack-emailaddresses');
var Passwords = require('machinepack-passwords');
var Gravatar = require('machinepack-gravatar');
module.exports = {
login: function (req, res) {
User.findOne({
or : [
{ email: req.param('email') },
{ username: req.param('username') }
]
}, function foundUser(err, createdUser) {
if (err) return res.negotiate(err);
if (!createdUser) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: createdUser.encryptedPassword
}).exec({
error: function (err){
return res.negotiate(err);
},
incorrect: function (){
return res.notFound();
},
success: function (){
if (createdUser.deleted) {
return res.forbidden("'Your our account has been deleted. Please visit http://brushfire.io/restore to restore your account.'");
}
if (createdUser.banned) {
return res.forbidden("'Your our account has been banned, most likely for adding dog videos in violation of the Terms of Service. Please contact Chad or his mother.'");
}
// Login user
req.session.userId = createdUser.id;
// Respond with a 200 status
return res.ok();
}
});
});
},
logout: function (req, res) {
if (!req.session.userId) return res.redirect('/');
User.findOne(req.session.userId, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists.');
return res.redirect('/');
}
// Logout user
req.session.userId = null;
return res.redirect('/');
});
},
signup: function(req, res) {
if (_.isUndefined(req.param('email'))) {
return res.badRequest('An email address is required!');
}
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
if (_.isUndefined(req.param('username'))) {
return res.badRequest('A username is required!');
}
// username must be at least 6 characters
if (req.param('username').length < 6) {
return res.badRequest('Username must be at least 6 characters!');
}
// Username must contain only numbers and letters.
if (!_.isString(req.param('username')) || req.param('username').match(/[^a-z0-9]/i)) {
return res.badRequest('Invalid username: must consist of numbers and letters only.');
}
Emailaddresses.validate({
string: req.param('email'),
}).exec({
// An unexpected error occurred.
error: function(err) {
return res.serverError(err);
},
// The provided string is not an email address.
invalid: function() {
return res.badRequest('Doesn\'t look like an email address to me!');
},
// OK.
success: function() {
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
var options = {};
try {
options.gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
} catch (err) {
return res.serverError(err);
}
options.email = req.param('email');
options.username = splitUsername;
options.encryptedPassword = result;
options.deleted = false;
options.admin = false;
options.banned = false;
User.create(options).exec(function(err, createdUser) {
if (err) {
console.log('the error is: ', err.invalidAttributes);
if (err.invalidAttributes && err.invalidAttributes.email && err.invalidAttributes.email[0] && err.invalidAttributes.email[0].rule === 'unique') {
// return res.send(409, 'Email address is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
if (err.invalidAttributes && err.invalidAttributes.username && err.invalidAttributes.username[0] && err.invalidAttributes.username[0].rule === 'unique') {
// return res.send(409, 'Username is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
return res.negotiate(err);
}
return res.json(createdUser);
});
}
});
}
});
},
profile: function(req, res) {
// Try to look up user using the provided email address
User.findOne(req.param('id')).exec(function foundUser(err, user) {
// Handle error
if (err) return res.negotiate(err);
// Handle no user being found
if (!user) return res.notFound();
// Return the user
return res.json(user);
});
},
delete: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.destroy({
id: req.param('id')
}).exec(function(err, usersDestroyed) {
if (err) return res.negotiate(err);
if (usersDestroyed.length === 0) {
return res.notFound();
}
return res.ok();
});
},
removeProfile: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.update({
id: req.param('id')
}, {
deleted: true
}, function(err, removedUser) {
if (err) return res.negotiate(err);
if (removedUser.length === 0) {
return res.notFound();
}
return res.ok();
});
},
restoreProfile: function(req, res) {
User.findOne({
email: req.param('email')
}, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: user.encryptedPassword
}).exec({
error: function(err) {
return res.negotiate(err);
},
incorrect: function() {
return res.notFound();
},
success: function() {
User.update({
id: user.id
}, {
deleted: false
}).exec(function(err, updatedUser) {
return res.json(updatedUser);
});
}
});
});
},
restoreGravatarURL: function(req, res) {
try {
var restoredGravatarURL = gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
return res.json(restoredGravatarURL);
} catch (err) {
return res.serverError(err);
}
},
updateProfile: function(req, res) {
User.update({
id: req.param('id')
}, {
gravatarURL: req.param('gravatarURL')
}, function(err, updatedUser) {
if (err) return res.negotiate(err);
return res.json(updatedUser);
});
},
changePassword: function(req, res) {
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
User.update({
id: req.param('id')
}, {
encryptedPassword: result
}).exec(function(err, updatedUser) {
if (err) {
return res.negotiate(err);
}
return res.json(updatedUser);
});
}
});
},
adminUsers: function(req, res) {
User.find().exec(function(err, users){
if (err) return res.negotiate(err);
return res.json(users);
});
},
updateAdmin: function(req, res) {
User.update(req.param('id'), {
admin: req.param('admin')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateBanned: function(req, res) {
User.update(req.param('id'), {
banned: req.param('banned')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateDeleted: function(req, res) {
User.update(req.param('id'), {
deleted: req.param('deleted')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
}
};
Raw
008 - Listing 9.8 Changing the user’s authenticated state to null when deleted
/**
* UserController
*
* @description :: Server-side logic for managing users
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
var Emailaddresses = require('machinepack-emailaddresses');
var Passwords = require('machinepack-passwords');
var Gravatar = require('machinepack-gravatar');
module.exports = {
login: function (req, res) {
User.findOne({
or : [
{ email: req.param('email') },
{ username: req.param('username') }
]
}, function foundUser(err, createdUser) {
if (err) return res.negotiate(err);
if (!createdUser) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: createdUser.encryptedPassword
}).exec({
error: function (err){
return res.negotiate(err);
},
incorrect: function (){
return res.notFound();
},
success: function (){
if (createdUser.deleted) {
return res.forbidden("'Your our account has been deleted. Please visit http://brushfire.io/restore to restore your account.'");
}
if (createdUser.banned) {
return res.forbidden("'Your our account has been banned, most likely for adding dog videos in violation of the Terms of Service. Please contact Chad or his mother.'");
}
// Login user
req.session.userId = createdUser.id;
// Respond with a 200 status
return res.ok();
}
});
});
},
logout: function (req, res) {
if (!req.session.userId) return res.redirect('/');
User.findOne(req.session.userId, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists.');
return res.redirect('/');
}
// Logout user
req.session.userId = null;
return res.redirect('/');
});
},
signup: function(req, res) {
if (_.isUndefined(req.param('email'))) {
return res.badRequest('An email address is required!');
}
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
if (_.isUndefined(req.param('username'))) {
return res.badRequest('A username is required!');
}
// username must be at least 6 characters
if (req.param('username').length < 6) {
return res.badRequest('Username must be at least 6 characters!');
}
// Username must contain only numbers and letters.
if (!_.isString(req.param('username')) || req.param('username').match(/[^a-z0-9]/i)) {
return res.badRequest('Invalid username: must consist of numbers and letters only.');
}
Emailaddresses.validate({
string: req.param('email'),
}).exec({
// An unexpected error occurred.
error: function(err) {
return res.serverError(err);
},
// The provided string is not an email address.
invalid: function() {
return res.badRequest('Doesn\'t look like an email address to me!');
},
// OK.
success: function() {
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
var options = {};
try {
options.gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
} catch (err) {
return res.serverError(err);
}
options.email = req.param('email');
options.username = splitUsername;
options.encryptedPassword = result;
options.deleted = false;
options.admin = false;
options.banned = false;
User.create(options).exec(function(err, createdUser) {
if (err) {
console.log('the error is: ', err.invalidAttributes);
if (err.invalidAttributes && err.invalidAttributes.email && err.invalidAttributes.email[0] && err.invalidAttributes.email[0].rule === 'unique') {
// return res.send(409, 'Email address is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
if (err.invalidAttributes && err.invalidAttributes.username && err.invalidAttributes.username[0] && err.invalidAttributes.username[0].rule === 'unique') {
// return res.send(409, 'Username is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
return res.negotiate(err);
}
return res.json(createdUser);
});
}
});
}
});
},
profile: function(req, res) {
// Try to look up user using the provided email address
User.findOne(req.param('id')).exec(function foundUser(err, user) {
// Handle error
if (err) return res.negotiate(err);
// Handle no user being found
if (!user) return res.notFound();
// Return the user
return res.json(user);
});
},
delete: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.destroy({
id: req.param('id')
}).exec(function(err, usersDestroyed) {
if (err) return res.negotiate(err);
if (usersDestroyed.length === 0) {
return res.notFound();
}
return res.ok();
});
},
removeProfile: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.update({
id: req.param('id')
}, {
deleted: true
}, function(err, removedUser) {
if (err) return res.negotiate(err);
if (removedUser.length === 0) {
return res.notFound();
}
// Log user out
req.session.userId = null;
return res.ok();
});
},
restoreProfile: function(req, res) {
User.findOne({
email: req.param('email')
}, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: user.encryptedPassword
}).exec({
error: function(err) {
return res.negotiate(err);
},
incorrect: function() {
return res.notFound();
},
success: function() {
User.update({
id: user.id
}, {
deleted: false
}).exec(function(err, updatedUser) {
return res.json(updatedUser);
});
}
});
});
},
restoreGravatarURL: function(req, res) {
try {
var restoredGravatarURL = gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
return res.json(restoredGravatarURL);
} catch (err) {
return res.serverError(err);
}
},
updateProfile: function(req, res) {
User.update({
id: req.param('id')
}, {
gravatarURL: req.param('gravatarURL')
}, function(err, updatedUser) {
if (err) return res.negotiate(err);
return res.json(updatedUser);
});
},
changePassword: function(req, res) {
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
User.update({
id: req.param('id')
}, {
encryptedPassword: result
}).exec(function(err, updatedUser) {
if (err) {
return res.negotiate(err);
}
return res.json(updatedUser);
});
}
});
},
adminUsers: function(req, res) {
User.find().exec(function(err, users){
if (err) return res.negotiate(err);
return res.json(users);
});
},
updateAdmin: function(req, res) {
User.update(req.param('id'), {
admin: req.param('admin')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateBanned: function(req, res) {
User.update(req.param('id'), {
banned: req.param('banned')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateDeleted: function(req, res) {
User.update(req.param('id'), {
deleted: req.param('deleted')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
}
};
Raw
009 - Listing 9.9 Changing the user’s authenticated state to their user id when restored
/**
* UserController
*
* @description :: Server-side logic for managing users
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
var Emailaddresses = require('machinepack-emailaddresses');
var Passwords = require('machinepack-passwords');
var Gravatar = require('machinepack-gravatar');
module.exports = {
login: function (req, res) {
User.findOne({
or : [
{ email: req.param('email') },
{ username: req.param('username') }
]
}, function foundUser(err, createdUser) {
if (err) return res.negotiate(err);
if (!createdUser) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: createdUser.encryptedPassword
}).exec({
error: function (err){
return res.negotiate(err);
},
incorrect: function (){
return res.notFound();
},
success: function (){
if (createdUser.deleted) {
return res.forbidden("'Your our account has been deleted. Please visit http://brushfire.io/restore to restore your account.'");
}
if (createdUser.banned) {
return res.forbidden("'Your our account has been banned, most likely for adding dog videos in violation of the Terms of Service. Please contact Chad or his mother.'");
}
// Login user
req.session.userId = createdUser.id;
// Respond with a 200 status
return res.ok();
}
});
});
},
logout: function (req, res) {
if (!req.session.userId) return res.redirect('/');
User.findOne(req.session.userId, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists.');
return res.redirect('/');
}
// Logout user
req.session.userId = null;
return res.redirect('/');
});
},
signup: function(req, res) {
if (_.isUndefined(req.param('email'))) {
return res.badRequest('An email address is required!');
}
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
if (_.isUndefined(req.param('username'))) {
return res.badRequest('A username is required!');
}
// username must be at least 6 characters
if (req.param('username').length < 6) {
return res.badRequest('Username must be at least 6 characters!');
}
// Username must contain only numbers and letters.
if (!_.isString(req.param('username')) || req.param('username').match(/[^a-z0-9]/i)) {
return res.badRequest('Invalid username: must consist of numbers and letters only.');
}
Emailaddresses.validate({
string: req.param('email'),
}).exec({
// An unexpected error occurred.
error: function(err) {
return res.serverError(err);
},
// The provided string is not an email address.
invalid: function() {
return res.badRequest('Doesn\'t look like an email address to me!');
},
// OK.
success: function() {
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
var options = {};
try {
options.gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
} catch (err) {
return res.serverError(err);
}
options.email = req.param('email');
options.username = splitUsername;
options.encryptedPassword = result;
options.deleted = false;
options.admin = false;
options.banned = false;
User.create(options).exec(function(err, createdUser) {
if (err) {
console.log('the error is: ', err.invalidAttributes);
if (err.invalidAttributes && err.invalidAttributes.email && err.invalidAttributes.email[0] && err.invalidAttributes.email[0].rule === 'unique') {
// return res.send(409, 'Email address is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
if (err.invalidAttributes && err.invalidAttributes.username && err.invalidAttributes.username[0] && err.invalidAttributes.username[0].rule === 'unique') {
// return res.send(409, 'Username is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
return res.negotiate(err);
}
return res.json(createdUser);
});
}
});
}
});
},
profile: function(req, res) {
// Try to look up user using the provided email address
User.findOne(req.param('id')).exec(function foundUser(err, user) {
// Handle error
if (err) return res.negotiate(err);
// Handle no user being found
if (!user) return res.notFound();
// Return the user
return res.json(user);
});
},
delete: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.destroy({
id: req.param('id')
}).exec(function(err, usersDestroyed) {
if (err) return res.negotiate(err);
if (usersDestroyed.length === 0) {
return res.notFound();
}
return res.ok();
});
},
removeProfile: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.update({
id: req.param('id')
}, {
deleted: true
}, function(err, removedUser) {
if (err) return res.negotiate(err);
if (removedUser.length === 0) {
return res.notFound();
}
// Log user out
req.session.userId = null;
return res.ok();
});
},
restoreProfile: function(req, res) {
User.findOne({
email: req.param('email')
}, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: user.encryptedPassword
}).exec({
error: function(err) {
return res.negotiate(err);
},
incorrect: function() {
return res.notFound();
},
success: function() {
User.update({
id: user.id
}, {
deleted: false
}).exec(function(err, updatedUser) {
// Log the user in
req.session.userId = user.id;
return res.json(updatedUser);
});
}
});
});
},
restoreGravatarURL: function(req, res) {
try {
var restoredGravatarURL = gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
return res.json(restoredGravatarURL);
} catch (err) {
return res.serverError(err);
}
},
updateProfile: function(req, res) {
User.update({
id: req.param('id')
}, {
gravatarURL: req.param('gravatarURL')
}, function(err, updatedUser) {
if (err) return res.negotiate(err);
return res.json(updatedUser);
});
},
changePassword: function(req, res) {
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
User.update({
id: req.param('id')
}, {
encryptedPassword: result
}).exec(function(err, updatedUser) {
if (err) {
return res.negotiate(err);
}
return res.json(updatedUser);
});
}
});
},
adminUsers: function(req, res) {
User.find().exec(function(err, users){
if (err) return res.negotiate(err);
return res.json(users);
});
},
updateAdmin: function(req, res) {
User.update(req.param('id'), {
admin: req.param('admin')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateBanned: function(req, res) {
User.update(req.param('id'), {
banned: req.param('banned')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateDeleted: function(req, res) {
User.update(req.param('id'), {
deleted: req.param('deleted')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
}
};
Raw
010 - Listing 9.10 Adding req.session.userId to the signup action
/**
* UserController
*
* @description :: Server-side logic for managing users
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
var Emailaddresses = require('machinepack-emailaddresses');
var Passwords = require('machinepack-passwords');
var Gravatar = require('machinepack-gravatar');
module.exports = {
login: function (req, res) {
User.findOne({
or : [
{ email: req.param('email') },
{ username: req.param('username') }
]
}, function foundUser(err, createdUser) {
if (err) return res.negotiate(err);
if (!createdUser) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: createdUser.encryptedPassword
}).exec({
error: function (err){
return res.negotiate(err);
},
incorrect: function (){
return res.notFound();
},
success: function (){
if (createdUser.deleted) {
return res.forbidden("'Your our account has been deleted. Please visit http://brushfire.io/restore to restore your account.'");
}
if (createdUser.banned) {
return res.forbidden("'Your our account has been banned, most likely for adding dog videos in violation of the Terms of Service. Please contact Chad or his mother.'");
}
// Login user
req.session.userId = createdUser.id;
// Respond with a 200 status
return res.ok();
}
});
});
},
logout: function (req, res) {
if (!req.session.userId) return res.redirect('/');
User.findOne(req.session.userId, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists.');
return res.redirect('/');
}
// Logout user
req.session.userId = null;
return res.redirect('/');
});
},
signup: function(req, res) {
if (_.isUndefined(req.param('email'))) {
return res.badRequest('An email address is required!');
}
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
if (_.isUndefined(req.param('username'))) {
return res.badRequest('A username is required!');
}
// username must be at least 6 characters
if (req.param('username').length < 6) {
return res.badRequest('Username must be at least 6 characters!');
}
// Username must contain only numbers and letters.
if (!_.isString(req.param('username')) || req.param('username').match(/[^a-z0-9]/i)) {
return res.badRequest('Invalid username: must consist of numbers and letters only.');
}
Emailaddresses.validate({
string: req.param('email'),
}).exec({
// An unexpected error occurred.
error: function(err) {
return res.serverError(err);
},
// The provided string is not an email address.
invalid: function() {
return res.badRequest('Doesn\'t look like an email address to me!');
},
// OK.
success: function() {
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
var options = {};
try {
options.gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
} catch (err) {
return res.serverError(err);
}
options.email = req.param('email');
options.username = splitUsername;
options.encryptedPassword = result;
options.deleted = false;
options.admin = false;
options.banned = false;
User.create(options).exec(function(err, createdUser) {
if (err) {
console.log('the error is: ', err.invalidAttributes);
if (err.invalidAttributes && err.invalidAttributes.email && err.invalidAttributes.email[0] && err.invalidAttributes.email[0].rule === 'unique') {
// return res.send(409, 'Email address is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
if (err.invalidAttributes && err.invalidAttributes.username && err.invalidAttributes.username[0] && err.invalidAttributes.username[0].rule === 'unique') {
// return res.send(409, 'Username is already taken by another user, please try again.');
return res.alreadyInUse(err);
}
return res.negotiate(err);
}
// Log the user in
req.session.userId = createdUser.id;
return res.json(createdUser);
});
}
});
}
});
},
profile: function(req, res) {
// Try to look up user using the provided email address
User.findOne(req.param('id')).exec(function foundUser(err, user) {
// Handle error
if (err) return res.negotiate(err);
// Handle no user being found
if (!user) return res.notFound();
// Return the user
return res.json(user);
});
},
delete: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.destroy({
id: req.param('id')
}).exec(function(err, usersDestroyed) {
if (err) return res.negotiate(err);
if (usersDestroyed.length === 0) {
return res.notFound();
}
return res.ok();
});
},
removeProfile: function(req, res) {
if (!req.param('id')) {
return res.badRequest('id is a required parameter.');
}
User.update({
id: req.param('id')
}, {
deleted: true
}, function(err, removedUser) {
if (err) return res.negotiate(err);
if (removedUser.length === 0) {
return res.notFound();
}
// Log user out
req.session.userId = null;
return res.ok();
});
},
restoreProfile: function(req, res) {
User.findOne({
email: req.param('email')
}, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.param('password'),
encryptedPassword: user.encryptedPassword
}).exec({
error: function(err) {
return res.negotiate(err);
},
incorrect: function() {
return res.notFound();
},
success: function() {
User.update({
id: user.id
}, {
deleted: false
}).exec(function(err, updatedUser) {
// Log the user in
req.session.userId = user.id;
return res.json(updatedUser);
});
}
});
});
},
restoreGravatarURL: function(req, res) {
try {
var restoredGravatarURL = gravatarURL = Gravatar.getImageUrl({
emailAddress: req.param('email')
}).execSync();
return res.json(restoredGravatarURL);
} catch (err) {
return res.serverError(err);
}
},
updateProfile: function(req, res) {
User.update({
id: req.param('id')
}, {
gravatarURL: req.param('gravatarURL')
}, function(err, updatedUser) {
if (err) return res.negotiate(err);
return res.json(updatedUser);
});
},
changePassword: function(req, res) {
if (_.isUndefined(req.param('password'))) {
return res.badRequest('A password is required!');
}
if (req.param('password').length < 6) {
return res.badRequest('Password must be at least 6 characters!');
}
Passwords.encryptPassword({
password: req.param('password'),
}).exec({
error: function(err) {
return res.serverError(err);
},
success: function(result) {
User.update({
id: req.param('id')
}, {
encryptedPassword: result
}).exec(function(err, updatedUser) {
if (err) {
return res.negotiate(err);
}
return res.json(updatedUser);
});
}
});
},
adminUsers: function(req, res) {
User.find().exec(function(err, users){
if (err) return res.negotiate(err);
return res.json(users);
});
},
updateAdmin: function(req, res) {
User.update(req.param('id'), {
admin: req.param('admin')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateBanned: function(req, res) {
User.update(req.param('id'), {
banned: req.param('banned')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
},
updateDeleted: function(req, res) {
User.update(req.param('id'), {
deleted: req.param('deleted')
}).exec(function(err, update){
if (err) return res.negotiate(err);
return res.ok();
});
}
};
Raw
011 - Listing 9.11 Altering the root route to trigger the showHomePage action
module.exports.routes = {
/*************************************************************
* JSON API *
*************************************************************/
'PUT /login': 'UserController.login',
'GET /logout': 'UserController.logout',
/*************************************************************
* Server-rendered HTML Pages *
*************************************************************/
'GET /': 'PageController.showHomePage',
'GET /videos': {
view: 'videos',
locals: {
me: null
}
},
'GET /profile': {
view: 'profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /edit-profile': {
view: 'edit-profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /signup': {
view: 'signup',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /restore-profile': {
view: 'restore-profile',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /administration': {
view: 'adminUsers',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
}
}
}
};
Raw
012 - Listing 9.12 Creating a showHomePage action
/**
* PageController
*
* @description :: Server-side logic for managing pages
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
module.exports = {
showHomePage: function (req, res) {
console.log('req.session.userId: ', req.session.userId);
if (!req.session.userId) {
return res.view('homepage', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage', {
me: null
});
}
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
}
};
Raw
013 - Listing 9.13 Redirecting to the videos page after successfully logging in
angular.module('brushfire').controller('navPageController', ['$location', '$scope', '$http', 'toastr', function($location, $scope, $http, toastr) {
//Set-up loading state
$scope.loginForm = {};
$scope.me = window.SAILS_LOCALS.me;
$scope.submitLoginForm = function() {
// Set the loading state (i.e. show loading spinner)
$scope.loginForm.loading = true;
// Submit request to Sails.
$http.put('/login', {
email: $scope.loginForm.login,
username: $scope.loginForm.login,
password: $scope.loginForm.password
})
.then(function onSuccess() {
// Redierct the page now that we've been logged in.
window.location = '/videos';
// window.location = '/';
// toastr.success('We have a match!', 'Success', {closeButton: true});
})
.catch(function onError(sailsResponse) {
// Handle known error type(s).
// Deleted account
if (sailsResponse.status == 403) {
toastr.error(sailsResponse.data, 'Error', {
closeButton: true
});
return;
}
// Invalid username / password combination.
if (sailsResponse.status === 400 || 404) {
// $scope.loginForm.topLevelErrorMessage = 'Invalid email/password combination.';
//
toastr.error('Invalid email or username/password combination.', 'Error', {
closeButton: true
});
return;
}
toastr.error('An unexpected error occurred, please try again.', 'Error', {
closeButton: true
});
return;
})
.finally(function eitherWay() {
$scope.loginForm.loading = false;
});
};
}]);
Raw
014 - Listing 9.14 Adding the videos route.
module.exports.routes = {
/*************************************************************
* JSON API *
*************************************************************/
'PUT /login': 'UserController.login',
'GET /logout': 'UserController.logout',
/*************************************************************
* Server-rendered HTML Pages *
*************************************************************/
'GET /': 'PageController.showHomePage',
'GET /videos': 'PageController.showVideosPage',
'GET /edit-profile': {
view: 'edit-profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /signup': {
view: 'signup',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /restore-profile': {
view: 'restore-profile',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /administration': {
view: 'adminUsers',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
}
}
}
};
Raw
015 - Listing 9.15 Creating a showVideosPage Action
/**
* PageController
*
* @description :: Server-side logic for managing pages
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
module.exports = {
showHomePage: function (req, res) {
if (!req.session.userId) {
return res.view('homepage', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage', {
me: null
});
}
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showVideosPage: function (req, res) {
if (!req.session.userId) {
return res.view('videos', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('videos', {
me: null
});
}
return res.view('videos', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
}
};
Raw
016 - Listing 9.16 Making the test user account an administrator
/**
* Bootstrap
* (sails.config.bootstrap)
*
* An asynchronous bootstrap function that runs before your Sails app gets lifted.
* This gives you an opportunity to set up your data model, run jobs, or perform some special logic.
*
* For more information on bootstrapping your app, check out:
* http://sailsjs.org/#!/documentation/reference/sails.config/sails.config.bootstrap.html
*/
module.exports.bootstrap = function(cb) {
// Return the number of records in the video model
Video.count().exec(function(err, numVideos) {
if (err) {
return cb(err);
}
// If there's at least one log the number to the console.
if (numVideos > 0) {
// return cb();
return createTestUsers();
}
// Add machinepack-youtube as a depedency
var Youtube = require('machinepack-youtube');
// List Youtube videos which match the specified search query.
Youtube.searchVideos({
query: 'grumpy cat',
apiKey: sails.config.google.apiKey,
limit: 15,
}).exec({
// An unexpected error occurred.
error: function(err) {
console.log('the error', err);
},
// OK.
success: function(foundVideos) {
_.each(foundVideos, function(video) {
video.src = 'https://www.youtube.com/embed/' + video.id;
delete video.description;
delete video.publishedAt;
delete video.id;
delete video.url;
});
Video.create(foundVideos).exec(function(err, videoRecordsCreated) {
if (err) {
return cb(err);
}
// return cb();
return createTestUsers();
});
},
});
});
function createTestUsers() {
var Passwords = require('machinepack-passwords');
var Gravatar = require('machinepack-gravatar');
User.findOne({
email: 'sailsinaction@gmail.com'
}).exec(function(err, foundUser) {
if (foundUser){
return cb();
}
Passwords.encryptPassword({
password: 'abc123',
}).exec({
error: function(err) {
return cb(err);
},
success: function(result) {
var options = {};
try {
options.gravatarURL = Gravatar.getImageUrl({
emailAddress: 'sailsinaction@gmail.com'
}).execSync();
} catch (err) {
return cb(err);
}
options.email = 'sailsinaction@gmail.com';
options.encryptedPassword = result;
options.username = 'sailsinaction';
options.deleted = false;
options.admin = true;
options.banned = false;
User.create(options).exec(function(err, createdUser) {
if (err) {
return cb(err);
}
return cb();
});
}
});
});
}
};
Raw
017 - Listing 9.17 Altering the route to trigger an administration page route.
module.exports.routes = {
/*************************************************************
* JSON API *
*************************************************************/
'PUT /login': 'UserController.login',
'GET /logout': 'UserController.logout',
/*************************************************************
* Server-rendered HTML Pages *
*************************************************************/
'GET /': 'PageController.showHomePage',
'GET /videos': 'PageController.showVideosPage',
'GET /administration': 'PageController.showAdminPage',
'GET /edit-profile': {
view: 'edit-profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /signup': {
view: 'signup',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /restore-profile': {
view: 'restore-profile',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
}
};
Raw
018 - Listing 9.18 Creating a showAdminPage Action
/**
* PageController
*
* @description :: Server-side logic for managing pages
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
module.exports = {
showHomePage: function (req, res) {
if (!req.session.userId) {
return res.view('homepage', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage', {
me: null
});
}
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showVideosPage: function (req, res) {
if (!req.session.userId) {
return res.view('videos', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('videos', {
me: null
});
}
return res.view('videos', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showAdminPage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
if (user.admin) {
return res.view('adminUsers', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
} else {
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
}
});
},
};
Raw
019 - Listing 9.19 Adding the profile custom route
module.exports.routes = {
/*************************************************************
* JSON API *
*************************************************************/
'PUT /login': 'UserController.login',
'GET /logout': 'UserController.logout',
/*************************************************************
* Server-rendered HTML Pages *
*************************************************************/
'GET /': 'PageController.showHomePage',
'GET /videos': 'PageController.showVideosPage',
'GET /administration': 'PageController.showAdminPage',
'GET /profile': 'PageController.showProfilePage',
'GET /edit-profile': {
view: 'edit-profile',
locals: {
me: {
id: 1,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com',
username: 'sails-in-action'
}
}
},
'GET /signup': {
view: 'signup',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /restore-profile': {
view: 'restore-profile',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
}
};
Raw
020 - Listing 9.20 Creating a showProfilePage Action
/**
* PageController
*
* @description :: Server-side logic for managing pages
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
module.exports = {
showHomePage: function (req, res) {
if (!req.session.userId) {
return res.view('homepage', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage', {
me: null
});
}
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showVideosPage: function (req, res) {
if (!req.session.userId) {
return res.view('videos', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('videos', {
me: null
});
}
return res.view('videos', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showAdminPage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
if (user.admin) {
return res.view('adminUsers', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
} else {
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
}
});
},
showProfilePage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
console.log('error: ', error);
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
return res.view('profile', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
};
Raw
021 - Listing 9.21 Altering the edit-profile route to trigger the showEditProfilePage action
module.exports.routes = {
/*************************************************************
* JSON API *
*************************************************************/
'PUT /login': 'UserController.login',
'GET /logout': 'UserController.logout',
/*************************************************************
* Server-rendered HTML Pages *
*************************************************************/
'GET /': 'PageController.showHomePage',
'GET /videos': 'PageController.showVideosPage',
'GET /administration': 'PageController.showAdminPage',
'GET /profile': 'PageController.showProfilePage',
'GET /edit-profile': 'PageController.showEditProfilePage',
'GET /signup': {
view: 'signup',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
'GET /restore-profile': {
view: 'restore-profile',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
}
};
Raw
022 - Listing 9.22 Creating a showEditProfilePage Action
/**
* PageController
*
* @description :: Server-side logic for managing pages
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
module.exports = {
showHomePage: function (req, res) {
if (!req.session.userId) {
return res.view('homepage', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage', {
me: null
});
}
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showVideosPage: function (req, res) {
if (!req.session.userId) {
return res.view('videos', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('videos', {
me: null
});
}
return res.view('videos', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showAdminPage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
if (user.admin) {
return res.view('adminUsers', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
} else {
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
}
});
},
showProfilePage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
console.log('error: ', error);
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
return res.view('profile', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showEditProfilePage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
console.log('error: ', error);
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
return res.view('edit-profile', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
};
Raw
023 - Listing 9.23 Altering the restore-profile route to trigger the showRestorePage action
module.exports.routes = {
/*************************************************************
* JSON API *
*************************************************************/
'PUT /login': 'UserController.login',
'GET /logout': 'UserController.logout',
/*************************************************************
* Server-rendered HTML Pages *
*************************************************************/
'GET /': 'PageController.showHomePage',
'GET /videos': 'PageController.showVideosPage',
'GET /administration': 'PageController.showAdminPage',
'GET /profile': 'PageController.showProfilePage',
'GET /edit-profile': 'PageController.showEditProfilePage',
'GET /restore-profile': 'PageController.showRestorePage',
'GET /signup': {
view: 'signup',
locals: {
me: {
id: null,
gravatarURL: 'http://www.gravatar.com/avatar/ef3eac6c71fdf24b13db12d8ff8d1264?',
email: 'sailsinaction@gmail.com'
}
}
},
};
Raw
024 - Listing 9.24 Creating a showRestorePage action
/**
* PageController
*
* @description :: Server-side logic for managing pages
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
module.exports = {
showHomePage: function (req, res) {
if (!req.session.userId) {
return res.view('homepage', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage', {
me: null
});
}
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showVideosPage: function (req, res) {
if (!req.session.userId) {
return res.view('videos', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('videos', {
me: null
});
}
return res.view('videos', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showAdminPage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
if (user.admin) {
return res.view('adminUsers', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
} else {
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
}
});
},
showProfilePage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
console.log('error: ', error);
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
return res.view('profile', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showEditProfilePage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
console.log('error: ', error);
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
return res.view('edit-profile', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showRestorePage: function (req, res) {
if (req.session.userId) {
return res.redirect('/');
}
return res.view('restore-profile', {
me: null
});
},
};
Raw
025 - Listing 9.25 Altering the signup route to trigger the showSignupPage action
module.exports.routes = {
/*************************************************************
* JSON API *
*************************************************************/
'PUT /login': 'UserController.login',
'GET /logout': 'UserController.logout',
/*************************************************************
* Server-rendered HTML Pages *
*************************************************************/
'GET /': 'PageController.showHomePage',
'GET /videos': 'PageController.showVideosPage',
'GET /administration': 'PageController.showAdminPage',
'GET /profile': 'PageController.showProfilePage',
'GET /edit-profile': 'PageController.showEditProfilePage',
'GET /restore-profile': 'PageController.showRestorePage',
'GET /signup': 'PageController.showSignupPage',
};
Raw
026 - Listing 9.26 Creating a showSingupPage action
/**
* PageController
*
* @description :: Server-side logic for managing pages
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
module.exports = {
showHomePage: function (req, res) {
if (!req.session.userId) {
return res.view('homepage', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage', {
me: null
});
}
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showVideosPage: function (req, res) {
if (!req.session.userId) {
return res.view('videos', {
me: null
});
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('videos', {
me: null
});
}
return res.view('videos', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showAdminPage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
if (user.admin) {
return res.view('adminUsers', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
} else {
return res.view('homepage', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
}
});
},
showProfilePage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
console.log('error: ', error);
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
return res.view('profile', {
me: {
id: user.id,
email: user.email,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showEditProfilePage: function (req, res) {
if (!req.session.userId) {
return res.redirect('/');
}
User.findOne(req.session.userId, function (err, user){
if (err) {
console.log('error: ', error);
return res.negotiate(err);
}
if (!user) {
sails.log.verbose('Session refers to a user who no longer exists- did you delete a user, then try to refresh the page with an open tab logged-in as that user?');
return res.view('homepage');
}
return res.view('edit-profile', {
me: {
id: user.id,
email: user.email,
username: user.username,
gravatarURL: user.gravatarURL,
admin: user.admin
}
});
});
},
showRestorePage: function (req, res) {
if (req.session.userId) {
return res.redirect('/');
}
return res.view('restore-profile', {
me: null
});
},
showSignupPage: function (req, res) {
if (req.session.userId) {
return res.redirect('/');
}
return res.view('signup', {
me: null
});
},
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment