Last active
October 14, 2016 20:50
-
-
Save madhums/bab8ba69c9176b98580c39d5183c99c7 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //- app/views/forgot-password.jade | |
| extends ../layouts/default | |
| block heading | |
| h2.center= title | |
| block content | |
| br | |
| form.form-horizontal.col-md-5.col-md-offset-4(action="/users/forgot-password", method="post", role="form") | |
| p A password reset link will be sent to your email | |
| input(type="hidden", name="_csrf", value="#{csrf_token}") | |
| input.form-control#email(type="email", placeholder="Enter your email here", name="email", required, autofocus) | |
| span.help-block.error= error | |
| button.btn.btn-success(type="submit") Submit |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //- app/views/reset-password.jade | |
| extends ../layouts/default | |
| block heading | |
| h2.center= title | |
| block content | |
| br | |
| form.form-horizontal.col-md-5.col-md-offset-4(action="/users/reset-password", method="post", role="form") | |
| p.error #{error} | |
| input(type="hidden", name="_csrf", value="#{csrf_token}") | |
| input.form-control(type="password", id="pass", placeholder="Enter your new password", name="password", required, autofocus) | |
| br | |
| button.btn.btn-success(type="submit") Reset and Log in |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // config/routes.js | |
| const users = require('../app/controllers/users'); | |
| // forgot password and reset password | |
| app.get('/users/forgot-password', users.forgotPassword) | |
| app.post('/users/forgot-password', users.forgotPassword) | |
| app.param('authToken', users.loadByAuthToken) | |
| app.get('/users/reset-password/:authToken', users.resetPassword) | |
| app.post('/users/reset-password', users.resetPassword) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // app/models/user.js | |
| UserSchema.methods({ | |
| /** | |
| * Password reset | |
| * | |
| * @param {Function} cb | |
| * @api private | |
| */ | |
| resetPassword: function* () { | |
| this.resetToken('authToken') | |
| yield this.save() | |
| }, | |
| /** | |
| * Reset auth token | |
| * | |
| * @param {String} token | |
| * @param {Function} cb | |
| * @api private | |
| */ | |
| resetToken: function (token, cb) { | |
| this[token] = crypto.randomBytes(256) | |
| } | |
| }) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // app/controllers/users.js | |
| const mongoose = require('mongoose') | |
| const User = mongoose.model('User') | |
| /** | |
| * Load user by auth token | |
| */ | |
| exports.loadByAuthToken = function* (req, res, next, authToken) { | |
| const options = { | |
| criteria: { authToken: authToken } | |
| } | |
| const user = yield User.load(options) | |
| if (!user) return res.redirect('/') | |
| req.session.user = user | |
| next() | |
| } | |
| /** | |
| * Forgot password | |
| */ | |
| exports.forgotPassword = function* (req, res) { | |
| if (req.isAuthenticated()) return res.redirect('/') | |
| if (req.method !== 'POST') { | |
| return res.render('users/forgot-password', { | |
| title: 'Forgot password', | |
| error: '' | |
| }) | |
| } | |
| const email = req.body.email.trim() | |
| if (!email) { | |
| return res.render('users/forgot-password', { | |
| title: 'Forgot password', | |
| error: 'Please provide a proper email id' | |
| }) | |
| } | |
| const user = yield User.findOne({ email }) | |
| if (!user) { | |
| return res.render('users/forgot-password', { | |
| title: 'Forgot password', | |
| error: 'Sorry, your email doesn\'t exist. Please sign up' | |
| }) | |
| } | |
| try { | |
| yield user.resetPassword() | |
| req.flash('info', 'Check your email for a password reset link') | |
| } catch (err) { | |
| if (!user.joined) { | |
| req.flash('info', 'It looks like you haven\'t accepted your invitation') | |
| } | |
| } | |
| res.redirect('/') | |
| } | |
| /** | |
| * Reset password | |
| */ | |
| exports.resetPassword = function* (req, res) { | |
| if (req.method !== 'POST') { | |
| req.logout() | |
| res.render('users/reset-password', { | |
| title: 'Reset password', | |
| error: '' | |
| }) | |
| return | |
| } | |
| const options = { | |
| criteria: { _id: req.session.user._id } | |
| } | |
| const user = yield User.load(options) | |
| if (!user) { | |
| // handle it properly | |
| return res.redirect('/') | |
| } | |
| user.password = req.body.password | |
| user.resetToken('authToken') | |
| yield user.save() | |
| req.logIn(user) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment