add error for unactivated account login/forgot password
This commit is contained in:
parent
c45d248c3c
commit
82d60c5a42
@ -193,135 +193,6 @@ exports.signout = function(req, res) {
|
||||
return res.status(200).send('You have successfully logged out.');
|
||||
};
|
||||
|
||||
/**
|
||||
* OAuth callback
|
||||
*/
|
||||
exports.oauthCallback = function(strategy) {
|
||||
return function(req, res, next) {
|
||||
passport.authenticate(strategy, function(err, user, redirectURL) {
|
||||
if (err || !user) {
|
||||
return res.redirect('/#!/signin');
|
||||
}
|
||||
req.login(user, function(err) {
|
||||
if (err) {
|
||||
return res.redirect('/#!/signin');
|
||||
}
|
||||
|
||||
return res.redirect(redirectURL || '/');
|
||||
});
|
||||
})(req, res, next);
|
||||
};
|
||||
};
|
||||
|
||||
/**
|
||||
* Helper function to save or update a OAuth user profile
|
||||
*/
|
||||
exports.saveOAuthUserProfile = function(req, providerUserProfile, done) {
|
||||
if (!req.user) {
|
||||
// Define a search query fields
|
||||
var searchMainProviderIdentifierField = 'providerData.' + providerUserProfile.providerIdentifierField;
|
||||
var searchAdditionalProviderIdentifierField = 'additionalProvidersData.' + providerUserProfile.provider + '.' + providerUserProfile.providerIdentifierField;
|
||||
|
||||
// Define main provider search query
|
||||
var mainProviderSearchQuery = {};
|
||||
mainProviderSearchQuery.provider = providerUserProfile.provider;
|
||||
mainProviderSearchQuery[searchMainProviderIdentifierField] = providerUserProfile.providerData[providerUserProfile.providerIdentifierField];
|
||||
|
||||
// Define additional provider search query
|
||||
var additionalProviderSearchQuery = {};
|
||||
additionalProviderSearchQuery[searchAdditionalProviderIdentifierField] = providerUserProfile.providerData[providerUserProfile.providerIdentifierField];
|
||||
|
||||
// Define a search query to find existing user with current provider profile
|
||||
var searchQuery = {
|
||||
$or: [mainProviderSearchQuery, additionalProviderSearchQuery]
|
||||
};
|
||||
|
||||
User.findOne(searchQuery, function(err, user) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
} else {
|
||||
if (!user) {
|
||||
var possibleUsername = providerUserProfile.username || ((providerUserProfile.email) ? providerUserProfile.email.split('@')[0] : '');
|
||||
|
||||
User.findUniqueUsername(possibleUsername, null, function(availableUsername) {
|
||||
var newUser = new User({
|
||||
firstName: providerUserProfile.firstName,
|
||||
lastName: providerUserProfile.lastName,
|
||||
username: availableUsername,
|
||||
displayName: providerUserProfile.displayName,
|
||||
email: providerUserProfile.email,
|
||||
provider: providerUserProfile.provider,
|
||||
providerData: providerUserProfile.providerData
|
||||
});
|
||||
|
||||
// And save the user
|
||||
newUser.save(function(userSaveErr) {
|
||||
return done(userSaveErr, user);
|
||||
});
|
||||
});
|
||||
}
|
||||
return done(err, user);
|
||||
}
|
||||
});
|
||||
} else {
|
||||
// User is already logged in, join the provider data to the existing user
|
||||
var user = req.user;
|
||||
|
||||
// Check if user exists, is not signed in using this provider, and doesn't have that provider data already configured
|
||||
if (user.provider !== providerUserProfile.provider && (!user.additionalProvidersData || !user.additionalProvidersData[providerUserProfile.provider])) {
|
||||
// Add the provider data to the additional provider data field
|
||||
if (!user.additionalProvidersData) {
|
||||
user.additionalProvidersData = {};
|
||||
}
|
||||
user.additionalProvidersData[providerUserProfile.provider] = providerUserProfile.providerData;
|
||||
|
||||
// Then tell mongoose that we've updated the additionalProvidersData field
|
||||
user.markModified('additionalProvidersData');
|
||||
|
||||
// And save the user
|
||||
user.save(function(err) {
|
||||
return done(err, user, '/#!/settings/accounts');
|
||||
});
|
||||
} else {
|
||||
return done(new Error('User is already connected using this provider'), user);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
/**
|
||||
* Remove OAuth provider
|
||||
*/
|
||||
exports.removeOAuthProvider = function(req, res, next) {
|
||||
var user = req.user;
|
||||
var provider = req.param('provider');
|
||||
|
||||
if (user && provider) {
|
||||
// Delete the additional provider
|
||||
if (user.additionalProvidersData[provider]) {
|
||||
delete user.additionalProvidersData[provider];
|
||||
|
||||
// Then tell mongoose that we've updated the additionalProvidersData field
|
||||
user.markModified('additionalProvidersData');
|
||||
}
|
||||
|
||||
user.save(function(err) {
|
||||
if (err) {
|
||||
return res.status(400).send({
|
||||
message: errorHandler.getErrorMessage(err)
|
||||
});
|
||||
} else {
|
||||
req.login(user, function(err) {
|
||||
if (err) {
|
||||
res.status(400).send(err);
|
||||
} else {
|
||||
res.json(user);
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
};
|
||||
|
||||
/* Generate API Key for User */
|
||||
exports.generateAPIKey = function(req, res) {
|
||||
if (!req.isAuthenticated()){
|
||||
|
@ -42,12 +42,27 @@ exports.forgot = function(req, res) {
|
||||
});
|
||||
}
|
||||
if (!user) {
|
||||
return res.status(400).send({
|
||||
message: 'No account with that username or email has been found'
|
||||
});
|
||||
} else if (user.provider !== 'local') {
|
||||
return res.status(400).send({
|
||||
message: 'It seems like you signed up using your ' + user.provider + ' account'
|
||||
var tempUserModel = mongoose.model(config.tempUserCollection);
|
||||
tempUserModel.findOne({
|
||||
$or: [
|
||||
{'username': req.body.username},
|
||||
{'email': req.body.username}
|
||||
]
|
||||
}).lean().exec(function(err, user) {
|
||||
if(err){
|
||||
return res.status(500).send({
|
||||
message: err.message
|
||||
});
|
||||
}
|
||||
if(!user){
|
||||
return res.status(400).send({
|
||||
message: 'No account with that username or email has been found'
|
||||
});
|
||||
}
|
||||
|
||||
return res.status(400).send({
|
||||
message: 'The account associated with this email has not been activated yet'
|
||||
});
|
||||
});
|
||||
} else {
|
||||
user.resetPasswordToken = token;
|
||||
|
@ -14,7 +14,6 @@ module.exports = function(app) {
|
||||
// Setting up the users profile api
|
||||
app.route('/users/me').get(auth.isAuthenticatedOrApiKey, users.getUser);
|
||||
app.route('/users').put(auth.isAuthenticatedOrApiKey, users.update);
|
||||
app.route('/users/accounts').delete(users.requiresLogin, users.removeOAuthProvider);
|
||||
|
||||
// Setting up the users account verification api
|
||||
app.route('/auth/verify/:token').get(users.validateVerificationToken);
|
||||
|
@ -1,22 +1,4 @@
|
||||
<section class="auth signup-view success" data-ng-controller="AuthenticationController">
|
||||
<!-- <h3 class="col-md-12 text-center">Sign up using your social accounts</h3>
|
||||
<div class="col-md-12 text-center">
|
||||
<a href="/auth/facebook" class="undecorated-link">
|
||||
<img src="/modules/users/img/buttons/facebook.png">
|
||||
</a>
|
||||
<a href="/auth/twitter" class="undecorated-link">
|
||||
<img src="/modules/users/img/buttons/twitter.png">
|
||||
</a>
|
||||
<a href="/auth/google" class="undecorated-link">
|
||||
<img src="/modules/users/img/buttons/google.png">
|
||||
</a>
|
||||
<a href="/auth/linkedin" class="undecorated-link">
|
||||
<img src="/modules/users/img/buttons/linkedin.png">
|
||||
</a>
|
||||
<a href="/auth/github" class="undecorated-link">
|
||||
<img src="/modules/users/img/buttons/github.png">
|
||||
</a>
|
||||
</div> -->
|
||||
<h3 class="col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6 text-center">{{ 'SUCCESS_HEADER' | translate }}</h3>
|
||||
<div class="col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6">
|
||||
<h2>
|
||||
|
@ -1,24 +1,4 @@
|
||||
<section class="auth signup-view valign-wrapper" data-ng-controller="AuthenticationController">
|
||||
<!-- <h3 class="col-md-12 text-center">Sign up using your social accounts</h3>
|
||||
<div class="col-md-12 text-center">
|
||||
<a href="/auth/facebook" class="undecorated-link">
|
||||
<img src="/modules/users/img/buttons/facebook.png">
|
||||
</a>
|
||||
<a href="/auth/twitter" class="undecorated-link">
|
||||
<img src="/modules/users/img/buttons/twitter.png">
|
||||
</a>
|
||||
<a href="/auth/google" class="undecorated-link">
|
||||
<img src="/modules/users/img/buttons/google.png">
|
||||
</a>
|
||||
<a href="/auth/linkedin" class="undecorated-link">
|
||||
<img src="/modules/users/img/buttons/linkedin.png">
|
||||
</a>
|
||||
<a href="/auth/github" class="undecorated-link">
|
||||
<img src="/modules/users/img/buttons/github.png">
|
||||
</a>
|
||||
</div> -->
|
||||
<!--<h3 class="col-md-12 text-center">{{ 'SIGNUP_HEADER_TEXT' | translate }}</h3>-->
|
||||
|
||||
<div class="row valign">
|
||||
<div class="col-md-12 text-center vcenter" style="padding-bottom: 50px;">
|
||||
<img src="/static/modules/core/img/logo_white.svg" height="100px">
|
||||
|
@ -7,18 +7,18 @@
|
||||
<div class="col-md-12">
|
||||
<form data-ng-submit="askForPasswordReset()" autocomplete="off">
|
||||
<fieldset>
|
||||
<div class="form-group">
|
||||
<input type="text" id="username" name="username" class="form-control" data-ng-model="credentials.username" placeholder="{{ 'USERNAME_OR_EMAIL_LABEL' | translate }}">
|
||||
</div>
|
||||
<div class="text-center form-group">
|
||||
<button type="submit" class="btn btn-signup btn-rounded btn-block">{{ 'PASSWORD_RESTORE_HEADER' | translate }}</button>
|
||||
</div>
|
||||
<div data-ng-show="error" class="text-center">
|
||||
<strong>{{ 'ERROR' | translate }}: {{error}}</strong>
|
||||
</div>
|
||||
<div data-ng-show="success" class="text-center">
|
||||
<strong>{{success}}</strong>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<input type="text" id="username" name="username" class="form-control" data-ng-model="credentials.username" placeholder="{{ 'USERNAME_OR_EMAIL_LABEL' | translate }}">
|
||||
</div>
|
||||
<div class="text-center form-group">
|
||||
<button type="submit" class="btn btn-signup btn-rounded btn-block">{{ 'PASSWORD_RESTORE_HEADER' | translate }}</button>
|
||||
</div>
|
||||
</fieldset>
|
||||
</form>
|
||||
</div>
|
||||
|
@ -3,6 +3,12 @@
|
||||
<div class="col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6">
|
||||
<form data-ng-submit="resetUserPassword()" class="signin form-horizontal" autocomplete="off">
|
||||
<fieldset>
|
||||
<div data-ng-show="error" class="text-center text-danger">
|
||||
<strong>{{error}}</strong>
|
||||
</div>
|
||||
<div data-ng-show="success" class="text-center text-success">
|
||||
<strong>{{success}}</strong>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="newPassword">{{ 'NEW_PASSWORD_LABEL' | translate }}</label>
|
||||
<input type="password" id="newPassword" name="newPassword" class="form-control" data-ng-model="passwordDetails.newPassword" placeholder="{{ 'NEW_PASSWORD_LABEL' | translate }}">
|
||||
@ -14,12 +20,6 @@
|
||||
<div class="text-center form-group">
|
||||
<button type="submit" class="btn btn-large btn-primary">{{ 'UPDATE_PASSWORD_LABEL' | translate }}</button>
|
||||
</div>
|
||||
<div data-ng-show="error" class="text-center text-danger">
|
||||
<strong>{{error}}</strong>
|
||||
</div>
|
||||
<div data-ng-show="success" class="text-center text-success">
|
||||
<strong>{{success}}</strong>
|
||||
</div>
|
||||
</fieldset>
|
||||
</form>
|
||||
</div>
|
||||
|
Loading…
Reference in New Issue
Block a user