aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
-rw-r--r--config/passport.js20
-rw-r--r--controllers/users.js12
-rw-r--r--models/Access.js1
-rw-r--r--routes.js1
4 files changed, 31 insertions, 3 deletions
diff --git a/config/passport.js b/config/passport.js
index 68d5204..75f42e8 100644
--- a/config/passport.js
+++ b/config/passport.js
@@ -3,7 +3,9 @@ var mongoose = require('mongoose')
, LocalStrategy = require('passport-local').Strategy
, FacebookStrategy = require('passport-facebook').Strategy
, TwitterStrategy = require('passport-twitter').Strategy
- , User = mongoose.model('User');
+ , HashStrategy = require('passport-hash').Strategy
+ , User = mongoose.model('User')
+ , Access = mongoose.model('Access');
/**
* This is where the magic happends
@@ -25,7 +27,7 @@ module.exports = function (passport, config) {
/**
* Local strategy
*/
- passport.use(new LocalStrategy({
+ passport.use('local', new LocalStrategy({
usernameField: 'email',
passwordField: 'password'
}, function(email, password, done) {
@@ -39,6 +41,20 @@ module.exports = function (passport, config) {
});
}));
+ passport.use(new HashStrategy({ passReqToCallback: true }, function(req, hash, done) {
+ console.log('TRYNG ' + hash);
+ Access.findOne({ randomToken: hash }, function(err, access) {
+ if (err) return done(err);
+ console.log(access);
+ if (!access) return done(null, false, { message: 'Unknown link' });
+ User.findOne({ _id: access.user }, function(err, user) {
+ if (err) return done(err);
+ if (!user) return done(null, false, { message: 'Unknown user' });
+ return done(null, user);
+ });
+ });
+ }));
+
/**
* Facebook strategy
diff --git a/controllers/users.js b/controllers/users.js
index b91317b..b6a9bcf 100644
--- a/controllers/users.js
+++ b/controllers/users.js
@@ -53,6 +53,14 @@ exports.signin = function(req, res) {
res.redirect('/dashboard');
}
+exports.randomLogin = function(req, res) {
+ Access.findOne({ randomToken: req.params.hash }).populate('project', 'shortURL').exec(function(err, access) {
+ if (err) return res.status(500).render('error', { title: '500', text: 'En serverfeil oppstod', error: err.stack });
+ return res.redirect('/project/' + access.project.shortURL);
+
+ });
+}
+
/**
* Signup
@@ -168,6 +176,7 @@ exports.postProjectParticipants = function(req, res) {
console.log('fant ingen brukere med den eposten. må invitere og stasj');
var newUser = new User();
newUser.email = mailAddress;
+ newUser.username = mailAddress;
newUser.name = mailAddress + ' <span class="muted">(ikke registrert)</span>';
newUser.status = 1;
newUser.password = newUser.generateRandomToken(32);
@@ -179,6 +188,7 @@ exports.postProjectParticipants = function(req, res) {
access.user = newUser._id;
access.creator = req.user._id;
access.project = project._id;
+ access.randomToken = newUser.generateRandomToken(15, true);
access.save(function(err) {
if (err) {
console.log(err.errors);
@@ -186,7 +196,7 @@ exports.postProjectParticipants = function(req, res) {
}
console.log('made new access for user ' + newUser._id);
message.to = newUser.email;
- message.text = 'Hei! Du har blitt invitert til å delta i et Divid-prosjekt! https://divid.no/invite/' + newUser.randomToken;
+ message.text = 'Hei! Du har blitt invitert til å delta i et Divid-prosjekt! https://divid.no/invite/' + newUser.randomToken + '\n Du kan også gå direkte til prosjektet her: https://divid.no/login/' + access.randomToken;
server.send(message, function(err, message) { console.log(err || message);});
});
});
diff --git a/models/Access.js b/models/Access.js
index 75f6003..ba8097d 100644
--- a/models/Access.js
+++ b/models/Access.js
@@ -23,6 +23,7 @@ var AccessSchema = new Schema({
creator: { type: Schema.ObjectId, ref: 'User' },
project: { type: Schema.ObjectId, ref: 'Project' },
permissions: { type: Number, default: '3' },
+ randomToken: { type: String },
created: { type: Date, default: Date.now },
updated: { type: Date, default: Date.now }
});
diff --git a/routes.js b/routes.js
index 071d3d0..1717766 100644
--- a/routes.js
+++ b/routes.js
@@ -46,6 +46,7 @@ module.exports = function(app, passport, auth) {
app.get('/logout', users.logout);
+ app.get('/login/:hash', passport.authenticate('hash', { failureRedirect: '/test'}), users.randomLogin);
/**
* REQUIRES LOGIN