diff options
-rw-r--r-- | config/passport.js | 20 | ||||
-rw-r--r-- | controllers/users.js | 12 | ||||
-rw-r--r-- | models/Access.js | 1 | ||||
-rw-r--r-- | routes.js | 1 |
4 files changed, 31 insertions, 3 deletions
diff --git a/config/passport.js b/config/passport.js index 68d5204..75f42e8 100644 --- a/config/passport.js +++ b/config/passport.js @@ -3,7 +3,9 @@ var mongoose = require('mongoose') , LocalStrategy = require('passport-local').Strategy , FacebookStrategy = require('passport-facebook').Strategy , TwitterStrategy = require('passport-twitter').Strategy - , User = mongoose.model('User'); + , HashStrategy = require('passport-hash').Strategy + , User = mongoose.model('User') + , Access = mongoose.model('Access'); /** * This is where the magic happends @@ -25,7 +27,7 @@ module.exports = function (passport, config) { /** * Local strategy */ - passport.use(new LocalStrategy({ + passport.use('local', new LocalStrategy({ usernameField: 'email', passwordField: 'password' }, function(email, password, done) { @@ -39,6 +41,20 @@ module.exports = function (passport, config) { }); })); + passport.use(new HashStrategy({ passReqToCallback: true }, function(req, hash, done) { + console.log('TRYNG ' + hash); + Access.findOne({ randomToken: hash }, function(err, access) { + if (err) return done(err); + console.log(access); + if (!access) return done(null, false, { message: 'Unknown link' }); + User.findOne({ _id: access.user }, function(err, user) { + if (err) return done(err); + if (!user) return done(null, false, { message: 'Unknown user' }); + return done(null, user); + }); + }); + })); + /** * Facebook strategy diff --git a/controllers/users.js b/controllers/users.js index b91317b..b6a9bcf 100644 --- a/controllers/users.js +++ b/controllers/users.js @@ -53,6 +53,14 @@ exports.signin = function(req, res) { res.redirect('/dashboard'); } +exports.randomLogin = function(req, res) { + Access.findOne({ randomToken: req.params.hash }).populate('project', 'shortURL').exec(function(err, access) { + if (err) return res.status(500).render('error', { title: '500', text: 'En serverfeil oppstod', error: err.stack }); + return res.redirect('/project/' + access.project.shortURL); + + }); +} + /** * Signup @@ -168,6 +176,7 @@ exports.postProjectParticipants = function(req, res) { console.log('fant ingen brukere med den eposten. må invitere og stasj'); var newUser = new User(); newUser.email = mailAddress; + newUser.username = mailAddress; newUser.name = mailAddress + ' <span class="muted">(ikke registrert)</span>'; newUser.status = 1; newUser.password = newUser.generateRandomToken(32); @@ -179,6 +188,7 @@ exports.postProjectParticipants = function(req, res) { access.user = newUser._id; access.creator = req.user._id; access.project = project._id; + access.randomToken = newUser.generateRandomToken(15, true); access.save(function(err) { if (err) { console.log(err.errors); @@ -186,7 +196,7 @@ exports.postProjectParticipants = function(req, res) { } console.log('made new access for user ' + newUser._id); message.to = newUser.email; - message.text = 'Hei! Du har blitt invitert til å delta i et Divid-prosjekt! https://divid.no/invite/' + newUser.randomToken; + message.text = 'Hei! Du har blitt invitert til å delta i et Divid-prosjekt! https://divid.no/invite/' + newUser.randomToken + '\n Du kan også gå direkte til prosjektet her: https://divid.no/login/' + access.randomToken; server.send(message, function(err, message) { console.log(err || message);}); }); }); diff --git a/models/Access.js b/models/Access.js index 75f6003..ba8097d 100644 --- a/models/Access.js +++ b/models/Access.js @@ -23,6 +23,7 @@ var AccessSchema = new Schema({ creator: { type: Schema.ObjectId, ref: 'User' }, project: { type: Schema.ObjectId, ref: 'Project' }, permissions: { type: Number, default: '3' }, + randomToken: { type: String }, created: { type: Date, default: Date.now }, updated: { type: Date, default: Date.now } }); @@ -46,6 +46,7 @@ module.exports = function(app, passport, auth) { app.get('/logout', users.logout); + app.get('/login/:hash', passport.authenticate('hash', { failureRedirect: '/test'}), users.randomLogin); /** * REQUIRES LOGIN |