From d135ce7ed7768928b82fd1530b3cc13090397dfb Mon Sep 17 00:00:00 2001
From: Dennis Eriksen <dennis.se@gmail.com>
Date: Fri, 24 May 2013 11:21:12 +0200
Subject: added random access link for invited users. now they don't have to
 register to post.

---
 config/passport.js   | 20 ++++++++++++++++++--
 controllers/users.js | 12 +++++++++++-
 models/Access.js     |  1 +
 routes.js            |  1 +
 4 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/config/passport.js b/config/passport.js
index 68d5204..75f42e8 100644
--- a/config/passport.js
+++ b/config/passport.js
@@ -3,7 +3,9 @@ var mongoose = require('mongoose')
   , LocalStrategy = require('passport-local').Strategy
   , FacebookStrategy = require('passport-facebook').Strategy
   , TwitterStrategy = require('passport-twitter').Strategy
-  , User = mongoose.model('User');
+  , HashStrategy = require('passport-hash').Strategy
+  , User = mongoose.model('User')
+  , Access = mongoose.model('Access');
 
 /**
  * This is where the magic happends
@@ -25,7 +27,7 @@ module.exports = function (passport, config) {
     /**
      * Local strategy
      */
-    passport.use(new LocalStrategy({
+    passport.use('local', new LocalStrategy({
         usernameField: 'email',
         passwordField: 'password'
     }, function(email, password, done) {
@@ -39,6 +41,20 @@ module.exports = function (passport, config) {
         });
     }));
 
+    passport.use(new HashStrategy({ passReqToCallback: true }, function(req, hash, done) {
+        console.log('TRYNG ' + hash);
+        Access.findOne({ randomToken: hash }, function(err, access) {
+            if (err) return done(err);
+            console.log(access);
+            if (!access) return done(null, false, { message: 'Unknown link' });
+            User.findOne({ _id: access.user }, function(err, user) {
+                if (err) return done(err);
+                if (!user) return done(null, false, { message: 'Unknown user' });
+                return done(null, user);
+            });
+        });
+    }));
+
 
     /**
      * Facebook strategy
diff --git a/controllers/users.js b/controllers/users.js
index b91317b..b6a9bcf 100644
--- a/controllers/users.js
+++ b/controllers/users.js
@@ -53,6 +53,14 @@ exports.signin = function(req, res) {
     res.redirect('/dashboard');
 }
 
+exports.randomLogin = function(req, res) {
+    Access.findOne({ randomToken: req.params.hash }).populate('project', 'shortURL').exec(function(err, access) {
+        if (err) return res.status(500).render('error', { title: '500', text: 'En serverfeil oppstod', error: err.stack });
+        return res.redirect('/project/' + access.project.shortURL);
+
+    });
+}
+
 
 /**
  * Signup
@@ -168,6 +176,7 @@ exports.postProjectParticipants = function(req, res) {
                         console.log('fant ingen brukere med den eposten. må invitere og stasj');
                         var newUser = new User();
                         newUser.email = mailAddress;
+                        newUser.username = mailAddress;
                         newUser.name = mailAddress + ' <span class="muted">(ikke registrert)</span>';
                         newUser.status = 1;
                         newUser.password = newUser.generateRandomToken(32);
@@ -179,6 +188,7 @@ exports.postProjectParticipants = function(req, res) {
                             access.user = newUser._id;
                             access.creator = req.user._id;
                             access.project = project._id;
+                            access.randomToken = newUser.generateRandomToken(15, true);
                             access.save(function(err) {
                                 if (err) {
                                     console.log(err.errors);
@@ -186,7 +196,7 @@ exports.postProjectParticipants = function(req, res) {
                                 }
                                 console.log('made new access for user ' + newUser._id);
                                 message.to = newUser.email;
-                                message.text = 'Hei! Du har blitt invitert til å delta i et Divid-prosjekt! https://divid.no/invite/' + newUser.randomToken;
+                                message.text = 'Hei! Du har blitt invitert til å delta i et Divid-prosjekt! https://divid.no/invite/' + newUser.randomToken + '\n Du kan også gå direkte til prosjektet her: https://divid.no/login/' + access.randomToken;
                                 server.send(message, function(err, message) { console.log(err || message);});
                             });
                         });
diff --git a/models/Access.js b/models/Access.js
index 75f6003..ba8097d 100644
--- a/models/Access.js
+++ b/models/Access.js
@@ -23,6 +23,7 @@ var AccessSchema = new Schema({
     creator: { type: Schema.ObjectId, ref: 'User' },
     project: { type: Schema.ObjectId, ref: 'Project' },
     permissions: { type: Number, default: '3' },
+    randomToken: { type: String },
     created: { type: Date, default: Date.now },
     updated: { type: Date, default: Date.now }
 });
diff --git a/routes.js b/routes.js
index 071d3d0..1717766 100644
--- a/routes.js
+++ b/routes.js
@@ -46,6 +46,7 @@ module.exports = function(app, passport, auth) {
 
     app.get('/logout', users.logout);
 
+    app.get('/login/:hash', passport.authenticate('hash', { failureRedirect: '/test'}), users.randomLogin);
 
    /**
     * REQUIRES LOGIN
-- 
cgit v1.2.3