Skip to content
This repository was archived by the owner on Dec 13, 2018. It is now read-only.

Widget support #578

Open
typerandom wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Widget support #578

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
f463fa1
initial widget support
typerandom Jan 12, 2017
c587ddc
fixing tests related to widget changes
typerandom Jan 14, 2017
9a41eec
fix tests and remove all form dependencies
typerandom Jan 16, 2017
3199273
revert es6 arrow functions
typerandom Jan 16, 2017
6f06e6b
remove additional es6 arrow functions
typerandom Jan 16, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13,422 changes: 13,422 additions & 0 deletions assets/stormpath.min.js
View file
Open in desktop

Large diffs are not rendered by default.

60 changes: 1 addition & 59 deletions lib/controllers/change-password.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
'use strict';

var forms = require('../forms');
var helpers = require('../helpers');

/**
Expand Down Expand Up @@ -64,64 +63,7 @@ module.exports = function (req, res, next) {
return next();
}

application.verifyPasswordResetToken(sptoken, function (err, result) {
if (err) {
logger.info('A user attempted to reset their password with a token, but that token verification failed.');
return res.redirect(config.web.changePassword.errorUri);
}

forms.changePasswordForm.handle(req, {
// If we get here, it means the user is submitting a password change
// request, so we should attempt to change the user's password.
success: function (form) {
if (form.data.password !== form.data.passwordAgain) {
return helpers.render(req, res, view, { error: 'Passwords do not match.', form: form });
}

result.password = form.data.password;

result.save(function (err) {
if (err) {
logger.info('A user attempted to reset their password, but the password change itself failed.');
return helpers.render(req, res, view, { error: err.userMessage, form: form });
}

if (config.web.changePassword.autoLogin) {
var options = {
username: result.email,
password: result.password
};

return helpers.authenticate(options, req, res, function (err) {
if (err) {
return helpers.render(req, res, view, { error: err.userMessage, form: form });
}

res.redirect(config.web.login.nextUri);
});
}

res.redirect(config.web.changePassword.nextUri);
});
},
// If we get here, it means the user didn't supply required form fields.
error: function (form) {
// Special case: if the user is being redirected to this page for the
// first time, don't display any error.
if (form.data && !form.data.password && !form.data.passwordAgain) {
return helpers.render(req, res, view, { form: form });
}

var formErrors = helpers.collectFormErrors(form);
helpers.render(req, res, view, { form: form, formErrors: formErrors });
},
// If we get here, it means the user is doing a simple GET request, so we
// should just render the forgot password template.
empty: function (form) {
helpers.render(req, res, view, { form: form });
}
});
});
helpers.render(req, res, view);
}
}, next);
};
30 changes: 1 addition & 29 deletions lib/controllers/forgot-password.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
'use strict';

var forms = require('../forms');
var helpers = require('../helpers');

/**
Expand Down Expand Up @@ -46,34 +45,7 @@ module.exports = function (req, res, next) {
return next();
}

forms.forgotPasswordForm.handle(req, {
// If we get here, it means the user is submitting a password reset
// request, so we should attempt to send the user a password reset email.
success: function (form) {
application.sendPasswordResetEmail(form.data.email, function (err) {
if (err) {
logger.info('A user tried to reset their password, but supplied an invalid email address: ' + form.data.email + '.');
}

res.redirect(config.web.forgotPassword.nextUri);
});
},
// If we get here, it means the user didn't supply required form fields.
error: function (form) {
// https://github.com/caolan/forms/issues/96
if (req.query.status === 'invalid_sptoken') {
return helpers.render(req, res, view, { form: form, status: req.query.status });
}

var formErrors = helpers.collectFormErrors(form);
helpers.render(req, res, view, { form: form, formErrors: formErrors });
},
// If we get here, it means the user is doing a simple GET request, so we
// should just render the forgot password template.
empty: function (form) {
helpers.render(req, res, view, { form: form });
}
});
helpers.render(req, res, view);
}
}, next);
};
59 changes: 1 addition & 58 deletions lib/controllers/login.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,7 @@
'use strict';

var _ = require('lodash');
var extend = require('deep-extend');
var url = require('url');

var forms = require('../forms');
var helpers = require('../helpers');
var oauth = require('../oauth');

/**
* This controller logs in an existing user. If there are any errors, an
Expand Down Expand Up @@ -68,59 +63,7 @@ module.exports = function (req, res, next) {
return res.redirect(302, nextUrl);
}

function renderForm(form, options) {
if (options === undefined) {
options = {};
}

var view = config.web.login.view;
var oauthStateToken = oauth.common.resolveStateToken(req, res);
var formActionUri = (config.web.login.uri + (nextUri ? ('?next=' + nextUri) : ''));

var hasSocialProviders = _.some(config.web.social, function (socialProvider) {
return socialProvider.enabled;
});

extend(options, {
form: form,
formActionUri: formActionUri,
oauthStateToken: oauthStateToken,
hasSocialProviders: hasSocialProviders
});

helpers.render(req, res, view, options);
}

helpers.setTempCookie(res, 'oauthRedirectUri', req.originalUrl);

forms.loginForm.handle(req, {
// If we get here, it means the user is submitting a login request, so we
// should attempt to log the user into their account.
success: function (form) {
helpers.authenticate(form.data, req, res, function (err) {
if (err) {
return renderForm(form, { error: err.userMessage || err.message });
}

helpers.loginResponder(req, res);
});
},
// If we get here, it means the user didn't supply required form fields.
error: function (form) {
// Special case: if the user is being redirected to this page for the
// first time, don't display any error.
if (form.data && !form.data.login && !form.data.password) {
return renderForm(form);
}

renderForm(form, { formErrors: helpers.collectFormErrors(form) });
},
// If we get here, it means the user is doing a simple GET request, so we
// should just render the login template.
empty: function (form) {
renderForm(form);
}
});
helpers.render(req, res, config.web.login.view);
}
}, next);
};
147 changes: 1 addition & 146 deletions lib/controllers/register.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,60 +1,7 @@
'use strict';

var async = require('async');
var url = require('url');

var helpers = require('../helpers');

/**
* Delivers the default response for registration attempts that accept an HTML
* content type, where the new account is in an unverified state. In this
* situation we redirect to the login page with a query parameter that
* indidcates that the account is unverified
*
* @function
*
* @param {Object} req - The http request.
* @param {Object} res - The http response.
*/
function defaultUnverifiedHtmlResponse(req, res) {
var config = req.app.get('stormpathConfig');
res.redirect(302, config.web.login.uri + '?status=unverified');
}

/**
* Delivers the default response for registration attempts that accept an HTML
* content type, where the new account is in a verified state. In this
* situation we redirect to the login page with a query parameter that
* indidcates that the account has been created (and is ready for a login
* attempt)
*
* @function
*
* @param {Object} req - The http request.
* @param {Object} res - The http response.
*/
function defaultCreatedHtmlResponse(req, res) {
var config = req.app.get('stormpathConfig');
res.redirect(302, config.web.login.uri + '?status=created');
}

/**
* Delivers the default response for registration attempts that accept an HTML
* content type, where the new account is in a verified state and the config
* has requested that we automatically log in the user. In this situation we
* redirect to the next URI that is in the url, or the nextUri that is defined
* on the registration configuration
*
* @function
*
* @param {Object} req - The http request.
* @param {Object} res - The http response.
*/
function defaultAutoAuthorizeHtmlResponse(req, res) {
var config = req.app.get('stormpathConfig');
res.redirect(302, url.parse(req.query.next || '').path || config.web.register.nextUri);
}

/**
* Delivers the default response for registration attempts that accept a JSON
* content type. In this situation we simply return the new account object as
Expand Down Expand Up @@ -105,7 +52,6 @@ module.exports = function (req, res, next) {
var application = req.app.get('stormpathApplication');
var config = req.app.get('stormpathConfig');
var logger = req.app.get('stormpathLogger');
var view = config.web.register.view;

function handlePreRegistration(formData, callback) {
var preRegistrationHandler = config.preRegistrationHandler;
Expand Down Expand Up @@ -195,98 +141,7 @@ module.exports = function (req, res, next) {
}
},
'text/html': function () {
var writeFormError = helpers.writeFormError.bind(null, req, res, view, viewModel);

switch (req.method) {
// We should render the registration template.
case 'GET':
helpers.render(req, res, view, {
form: helpers.sanitizeFormData(req.body),
formModel: viewModel.form
});
break;

// The user is submitting a registration request, so we should attempt
// to validate the user's data and create their account.
case 'POST':
async.waterfall([
// What we'll do here is simply set default values for `givenName` and
// `surname`, because these value are annoying to set if you don't
// care about them. Eventually Stormpath is going to remove these
// required fields, but for now this is a decent workaround to ensure
// people don't have to deal with that stuff.
function (callback) {
applyDefaultAccountFields(config, req);
callback();
},
function (callback) {
handlePreRegistration(req.body, function (err) {
if (err) {
return writeFormError(err);
}

helpers.validateAccount(req.body, config, function (errors) {
if (errors) {
return writeFormError(errors[0]);
}

callback();
});
});
},
function (callback) {
helpers.prepAccountData(req.body, config, function (accountData) {
application.createAccount(accountData, function (err, account) {
if (err) {
logger.info('A user tried to create a new account, but this operation failed with an error message: ' + err.developerMessage);
callback(err);
} else {
res.locals.user = account;
req.user = account;
callback(null, account);
}
});
});
}
], function (err, account) {
if (err) {
return writeFormError(err);
}

//console.log('Register account status!', account.status);

if (account.status === 'UNVERIFIED') {
return handleResponse(account, defaultUnverifiedHtmlResponse);
}

if (config.web.register.autoLogin) {
var options = {
username: req.body.email,
password: req.body.password
};

return helpers.authenticate(options, req, res, function (err, expandedAccount, authResult) {
if (err) {
return writeFormError(err);
}

helpers.createSession(authResult, expandedAccount, req, res);

handleResponse(expandedAccount, defaultAutoAuthorizeHtmlResponse);
});
}

helpers.expandAccount(account, config.expand, logger, function (err, expandedAccount) {
req.user = expandedAccount;

handleResponse(expandedAccount, defaultCreatedHtmlResponse);
});
});
break;

default:
next();
}
helpers.render(req, res, config.web.register.view);
}
}, next);
});
Expand Down
Loading