Merge pull request #247 from WebJamApps/dev

Lyre release

Author: JoshuaVSherman

.circleci/config.yml

@@ -0,0 +1,62 @@
+version: 2
+jobs:
+  build:
+    working_directory: ~/web-jam-back
+    # The primary container is an instance of the first list image listed. Your build commands run in this container.
+    docker:
+      - image: circleci/node:8.9.4-browsers
+    # The secondary container is an instance of the second listed image which is run in a common network where ports exposed on the primary container are available on localhost.
+      #- image: mongo:3.4.4
+    steps:
+      - checkout
+      - run:
+          name: Install globals
+          command: 'sudo npm install -g npm@latest && sudo npm install -g bower@latest && sudo npm install -g codeclimate-test-reporter'
+      - restore_cache:
+          key: dependency-cache-{{ checksum "package.json" }}
+      - run:
+          name: Install npm wee
+          command: yarn install
+      - save_cache:
+          key: dependency-cache-{{ checksum "package.json" }}
+          paths:
+            - node_modules
+  test:
+    docker:
+      - image: circleci/node:8.9.4-browsers
+      #- image: mongo:3.4.4
+    steps:
+      - checkout
+      - run:
+          name: Test install
+          command: 'sudo npm install -g npm@latest && sudo npm install -g bower@latest && sudo npm install -g codeclimate-test-reporter && yarn install'
+      #- run:
+      #    name: ubuntu dependancies
+      #    command: 'sudo apt-get update -y && sudo apt-get install -y apt-utils gconf-service libasound2 libatk1.0-0 libcups2 libdbus-1-3 libgconf-2-4 libgtk-3-0 libnspr4 libxcomposite1 libxss1 fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils'
+      #- run:
+      #    name: install chrome
+      #    command: 'curl -s https://raw.githubusercontent.com/chronogolf/circleci-google-chrome/master/use_chrome_stable_version.sh | bash'
+      - run:
+          name: test mocha
+          command: npm test
+      - run:
+          name: Generate code coverage
+          command: 'codeclimate-test-reporter < coverage/lcov.info'
+      #- store_artifacts:
+      #    path: test-results.xml
+      #    prefix: tests
+      - store_artifacts:
+          path: coverage
+          prefix: coverage
+
+workflows:
+  version: 2
+  build_and_test:
+    jobs:
+      #- build
+      - test
+          #requires:
+          #  - build
+          #filters:
+          #  branches:
+          #    only: master

README.md

@@ -7,9 +7,8 @@
 
 <p>This repository is used for the following apps:</p>
 <ui>
-<li><a href="http://www.ourhandsandfeet.org">ourhandsandfeet.org</a></li>
 <li><a href="https://www.web-jam.com">Web Jam LLC</a></li>
-<li><a href="http://www.joshandmariamusic.com">joshandmariamusic.com</a></li>
+<li><a href="http://www.ourhandsandfeet.org">ourhandsandfeet.org</a></li>
 <li><a href="https://www.web-jam.com/library">Web Jam Library</a></li>
 </ul>
 

auth/auth.controller.js

@@ -1,37 +1,138 @@
+const config = require('../config');
+const User = require('../model/user/user-schema');
+const authUtils = require('./authUtils');
+const frontURL = config.frontURL;
 
-// var _ = require('lodash');
-// var Entity = require('../model/user/user-schema.js');
-// var jwt = require('jwt-simple');
-// var authUtils = require('./authUtils');
-// exports.signup = function (req, res) {
-//     console.log("req body " + req.body.email);
-//     Entity.findOne({email: req.body.email}, function (err, existingUser) {
-//         if (existingUser) {
-//             return res.status(409).send({message: 'Email is already taken'});
-//         }
-//         var user = new Entity({
-//             displayName: req.body.displayName,
-//             email: req.body.email,
-//             password: req.body.password
-//         });
-//         user.save(function () {
-//             return res.status(201).json({token: authUtils.createJWT(user)});
-//         });
-//
-//     });
-// };
-//
-// exports.login = function (req, res) {
-//     console.log("req body " + req.body.email);
-//     Entity.findOne({email: req.body.email}, '+password', function (err, user) {
-//         if (!user) {
-//             return res.status(401).json({message: 'Wrong email and/or password'});
-//         }
-//         user.comparePassword(req.body.password, function (err, isMatch) {
-//             if (!isMatch) {
-//                 return res.status(401).send({message: 'Wrong email and/or password'});
-//             }
-//             res.send({token: authUtils.createJWT(user)});
-//         });
-//     });
-// };
+exports.signup = function(req, res) {
+  const randomNumba = authUtils.generateCode(99999, 10000);
+  const user = new User({
+    name: req.body.name, id: req.body.id, email: req.body.email, password: req.body.password, isPswdReset: false, resetCode: randomNumba, first_name: req.body.first_name, last_name: req.body.last_name, interests: req.body.interests, affiliation: req.body.affiliation, organisms: req.body.organisms
+  });
+  User.findOne({ email: req.body.email }, (err, existingUser) => {
+    if (existingUser) { return res.status(409).send({ message: 'This email address has already been registered.' }); }
+      const validData = user.validateSignup();
+      if (validData !== '') { return res.status(409).send({ message: validData }); }
+      user.save(() => {
+        const mailbody = '<h1>Welcome ' + user.name + ' to Web Jam Apps.</h1><p>Click this <a style="color:blue; text-decoration:underline; cursor:pointer; cursor:hand" ' +
+        'href="' + frontURL + '/userutil/?email=' + user.email + '">link</a>, then enter the following code to verify your email: <br><br><strong>' + randomNumba + '</strong></p>';
+        authUtils.sendEmail(mailbody, user.email, 'Verify Your Email Address');
+        return res.status(201).json({ email: user.email });
+      });
+  });
+};
+
+exports.validemail = function(req, res) {
+  console.log('email:' + req.body.email + ' resetCode:' + req.body.resetCode);
+  User.findOne({ email: req.body.email, resetCode: req.body.resetCode }, (err, user) => {
+    console.log(user);
+    if (!user) {
+      return res.status(401).json({ message: 'incorrect email or code' });
+    }
+    user.resetCode = '';
+    user.isPswdReset = false;
+    user.save((err) => {
+      res.status(201).json({ success: true });
+    });
+  });
+};
+
+exports.login = function(req, res) {
+  console.log('req body email' + req.body.email);
+  let reqUserEmail = '';
+    reqUserEmail = authUtils.setIfExists(req.body.email);
+    User.findOne({ email: reqUserEmail }, '+password', (err, user) => {
+        if (!user) {
+      return res.status(401).json({ message: 'Wrong email address' });
+    } if (user.password === '' || user.password === null || user.password === undefined) {
+      return res.status(401).json({ message: 'Please reset your password' });
+    }
+      authUtils.verifySaveUser(user, req, res);
+  });
+};
+
+exports.resetpass = function(req, res) {
+  console.log('email:' + req.body.email);
+  // User.findOne({ $or:[{ email: req.body.email }, { id: req.body.email }] }, (err, user) => {
+      User.findOne({ email: req.body.email }, (err, user) => {
+    console.log(user);
+    if (!user) {
+      return res.status(401).json({ message: 'incorrect email address' });
+    }
+    const randomNumba = authUtils.generateCode(99999, 10000);
+    user.resetCode = randomNumba;
+    user.isPswdReset = true;
+    user.save((err) => {
+      res.status(201).json({ email: user.email });
+      const mailBody = '<h2>A password reset was requested for ' + user.name + '.</h2><p>Click this <a style="color:blue; text-decoration:underline; cursor:pointer; cursor:hand" href="' +
+      frontURL + '/userutil/?email=' + user.email + '&form=reset">' +
+      'link</a>, then enter the following code to reset your password: <br><br><strong>' + randomNumba + '</strong></p><p><i>If a reset was requested in error, you can ignore this email and login to web-jam.com as usual.</i></p>';
+      authUtils.sendEmail(mailBody, user.email, 'Password Reset');
+    });
+  });
+};
+
+exports.passwdreset = function(req, res) {
+  console.log('email:' + req.body.email + ' resetCode:' + req.body.resetCode);
+  User.findOne({ email: req.body.email, resetCode: req.body.resetCode }, (err, user) => {
+    console.log(user);
+    if (!user) {
+      return res.status(401).json({ message: 'incorrect email or code' });
+    }
+    user.resetCode = '';
+    user.isPswdReset = false;
+    user.password = req.body.password;
+    if (user.password.length < 8) {
+      return res.status(401).send({ message: 'Password is not min 8 characters' });
+    }
+    user.save((err) => {
+      res.status(201).json({ success: true });
+    });
+  });
+};
+
+exports.changeemail = function(req, res) {
+  console.log('request to change the email address');
+  authUtils.checkEmailSyntax(req, res);
+  User.findOne({ email: req.body.changeemail }, (err, user) => {
+    if (user) {
+      return res.status(409).json({ message: 'Email address already exists' });
+    }
+    User.findOne( { email: req.body.email }, (err, existinguser) => {
+      if (!existinguser) {
+        return res.status(409).json({ message: 'current user does not exist' });
+      }
+      existinguser.resetCode = authUtils.generateCode(99999, 10000);
+      existinguser.changeemail = req.body.changeemail;
+      existinguser.save((err) => {
+        console.log(existinguser);
+        res.status(201).json({ success: true });
+        const mailBody = '<h2>An Email Address Change was Requested for ' + existinguser.name + '.</h2><p>Click this <a style="color:blue; text-decoration:underline; cursor:pointer; cursor:hand" href="' +
+        frontURL + '/userutil/?changeemail=' + existinguser.changeemail + '">' +
+        'link</a>, then enter the following code to validate this new email: <br><br><strong>' + existinguser.resetCode + '</strong></p><p><i>If this reset was requested in error, you can ignore it and login as usual.</i></p>';
+        authUtils.sendEmail(mailBody, existinguser.changeemail, 'Email Change Request');
+      });
+    });
+  });
+};
+
+exports.updateemail = function(req, res) {
+  console.log('validate with pin then change the email address');
+  authUtils.checkEmailSyntax(req, res);
+  User.findOne({ email: req.body.email }, (err, user) => {
+    if (!user) {
+      return res.status(409).json({ message: 'User does not exist' });
+    }
+    if (user.resetCode !== req.body.resetCode) {
+      return res.status(409).json({ message: 'Reset code is wrong' });
+    }
+    if (user.changeemail !== req.body.changeemail) {
+      return res.status(409).json({ message: 'Reset email is not valid' });
+    }
+    user.resetCode = '';
+    user.email = req.body.changeemail;
+    user.changeemail = '';
+    user.save((err) => {
+      res.status(201).json({ success: true });
+    });
+  });
+};

auth/authUtils.js

@@ -1,6 +1,10 @@
 const moment = require('moment');
 const jwt = require('jwt-simple');
 const config = require('../config');
+const nodemailer = require('nodemailer');
+// const uuid = require('uuid');
+// const crypto = require('crypto');
+// const fs = require('fs');
 
 class AuthUtils {
   static createJWT(user) {
@@ -21,17 +25,90 @@ class AuthUtils {
       return res.status(401).send({ message: 'Please make sure your request has an Authorization header' });
     }
     const token = req.headers.authorization.split(' ')[1];
-
     let payload = null;
     try {
       payload = jwt.decode(token, config.hashString);
     } catch (err) {
       return res.status(401).send({ message: err.message });
     }
-
     req.user = payload.sub;
     next();
   }
-}
+
+  static sendEmail(bodyhtml, toemail, subjectline) {
+    let emailpassword = config.gmailpassword;
+    /* istanbul ignore next */
+    if (process.env.NODE_ENV === 'test') {
+      emailpassword = '';
+    }
+    const transporter = nodemailer.createTransport({
+      service: 'gmail',
+      auth: {
+        user: 'chemmariasherman@gmail.com',
+        pass: emailpassword
+      }
+    });
+
+    const mailOptions = {
+      from: 'chemmariasherman@gmail.com',
+      to: toemail,
+      subject: subjectline,
+      html: bodyhtml
+    };
+    transporter.sendMail(mailOptions, (error, info) => {
+      // console.log('trying to send an email');
+      // console.log(mailOptions);
+      // console.log(transporter);
+    });
+  }
+
+  static generateCode(hi, low) {
+    const min = Math.ceil(low);
+    const max = Math.floor(hi);
+    return Math.floor(Math.random() * (max - min)) + min;
+  }
+
+  static verifySaveUser(user, req, res) {
+    let hascode = false;
+    let hasnewemail = false;
+    if (user.resetCode !== '' && user.resetCode !== null && user.resetCode !== undefined) {
+      hascode = true;
+    }
+    if (user.changeemail !== null && user.changeemail !== '' && user.changeemail !== undefined) {
+      hasnewemail = true;
+    }
+    // this checks if it is a brand new email that has not yet been verified
+    if (hascode && !user.isPswdReset && !hasnewemail) {
+      return res.status(401).json({ message: 'Validate your email address or click forgot password link to reset' });
+    }
+    user.comparePassword(req.body.password, (err, isMatch) => {
+      if (!isMatch) { return res.status(401).json({ message: 'Wrong password' }); }
+      this.saveSendToken(user, req, res);
+    });
+  }
+
+  static saveSendToken(user, req, res) {
+    const userToken = { token: this.createJWT(user), email: user.email };
+    user.isPswdReset = false;
+    user.resetCode = '';
+    user.changeemail = '';
+    user.save(err =>
+       res.status(200).json(userToken));
+  }
+
+  static checkEmailSyntax(req, res) {
+    if (/^\w+([.-]?\w+)*@\w+([.-]?\w+)*(\.\w{2,3})+$/.test(req.body.changeemail)) {
+      return console.log('email is valid');
+    }
+    return res.status(409).json({ message: 'Email address is not a valid format' });
+  }
+
+  static setIfExists(item) {
+    if (item !== '' && item !== null && item !== undefined) {
+      return item;
+    }
+    return '';
+  }
+ }
 
 module.exports = AuthUtils;

auth/google.js

@@ -32,7 +32,11 @@ class Google {
           User.findOne(filter, (err, existingUser) => {
             // console.log(existingUser);
             if (existingUser) {
-              console.log('user exist');
+              console.log('user exists');
+              existingUser.password = '';
+              // force the name of the user to be the name from google account
+              existingUser.name = profile.name;
+              existingUser.save();
               return res.send({ token: authUtils.createJWT(existingUser) });
             }
             const user = new User();

auth/index.js

@@ -2,7 +2,7 @@
 
 const express = require('express');
 // const authUtils = require('./authUtils');
-// var authController = require('./auth.controller.js');
+const authController = require('./auth.controller.js');
 // var meController = require('./me.controller.js');
 // var identSrv = require('./identSrv.js');
 const google = require('./google.js');
@@ -14,10 +14,14 @@ const google = require('./google.js');
 // var yahoo = require('./yahoo.js');
 // var foursquare = require('./foursquare');
 const router = express.Router();
-
-// router.post('/signup', authController.signup);
-// router.post('/login', authController.login);
+router.post('/signup', authController.signup);
+router.put('/validemail', authController.validemail);
 router.post('/google', google.authenticate);
+router.post('/login', authController.login);
+router.put('/resetpass', authController.resetpass);
+router.put('/passwdreset', authController.passwdreset);
+router.put('/changeemail', authController.changeemail); // request is made and verification pin is sent to new email, new email is stored in user.changeemail field
+router.put('/updateemail', authController.updateemail); // pin is processed and old email is replaced with new email
 // router.post('/linkedin', linkedin.authenticate);
 // router.post('/twitter', twitter.authenticate);
 // router.post('/facebook', facebook.authenticate);