overleaf/services/web/app/coffee/Features/User/UserPagesController.coffee

UserLocator = require("./UserLocator")
UserGetter = require("./UserGetter")
UserSessionsManager = require("./UserSessionsManager")
ErrorController = require("../Errors/ErrorController")
logger = require("logger-sharelatex")
Settings = require("settings-sharelatex")
fs = require('fs')
AuthenticationController = require('../Authentication/AuthenticationController')

module.exports =

	registerPage : (req, res)->
		sharedProjectData =
			project_name:req.query.project_name
			user_first_name:req.query.user_first_name

		newTemplateData = {}
		if req.session.templateData?
			newTemplateData.templateName = req.session.templateData.templateName

		res.render 'user/register',
			title: 'register'
			sharedProjectData: sharedProjectData
			newTemplateData: newTemplateData
			new_email:req.query.new_email || ""

	activateAccountPage: (req, res) ->
		# An 'activation' is actually just a password reset on an account that
		# was set with a random password originally.
		logger.log query:req.query, "activiate account page called"
		if !req.query?.user_id? or !req.query?.token?
			return ErrorController.notFound(req, res)

		UserGetter.getUser req.query.user_id, {email: 1, loginCount: 1}, (error, user) ->
			return next(error) if error?
			if !user
				return ErrorController.notFound(req, res)
			if user.loginCount > 0
				logger.log user:user, "user has already logged in so is active, sending them to /login"
				# Already seen this user, so account must be activate
				# This lets users keep clicking the 'activate' link in their email
				# as a way to log in which, if I know our users, they will.
				res.redirect "/login?email=#{encodeURIComponent(user.email)}"
			else
				res.render 'user/activate',
					title: 'activate_account'
					email: user.email,
					token: req.query.token

	loginPage : (req, res)->
		# if user is being sent to /login with explicit redirect (redir=/foo),
		# such as being sent from the editor to /login, then set the redirect explicitly
		if req.query.redir? and !AuthenticationController._getRedirectFromSession(req)?
			logger.log {redir: req.query.redir}, "setting explicit redirect from login page"
			AuthenticationController._setRedirectInSession(req, req.query.redir)
		res.render 'user/login',
			title: 'login',
			email: req.query.email

	settingsPage : (req, res, next)->
		user_id = AuthenticationController.getLoggedInUserId(req)
		logger.log user: user_id, "loading settings page"
		shouldAllowEditingDetails = !(Settings?.ldap?.updateUserDetailsOnLogin) and !(Settings?.saml?.updateUserDetailsOnLogin)
		UserLocator.findById user_id, (err, user)->
			return next(err) if err?
			res.render 'user/settings',
				title:'account_settings'
				user: user,
				shouldAllowEditingDetails: shouldAllowEditingDetails
				languages: Settings.languages,
				accountSettingsTabActive: true

	sessionsPage: (req, res, next) ->
		user = AuthenticationController.getSessionUser(req)
		logger.log user_id: user._id, "loading sessions page"
		UserSessionsManager.getAllUserSessions user, [req.sessionID], (err, sessions) ->
			if err?
				logger.err {user_id: user._id}, "error getting all user sessions"
				return next(err)
			res.render 'user/sessions',
				title: "sessions"
				sessions: sessions
moved user settings page to the user pages controller 2014-04-09 10:04:47 -04:00			`UserLocator = require("./UserLocator")`
Improve pre-registered account activation process 2015-12-11 06:30:06 -05:00			`UserGetter = require("./UserGetter")`
WIP: display sessions on a page 2016-10-06 10:49:47 -04:00			`UserSessionsManager = require("./UserSessionsManager")`
Improve pre-registered account activation process 2015-12-11 06:30:06 -05:00			`ErrorController = require("../Errors/ErrorController")`
moved user settings page to the user pages controller 2014-04-09 10:04:47 -04:00			`logger = require("logger-sharelatex")`
			`Settings = require("settings-sharelatex")`
			`fs = require('fs')`
WIP: refactor 2016-09-05 10:58:31 -04:00			`AuthenticationController = require('../Authentication/AuthenticationController')`
moved register page to new UserPagesController 2014-04-09 07:17:50 -04:00
			`module.exports =`

moved login page to new user page controller 2014-04-09 07:22:57 -04:00			`registerPage : (req, res)->`
moved register page to new UserPagesController 2014-04-09 07:17:50 -04:00			`sharedProjectData =`
			`project_name:req.query.project_name`
			`user_first_name:req.query.user_first_name`

			`newTemplateData = {}`
			`if req.session.templateData?`
			`newTemplateData.templateName = req.session.templateData.templateName`

			`res.render 'user/register',`
sorted out titles 2014-08-01 08:47:14 -04:00			`title: 'register'`
moved register page to new UserPagesController 2014-04-09 07:17:50 -04:00			`sharedProjectData: sharedProjectData`
			`newTemplateData: newTemplateData`
moved login page to new user page controller 2014-04-09 07:22:57 -04:00			`new_email:req.query.new_email \|\| ""`
WIP: refactor 2016-09-05 10:58:31 -04:00
Improve pre-registered account activation process 2015-12-11 06:30:06 -05:00			`activateAccountPage: (req, res) ->`
			`# An 'activation' is actually just a password reset on an account that`
			`# was set with a random password originally.`
should be able to set first and last name via user details on registration 2016-06-13 08:21:44 -04:00			`logger.log query:req.query, "activiate account page called"`
Improve pre-registered account activation process 2015-12-11 06:30:06 -05:00			`if !req.query?.user_id? or !req.query?.token?`
			`return ErrorController.notFound(req, res)`
WIP: refactor 2016-09-05 10:58:31 -04:00
Improve pre-registered account activation process 2015-12-11 06:30:06 -05:00			`UserGetter.getUser req.query.user_id, {email: 1, loginCount: 1}, (error, user) ->`
			`return next(error) if error?`
			`if !user`
			`return ErrorController.notFound(req, res)`
			`if user.loginCount > 0`
should be able to set first and last name via user details on registration 2016-06-13 08:21:44 -04:00			`logger.log user:user, "user has already logged in so is active, sending them to /login"`
Improve pre-registered account activation process 2015-12-11 06:30:06 -05:00			`# Already seen this user, so account must be activate`
			`# This lets users keep clicking the 'activate' link in their email`
			`# as a way to log in which, if I know our users, they will.`
			`res.redirect "/login?email=#{encodeURIComponent(user.email)}"`
			`else`
			`res.render 'user/activate',`
			`title: 'activate_account'`
			`email: user.email,`
			`token: req.query.token`
moved login page to new user page controller 2014-04-09 07:22:57 -04:00
			`loginPage : (req, res)->`
If user is sent to login page with explicit redirect, obey 2016-11-24 06:38:13 -05:00			`# if user is being sent to /login with explicit redirect (redir=/foo),`
			`# such as being sent from the editor to /login, then set the redirect explicitly`
			`if req.query.redir? and !AuthenticationController._getRedirectFromSession(req)?`
			`logger.log {redir: req.query.redir}, "setting explicit redirect from login page"`
			`AuthenticationController._setRedirectInSession(req, req.query.redir)`
moved login page to new user page controller 2014-04-09 07:22:57 -04:00			`res.render 'user/login',`
sorted out titles 2014-08-01 08:47:14 -04:00			`title: 'login',`
Improve pre-registered account activation process 2015-12-11 06:30:06 -05:00			`email: req.query.email`
moved login page to new user page controller 2014-04-09 07:22:57 -04:00
Remove Dropbox front end logic from main sharelatex repo 2015-02-05 13:20:25 -05:00			`settingsPage : (req, res, next)->`
WIP: refactor 2016-09-05 10:58:31 -04:00			`user_id = AuthenticationController.getLoggedInUserId(req)`
			`logger.log user: user_id, "loading settings page"`
If we're updating details from a SSO source, don't allow editing on settings page. 2016-11-25 09:38:00 -05:00			`shouldAllowEditingDetails = !(Settings?.ldap?.updateUserDetailsOnLogin) and !(Settings?.saml?.updateUserDetailsOnLogin)`
WIP: refactor 2016-09-05 10:58:31 -04:00			`UserLocator.findById user_id, (err, user)->`
Remove Dropbox front end logic from main sharelatex repo 2015-02-05 13:20:25 -05:00			`return next(err) if err?`
			`res.render 'user/settings',`
			`title:'account_settings'`
			`user: user,`
If we're updating details from a SSO source, don't allow editing on settings page. 2016-11-25 09:38:00 -05:00			`shouldAllowEditingDetails: shouldAllowEditingDetails`
Remove Dropbox front end logic from main sharelatex repo 2015-02-05 13:20:25 -05:00			`languages: Settings.languages,`
			`accountSettingsTabActive: true`
WIP: display sessions on a page 2016-10-06 10:49:47 -04:00
			`sessionsPage: (req, res, next) ->`
clear-sessions page (+4 squashed commits) Squashed commits: [3a56af0] Remove cruft [c5a1f6c] Finalise alignment [82f741a] Working sessions page [d40f069] WIP: display sessions 2016-10-07 05:52:58 -04:00			`user = AuthenticationController.getSessionUser(req)`
			`logger.log user_id: user._id, "loading sessions page"`
			`UserSessionsManager.getAllUserSessions user, [req.sessionID], (err, sessions) ->`
			`if err?`
			`logger.err {user_id: user._id}, "error getting all user sessions"`
			`return next(err)`
WIP: display sessions on a page 2016-10-06 10:49:47 -04:00			`res.render 'user/sessions',`
			`title: "sessions"`
			`sessions: sessions`