2014-04-09 09:50:12 -04:00
|
|
|
UserDeleter = require("./UserDeleter")
|
2014-04-09 11:59:28 -04:00
|
|
|
UserLocator = require("./UserLocator")
|
2014-04-09 11:33:54 -04:00
|
|
|
User = require("../../models/User").User
|
2014-04-09 10:41:19 -04:00
|
|
|
newsLetterManager = require('../Newsletter/NewsletterManager')
|
2014-04-10 09:43:06 -04:00
|
|
|
UserRegistrationHandler = require("./UserRegistrationHandler")
|
2014-04-09 11:33:54 -04:00
|
|
|
logger = require("logger-sharelatex")
|
2014-04-09 11:59:28 -04:00
|
|
|
metrics = require("../../infrastructure/Metrics")
|
2014-04-10 09:43:06 -04:00
|
|
|
Url = require("url")
|
2014-04-10 12:15:18 -04:00
|
|
|
AuthenticationManager = require("../Authentication/AuthenticationManager")
|
2014-05-16 12:45:48 -04:00
|
|
|
UserUpdater = require("./UserUpdater")
|
2015-03-18 11:57:01 -04:00
|
|
|
EmailHandler = require("../Email/EmailHandler")
|
2015-05-26 10:24:09 -04:00
|
|
|
OneTimeTokenHandler = require "../Security/OneTimeTokenHandler"
|
2015-03-19 10:22:48 -04:00
|
|
|
settings = require "settings-sharelatex"
|
|
|
|
crypto = require "crypto"
|
2014-04-10 12:15:18 -04:00
|
|
|
|
2014-04-09 09:50:12 -04:00
|
|
|
module.exports =
|
|
|
|
|
|
|
|
deleteUser: (req, res)->
|
|
|
|
user_id = req.session.user._id
|
|
|
|
UserDeleter.deleteUser user_id, (err)->
|
|
|
|
if !err?
|
2015-06-30 09:39:37 -04:00
|
|
|
req.session?.destroy()
|
2015-07-08 11:56:38 -04:00
|
|
|
res.sendStatus(200)
|
2014-04-09 10:41:19 -04:00
|
|
|
|
|
|
|
unsubscribe: (req, res)->
|
|
|
|
UserLocator.findById req.session.user._id, (err, user)->
|
|
|
|
newsLetterManager.unsubscribe user, ->
|
2014-04-09 11:33:54 -04:00
|
|
|
res.send()
|
|
|
|
|
|
|
|
updateUserSettings : (req, res)->
|
|
|
|
logger.log user: req.session.user, "updating account settings"
|
2014-05-19 06:50:32 -04:00
|
|
|
user_id = req.session.user._id
|
|
|
|
User.findById user_id, (err, user)->
|
2014-04-09 11:33:54 -04:00
|
|
|
if err? or !user?
|
2014-05-19 06:50:32 -04:00
|
|
|
logger.err err:err, user_id:user_id, "problem updaing user settings"
|
2015-07-08 11:56:38 -04:00
|
|
|
return res.sendStatus 500
|
2014-06-20 04:42:43 -04:00
|
|
|
|
|
|
|
if req.body.first_name?
|
|
|
|
user.first_name = req.body.first_name.trim()
|
|
|
|
if req.body.last_name?
|
|
|
|
user.last_name = req.body.last_name.trim()
|
2014-06-20 06:15:25 -04:00
|
|
|
if req.body.role?
|
|
|
|
user.role = req.body.role.trim()
|
|
|
|
if req.body.institution?
|
|
|
|
user.institution = req.body.institution.trim()
|
2014-06-20 04:42:43 -04:00
|
|
|
if req.body.mode?
|
|
|
|
user.ace.mode = req.body.mode
|
|
|
|
if req.body.theme?
|
|
|
|
user.ace.theme = req.body.theme
|
|
|
|
if req.body.fontSize?
|
|
|
|
user.ace.fontSize = req.body.fontSize
|
|
|
|
if req.body.autoComplete?
|
2014-06-24 16:09:20 -04:00
|
|
|
user.ace.autoComplete = req.body.autoComplete
|
2014-06-20 04:42:43 -04:00
|
|
|
if req.body.spellCheckLanguage?
|
|
|
|
user.ace.spellCheckLanguage = req.body.spellCheckLanguage
|
|
|
|
if req.body.pdfViewer?
|
|
|
|
user.ace.pdfViewer = req.body.pdfViewer
|
2014-05-19 06:50:32 -04:00
|
|
|
user.save (err)->
|
2014-10-13 10:44:45 -04:00
|
|
|
newEmail = req.body.email?.trim().toLowerCase()
|
2014-06-20 04:42:43 -04:00
|
|
|
if !newEmail? or newEmail == user.email
|
2015-07-08 11:56:38 -04:00
|
|
|
return res.sendStatus 200
|
2014-06-20 04:42:43 -04:00
|
|
|
else if newEmail.indexOf("@") == -1
|
2015-07-08 11:56:38 -04:00
|
|
|
return res.sendStatus(400)
|
2014-05-20 08:18:59 -04:00
|
|
|
else
|
2014-05-19 06:50:32 -04:00
|
|
|
UserUpdater.changeEmailAddress user_id, newEmail, (err)->
|
|
|
|
if err?
|
|
|
|
logger.err err:err, user_id:user_id, newEmail:newEmail, "problem updaing users email address"
|
2014-08-01 09:03:38 -04:00
|
|
|
if err.message == "alread_exists"
|
|
|
|
message = req.i18n.translate("alread_exists")
|
|
|
|
else
|
|
|
|
message = req.i18n.translate("problem_changing_email_address")
|
|
|
|
return res.send 500, {message:message}
|
2015-07-08 11:56:38 -04:00
|
|
|
res.sendStatus(200)
|
2014-04-09 11:59:28 -04:00
|
|
|
|
|
|
|
logout : (req, res)->
|
|
|
|
metrics.inc "user.logout"
|
|
|
|
logger.log user: req?.session?.user, "logging out"
|
|
|
|
req.session.destroy (err)->
|
|
|
|
if err
|
|
|
|
logger.err err: err, 'error destorying session'
|
|
|
|
res.redirect '/login'
|
|
|
|
|
2014-04-10 09:43:06 -04:00
|
|
|
register : (req, res, next = (error) ->)->
|
2015-03-19 10:22:48 -04:00
|
|
|
email = req.body.email
|
|
|
|
if !email? or email == ""
|
2015-07-08 11:56:38 -04:00
|
|
|
res.sendStatus 422 # Unprocessable Entity
|
2015-03-19 10:22:48 -04:00
|
|
|
return
|
|
|
|
logger.log {email}, "registering new user"
|
|
|
|
UserRegistrationHandler.registerNewUser {
|
|
|
|
email: email
|
|
|
|
password: crypto.randomBytes(32).toString("hex")
|
|
|
|
}, (err, user)->
|
|
|
|
if err? and err?.message != "EmailAlreadyRegistered"
|
|
|
|
return next(err)
|
|
|
|
|
|
|
|
if err?.message == "EmailAlreadyRegistered"
|
|
|
|
logger.log {email}, "user already exists, resending welcome email"
|
2015-03-18 11:57:01 -04:00
|
|
|
|
2015-03-19 10:22:48 -04:00
|
|
|
ONE_WEEK = 7 * 24 * 60 * 60 # seconds
|
2015-05-26 10:24:09 -04:00
|
|
|
OneTimeTokenHandler.getNewToken user._id, { expiresIn: ONE_WEEK }, (err, token)->
|
2015-03-19 10:22:48 -04:00
|
|
|
return next(err) if err?
|
|
|
|
|
2015-12-11 06:30:06 -05:00
|
|
|
setNewPasswordUrl = "#{settings.siteUrl}/user/activate?token=#{token}&user_id=#{user._id}"
|
2015-03-19 10:22:48 -04:00
|
|
|
|
|
|
|
EmailHandler.sendEmail "registered", {
|
2015-03-18 11:57:01 -04:00
|
|
|
to: user.email
|
2015-03-19 10:22:48 -04:00
|
|
|
setNewPasswordUrl: setNewPasswordUrl
|
2015-03-18 11:57:01 -04:00
|
|
|
}, () ->
|
2015-03-19 10:22:48 -04:00
|
|
|
|
|
|
|
res.json {
|
|
|
|
email: user.email
|
|
|
|
setNewPasswordUrl: setNewPasswordUrl
|
|
|
|
}
|
2014-04-15 08:59:00 -04:00
|
|
|
|
2014-04-10 12:15:18 -04:00
|
|
|
changePassword : (req, res, next = (error) ->)->
|
|
|
|
metrics.inc "user.password-change"
|
|
|
|
oldPass = req.body.currentPassword
|
|
|
|
AuthenticationManager.authenticate {_id:req.session.user._id}, oldPass, (err, user)->
|
|
|
|
return next(err) if err?
|
|
|
|
if(user)
|
|
|
|
logger.log user: req.session.user, "changing password"
|
|
|
|
newPassword1 = req.body.newPassword1
|
|
|
|
newPassword2 = req.body.newPassword2
|
|
|
|
if newPassword1 != newPassword2
|
|
|
|
logger.log user: user, "passwords do not match"
|
|
|
|
res.send
|
|
|
|
message:
|
|
|
|
type:'error'
|
|
|
|
text:'Your passwords do not match'
|
|
|
|
else
|
|
|
|
logger.log user: user, "password changed"
|
|
|
|
AuthenticationManager.setUserPassword user._id, newPassword1, (error) ->
|
|
|
|
return next(error) if error?
|
|
|
|
res.send
|
|
|
|
message:
|
|
|
|
type:'success'
|
|
|
|
text:'Your password has been changed'
|
|
|
|
else
|
|
|
|
logger.log user: user, "current password wrong"
|
|
|
|
res.send
|
|
|
|
message:
|
|
|
|
type:'error'
|
2014-05-16 12:45:48 -04:00
|
|
|
text:'Your old password is wrong'
|
|
|
|
|
|
|
|
changeEmailAddress: (req, res)->
|
|
|
|
|
|
|
|
|