2019-05-29 05:21:06 -04:00
|
|
|
const PasswordResetHandler = require('./PasswordResetHandler')
|
|
|
|
|
const RateLimiter = require('../../infrastructure/RateLimiter')
|
|
|
|
|
const AuthenticationController = require('../Authentication/AuthenticationController')
|
|
|
|
|
const AuthenticationManager = require('../Authentication/AuthenticationManager')
|
|
|
|
|
const UserGetter = require('../User/UserGetter')
|
|
|
|
|
const UserUpdater = require('../User/UserUpdater')
|
|
|
|
|
const UserSessionsManager = require('../User/UserSessionsManager')
|
|
|
|
|
const logger = require('logger-sharelatex')
|
|
|
|
|
const Settings = require('settings-sharelatex')
|
|
|
|
|
|
|
|
|
|
module.exports = {
|
|
|
|
|
renderRequestResetForm(req, res) {
|
|
|
|
|
logger.log('rendering request reset form')
|
2019-07-04 08:40:12 -04:00
|
|
|
res.render('user/passwordReset', { title: 'reset_password' })
|
2019-05-29 05:21:06 -04:00
|
|
|
},
|
|
|
|
|
|
2019-07-04 08:40:12 -04:00
|
|
|
requestReset(req, res, next) {
|
2019-05-29 05:21:06 -04:00
|
|
|
const email = req.body.email.trim().toLowerCase()
|
|
|
|
|
const opts = {
|
|
|
|
|
endpointName: 'password_reset_rate_limit',
|
|
|
|
|
timeInterval: 60,
|
|
|
|
|
subjectName: req.ip,
|
|
|
|
|
throttle: 6
|
|
|
|
|
}
|
2019-07-04 08:40:12 -04:00
|
|
|
RateLimiter.addCount(opts, function(err, canContinue) {
|
|
|
|
|
if (err != null) {
|
|
|
|
|
return next(err)
|
|
|
|
|
}
|
2019-05-29 05:21:06 -04:00
|
|
|
if (!canContinue) {
|
|
|
|
|
return res.send(429, {
|
|
|
|
|
message: req.i18n.translate('rate_limit_hit_wait')
|
|
|
|
|
})
|
|
|
|
|
}
|
2019-07-04 08:40:12 -04:00
|
|
|
PasswordResetHandler.generateAndEmailResetToken(email, function(
|
2019-05-29 05:21:06 -04:00
|
|
|
err,
|
|
|
|
|
status
|
|
|
|
|
) {
|
|
|
|
|
if (err != null) {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.send(500, {
|
|
|
|
|
message: err.message
|
2019-05-29 05:21:06 -04:00
|
|
|
})
|
|
|
|
|
} else if (status === 'primary') {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.send(200, {
|
2019-05-29 05:21:06 -04:00
|
|
|
message: { text: req.i18n.translate('password_reset_email_sent') }
|
|
|
|
|
})
|
|
|
|
|
} else if (status === 'secondary') {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.send(404, {
|
2019-05-29 05:21:06 -04:00
|
|
|
message: req.i18n.translate('secondary_email_password_reset')
|
|
|
|
|
})
|
|
|
|
|
} else if (status === 'sharelatex') {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.send(404, {
|
|
|
|
|
message: `<a href="${
|
2019-05-29 05:21:06 -04:00
|
|
|
Settings.accountMerge.sharelatexHost
|
2019-07-04 08:40:12 -04:00
|
|
|
}/user/password/reset">${req.i18n.translate('reset_from_sl')}</a>`
|
2019-05-29 05:21:06 -04:00
|
|
|
})
|
|
|
|
|
} else {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.send(404, {
|
2019-05-29 05:21:06 -04:00
|
|
|
message: req.i18n.translate('cant_find_email')
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
renderSetPasswordForm(req, res) {
|
|
|
|
|
if (req.query.passwordResetToken != null) {
|
|
|
|
|
req.session.resetToken = req.query.passwordResetToken
|
|
|
|
|
return res.redirect('/user/password/set')
|
|
|
|
|
}
|
|
|
|
|
if (req.session.resetToken == null) {
|
|
|
|
|
return res.redirect('/user/password/reset')
|
|
|
|
|
}
|
2019-07-04 08:40:12 -04:00
|
|
|
res.render('user/setPassword', {
|
2019-05-29 05:21:06 -04:00
|
|
|
title: 'set_password',
|
|
|
|
|
passwordResetToken: req.session.resetToken
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
setNewUserPassword(req, res, next) {
|
|
|
|
|
const { passwordResetToken, password } = req.body
|
|
|
|
|
if (
|
2019-07-04 08:40:12 -04:00
|
|
|
!password ||
|
|
|
|
|
!passwordResetToken ||
|
|
|
|
|
AuthenticationManager.validatePassword(password.trim()) != null
|
2019-05-29 05:21:06 -04:00
|
|
|
) {
|
|
|
|
|
return res.sendStatus(400)
|
|
|
|
|
}
|
|
|
|
|
delete req.session.resetToken
|
2019-07-04 08:40:12 -04:00
|
|
|
PasswordResetHandler.setNewUserPassword(
|
|
|
|
|
passwordResetToken.trim(),
|
|
|
|
|
password.trim(),
|
|
|
|
|
function(err, found, userId) {
|
2019-05-29 05:21:06 -04:00
|
|
|
if (err && err.name && err.name === 'NotFoundError') {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.status(404).send('NotFoundError')
|
2019-05-29 05:21:06 -04:00
|
|
|
} else if (err && err.name && err.name === 'NotInV2Error') {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.status(403).send('NotInV2Error')
|
2019-05-29 05:21:06 -04:00
|
|
|
} else if (err && err.name && err.name === 'SLInV2Error') {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.status(403).send('SLInV2Error')
|
2019-05-29 05:21:06 -04:00
|
|
|
} else if (err && err.statusCode && err.statusCode === 500) {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.status(500)
|
2019-05-29 05:21:06 -04:00
|
|
|
} else if (err && !err.statusCode) {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.status(500)
|
2019-05-29 05:21:06 -04:00
|
|
|
} else if (found) {
|
2019-07-04 08:40:12 -04:00
|
|
|
if (userId == null) {
|
2019-05-29 05:21:06 -04:00
|
|
|
return res.sendStatus(200)
|
|
|
|
|
} // will not exist for v1-only users
|
2019-07-04 08:40:12 -04:00
|
|
|
UserSessionsManager.revokeAllUserSessions(
|
|
|
|
|
{ _id: userId },
|
2019-05-29 05:21:06 -04:00
|
|
|
[],
|
|
|
|
|
function(err) {
|
|
|
|
|
if (err != null) {
|
|
|
|
|
return next(err)
|
|
|
|
|
}
|
2019-07-04 08:40:12 -04:00
|
|
|
UserUpdater.removeReconfirmFlag(userId, function(err) {
|
2019-05-29 05:21:06 -04:00
|
|
|
if (err != null) {
|
|
|
|
|
return next(err)
|
|
|
|
|
}
|
|
|
|
|
if (req.body.login_after) {
|
2019-07-04 08:40:12 -04:00
|
|
|
UserGetter.getUser(userId, { email: 1 }, function(err, user) {
|
2019-05-29 05:21:06 -04:00
|
|
|
if (err != null) {
|
|
|
|
|
return next(err)
|
|
|
|
|
}
|
2019-07-04 08:40:12 -04:00
|
|
|
AuthenticationController.afterLoginSessionSetup(
|
2019-05-29 05:21:06 -04:00
|
|
|
req,
|
|
|
|
|
user,
|
|
|
|
|
function(err) {
|
|
|
|
|
if (err != null) {
|
2019-07-01 09:48:09 -04:00
|
|
|
logger.warn(
|
2019-05-29 05:21:06 -04:00
|
|
|
{ err, email: user.email },
|
|
|
|
|
'Error setting up session after setting password'
|
|
|
|
|
)
|
|
|
|
|
return next(err)
|
|
|
|
|
}
|
2019-07-04 08:40:12 -04:00
|
|
|
res.json({
|
2019-05-29 05:21:06 -04:00
|
|
|
redir:
|
|
|
|
|
AuthenticationController._getRedirectFromSession(
|
|
|
|
|
req
|
|
|
|
|
) || '/project'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
})
|
|
|
|
|
} else {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.sendStatus(200)
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
} else {
|
2019-07-04 08:40:12 -04:00
|
|
|
res.sendStatus(404)
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
}
|
