2019-05-29 05:21:06 -04:00
|
|
|
const settings = require('settings-sharelatex')
|
|
|
|
|
const UserGetter = require('../User/UserGetter')
|
|
|
|
|
const OneTimeTokenHandler = require('../Security/OneTimeTokenHandler')
|
|
|
|
|
const EmailHandler = require('../Email/EmailHandler')
|
|
|
|
|
const AuthenticationManager = require('../Authentication/AuthenticationManager')
|
|
|
|
|
|
2019-07-04 08:40:12 -04:00
|
|
|
const PasswordResetHandler = {
|
2019-05-29 05:21:06 -04:00
|
|
|
generateAndEmailResetToken(email, callback) {
|
2019-06-14 12:31:46 -04:00
|
|
|
UserGetter.getUserByAnyEmail(email, (err, user) => {
|
|
|
|
|
if (err || !user) {
|
|
|
|
|
return callback(err, null)
|
|
|
|
|
}
|
|
|
|
|
if (user.email !== email) {
|
|
|
|
|
return callback(null, 'secondary')
|
|
|
|
|
}
|
|
|
|
|
const data = { user_id: user._id.toString(), email: email }
|
|
|
|
|
OneTimeTokenHandler.getNewToken('password', data, (err, token) => {
|
|
|
|
|
if (err) {
|
|
|
|
|
return callback(err)
|
|
|
|
|
}
|
|
|
|
|
const emailOptions = {
|
|
|
|
|
to: email,
|
|
|
|
|
setNewPasswordUrl: `${
|
|
|
|
|
settings.siteUrl
|
|
|
|
|
}/user/password/set?passwordResetToken=${token}&email=${encodeURIComponent(
|
|
|
|
|
email
|
|
|
|
|
)}`
|
|
|
|
|
}
|
|
|
|
|
EmailHandler.sendEmail('passwordResetRequested', emailOptions, err => {
|
2019-05-29 05:21:06 -04:00
|
|
|
if (err) {
|
|
|
|
|
return callback(err)
|
|
|
|
|
}
|
2019-06-14 12:31:46 -04:00
|
|
|
callback(null, 'primary')
|
2019-05-29 05:21:06 -04:00
|
|
|
})
|
2019-06-14 12:31:46 -04:00
|
|
|
})
|
2019-05-29 05:21:06 -04:00
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
setNewUserPassword(token, password, callback) {
|
2019-06-14 12:31:46 -04:00
|
|
|
PasswordResetHandler.getUserForPasswordResetToken(token, (err, user) => {
|
|
|
|
|
if (err) {
|
|
|
|
|
return callback(err)
|
2019-07-04 08:40:12 -04:00
|
|
|
}
|
2019-06-14 12:31:46 -04:00
|
|
|
if (!user) {
|
|
|
|
|
return callback(null, false, null)
|
|
|
|
|
}
|
|
|
|
|
AuthenticationManager.setUserPassword(
|
|
|
|
|
user._id,
|
|
|
|
|
password,
|
|
|
|
|
(err, reset) => {
|
|
|
|
|
if (err) {
|
|
|
|
|
return callback(err)
|
|
|
|
|
}
|
|
|
|
|
callback(null, reset, user._id)
|
|
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
})
|
2019-07-16 05:10:18 -04:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
getUserForPasswordResetToken(token, callback) {
|
|
|
|
|
OneTimeTokenHandler.getValueFromTokenAndExpire(
|
|
|
|
|
'password',
|
|
|
|
|
token,
|
|
|
|
|
(err, data) => {
|
|
|
|
|
if (err != null) {
|
|
|
|
|
if (err.name === 'NotFoundError') {
|
|
|
|
|
return callback(null, null)
|
|
|
|
|
} else {
|
2019-07-04 08:40:12 -04:00
|
|
|
return callback(err)
|
|
|
|
|
}
|
2019-07-16 05:10:18 -04:00
|
|
|
}
|
|
|
|
|
if (data == null || data.email == null) {
|
|
|
|
|
return callback(null, null)
|
|
|
|
|
}
|
|
|
|
|
UserGetter.getUserByMainEmail(
|
|
|
|
|
data.email,
|
|
|
|
|
{ _id: 1, 'overleaf.id': 1 },
|
|
|
|
|
(err, user) => {
|
|
|
|
|
if (err != null) {
|
|
|
|
|
callback(err)
|
|
|
|
|
} else if (user == null) {
|
|
|
|
|
callback(null, null)
|
|
|
|
|
} else if (
|
|
|
|
|
data.user_id != null &&
|
|
|
|
|
data.user_id === user._id.toString()
|
|
|
|
|
) {
|
2019-06-14 12:31:46 -04:00
|
|
|
callback(null, user)
|
2019-07-16 05:10:18 -04:00
|
|
|
} else if (
|
|
|
|
|
data.v1_user_id != null &&
|
|
|
|
|
user.overleaf != null &&
|
|
|
|
|
data.v1_user_id === user.overleaf.id
|
|
|
|
|
) {
|
2019-06-14 12:31:46 -04:00
|
|
|
callback(null, user)
|
2019-07-16 05:10:18 -04:00
|
|
|
} else {
|
|
|
|
|
callback(null, null)
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
2019-07-04 08:40:12 -04:00
|
|
|
}
|
|
|
|
|
)
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
2019-07-16 05:10:18 -04:00
|
|
|
)
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
|
|
|
|
}
|
2019-07-04 08:40:12 -04:00
|
|
|
|
|
|
|
|
module.exports = PasswordResetHandler
|
