From ea03e3766efffeb5e6b9bb90f566e64bf44640f3 Mon Sep 17 00:00:00 2001 From: vantezzen Date: Wed, 4 Sep 2019 09:59:25 +0200 Subject: Add user dashboard --- app/Controllers/Http/DashboardController.js | 155 ++++++++++++++++++++++++++++ app/Controllers/Http/UserController.js | 11 +- app/Exceptions/Handler.js | 2 + 3 files changed, 165 insertions(+), 3 deletions(-) create mode 100644 app/Controllers/Http/DashboardController.js (limited to 'app') diff --git a/app/Controllers/Http/DashboardController.js b/app/Controllers/Http/DashboardController.js new file mode 100644 index 0000000..aa8127f --- /dev/null +++ b/app/Controllers/Http/DashboardController.js @@ -0,0 +1,155 @@ +'use strict' + +const { + validateAll +} = use('Validator'); + +const crypto = require('crypto'); + +class DashboardController { + async login({ + request, + response, + auth, + session + }) { + const validation = await validateAll(request.all(), { + mail: 'required|email', + password: 'required', + }); + if (validation.fails()) { + session.withErrors({ + type: 'danger', + message: 'Invalid mail or password' + }).flashExcept(['password']); + return response.redirect('back'); + } + + let { + mail, + password + } = request.all() + + const hashedPassword = crypto.createHash('sha256').update(password).digest('base64'); + + try { + await auth.authenticator('session').attempt(mail, hashedPassword) + } catch (error) { + session.flash({ + type: 'danger', + message: 'Invalid mail or password' + }) + return response.redirect('back'); + } + return response.redirect('/user/account'); + } + + async account({ + auth, + view + }) { + try { + await auth.check() + } catch (error) { + return response.redirect('/user/login'); + } + + return view.render('dashboard.account', { + username: auth.user.username, + email: auth.user.email + }); + } + + async edit({ + auth, + request, + session, + view, + response + }) { + let validation = await validateAll(request.all(), { + username: 'required', + email: 'required' + }); + if (validation.fails()) { + session.withErrors(validation.messages()).flashExcept(['password']); + return response.redirect('back'); + } + + // Check new username + if (request.input('username') !== auth.user.username) { + validation = await validateAll(request.all(), { + username: 'required|unique:users,username', + email: 'required' + }); + if (validation.fails()) { + session.withErrors(validation.messages()).flashExcept(['password']); + return response.redirect('back'); + } + } + + // Check new email + if (request.input('email') !== auth.user.email) { + validation = await validateAll(request.all(), { + username: 'required', + email: 'required|email|unique:users,email' + }); + if (validation.fails()) { + session.withErrors(validation.messages()).flashExcept(['password']); + return response.redirect('back'); + } + } + + // Update user account + auth.user.username = request.input('username'); + auth.user.email = request.input('email'); + if (!!request.input('password')) { + const hashedPassword = crypto.createHash('sha256').update(request.input('password')).digest('base64'); + auth.user.password = hashedPassword; + } + auth.user.save(); + + return view.render('dashboard.account', { + username: auth.user.username, + email: auth.user.email, + success: true + }); + } + + async data({ + auth, + view + }) { + const general = auth.user; + const services = (await auth.user.services().fetch()).toJSON(); + const workspaces = (await auth.user.workspaces().fetch()).toJSON(); + + return view.render('dashboard.data', { + username: general.username, + mail: general.email, + created: general.created_at, + updated: general.updated_at, + services, + workspaces, + }); + } + + logout({ + auth, + response + }) { + auth.authenticator('session').logout(); + return response.redirect('/user/login'); + } + + delete({ + auth, + response + }) { + auth.user.delete(); + auth.authenticator('session').logout(); + return response.redirect('/user/login'); + } +} + +module.exports = DashboardController diff --git a/app/Controllers/Http/UserController.js b/app/Controllers/Http/UserController.js index 2a75f6e..ced27bb 100644 --- a/app/Controllers/Http/UserController.js +++ b/app/Controllers/Http/UserController.js @@ -192,9 +192,9 @@ class UserController { if(Env.get('CONNECT_WITH_FRANZ') == 'false') { await User.create({ - email: userInf.email, + email, password: hashedPassword, - username: userInf.firstname + username: 'Franz' }); return response.send('Your account has been created but due to this server\'s configuration, we could not import your Franz account data.\n\nIf you are the server owner, please set CONNECT_WITH_FRANZ to true to enable account imports.') @@ -231,13 +231,18 @@ class UserController { } // Get user information - let userInf; + let userInf = false; try { userInf = await franzRequest('me', 'GET', token) + console.log('A', userInf) } catch (e) { const errorMessage = 'Could not get your user info from Franz. Please check your credentials or try again later.\nError: ' + e; return response.status(401).send(errorMessage) } + if (!userInf) { + const errorMessage = 'Could not get your user info from Franz. Please check your credentials or try again later.\nError: ' + e; + return response.status(401).send(errorMessage) + } // Create user in DB let user; diff --git a/app/Exceptions/Handler.js b/app/Exceptions/Handler.js index 94d7246..efa2e0b 100644 --- a/app/Exceptions/Handler.js +++ b/app/Exceptions/Handler.js @@ -23,6 +23,8 @@ class ExceptionHandler extends BaseExceptionHandler { async handle (error, { request, response }) { if (error.name === 'ValidationException') { return response.status(400).send('Invalid arguments') + } else if (error.name === 'InvalidSessionException') { + return response.status(401).redirect('/user/login'); } response.status(error.status).send(error.message) -- cgit v1.2.3-54-g00ecf