From 6ed9da44690d5f68a5bb4e398c0a4ad4083ed6fa Mon Sep 17 00:00:00 2001
From: vantezzen <hello@vantezzen.io>
Date: Thu, 2 Apr 2020 17:09:11 +0200
Subject: #16 Implement Password reset

---
 start/app.js    |  2 ++
 start/events.js | 23 +++++++++++++++++++++++
 start/routes.js | 23 ++++++++++++++++++++++-
 3 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100644 start/events.js

(limited to 'start')

diff --git a/start/app.js b/start/app.js
index d0986fe..62a5ac3 100644
--- a/start/app.js
+++ b/start/app.js
@@ -20,6 +20,8 @@ const providers = [
   '@adonisjs/framework/providers/ViewProvider',
   '@adonisjs/session/providers/SessionProvider',
   '@adonisjs/shield/providers/ShieldProvider',
+  '@adonisjs/persona/providers/PersonaProvider',
+  '@adonisjs/mail/providers/MailProvider',
 ];
 
 /*
diff --git a/start/events.js b/start/events.js
new file mode 100644
index 0000000..0b7e28a
--- /dev/null
+++ b/start/events.js
@@ -0,0 +1,23 @@
+const Event = use('Event');
+const Mail = use('Mail');
+const Env = use('Env');
+
+Event.on('forgot::password', async ({ user, token }) => {
+  const body = `
+Hello ${user.username},
+we just recieved a request to reset your password of your Ferdi account.
+Use the link below to reset your password. If you havn't requested this, please ignore this message.
+
+${Env.get('APP_URL')}/user/reset?token=${encodeURIComponent(token)}
+
+This message was sent automatically. Please do not reply.
+`;
+console.log('Sending message', body);
+  try {
+    await Mail.raw(body, (message) => {
+      message.subject('[Ferdi] Reset your password')
+      message.from('noreply@getferdi.com')
+      message.to(user.email)
+    });
+  } catch(e) {}
+});
\ No newline at end of file
diff --git a/start/routes.js b/start/routes.js
index b96fa16..1c2d4f3 100644
--- a/start/routes.js
+++ b/start/routes.js
@@ -65,16 +65,37 @@ if (Env.get('IS_DASHBOARD_ENABLED') != 'false') {
     // Auth
     Route.get('login', ({ view }) => view.render('dashboard.login')).middleware('guest');
     Route.post('login', 'DashboardController.login').middleware('guest').as('login');
-  
+    
+    // Reset password
+    Route.get('forgot', ({ view }) => view.render('dashboard.forgotPassword')).middleware('guest');
+    Route.post('forgot', 'DashboardController.forgotPassword').middleware('guest');
+
+    Route.get('reset', ({ view, request }) => {
+      const token = request.get().token;
+      if (token) {
+        return view.render('dashboard.resetPassword', { token })
+      } else {
+        return view.render('others.message', {
+          heading: 'Invalid token',
+          text: 'Please make sure you are using a valid and recent link to reset your password.',
+        });
+      }
+    }).middleware('guest');
+    Route.post('reset', 'DashboardController.resetPassword').middleware('guest');
+
     // Dashboard
     Route.get('account', 'DashboardController.account').middleware('auth:session');
     Route.post('account', 'DashboardController.edit').middleware('auth:session');
+
     Route.get('data', 'DashboardController.data').middleware('auth:session');
+
     Route.get('export', 'DashboardController.export').middleware('auth:session');
     Route.post('transfer', 'DashboardController.import').middleware('auth:session');
     Route.get('transfer', ({ view }) => view.render('dashboard.transfer')).middleware('auth:session');
+   
     Route.get('delete', ({ view }) => view.render('dashboard.delete')).middleware('auth:session');
     Route.post('delete', 'DashboardController.delete').middleware('auth:session');
+   
     Route.get('logout', 'DashboardController.logout').middleware('auth:session');
   
     Route.get('*', ({ response }) => response.redirect('/user/account'));
-- 
cgit v1.2.3-54-g00ecf