src/Controllers/UserController.js

import { randomString } from '../cryptoUtils';
import { inflate } from '../triggers';
import AdaptableController from './AdaptableController';
import MailAdapter from '../Adapters/Email/MailAdapter';

var DatabaseAdapter = require('../DatabaseAdapter');
var RestWrite = require('../RestWrite');
var hash = require('../password').hash;
var Auth = require('../Auth');

export class UserController extends AdaptableController {

  constructor(adapter, appId, options = {}) {
    super(adapter, appId, options);
  }

  validateAdapter(adapter) {
    // Allow no adapter
    if (!adapter && !this.shouldVerifyEmails) {
      return;
    }
    super.validateAdapter(adapter);
  }
  
  expectedAdapterType() {
    return MailAdapter;
  }
  
  get shouldVerifyEmails() {
    return this.options.verifyUserEmails;
  }
  
  setEmailVerifyToken(user) {
    if (this.shouldVerifyEmails) {
      user._email_verify_token = randomString(25);
      user.emailVerified = false;
    }
  }
  
  
  verifyEmail(username, token) {
    
    return new Promise((resolve, reject) => {
      
      // Trying to verify email when not enabled
      if (!this.shouldVerifyEmails) {
        reject();
        return;
      }
      
      var database = this.config.database;
     
      database.collection('_User').then(coll => {
        // Need direct database access because verification token is not a parse field
        return coll.findAndModify({
          username: username,
          _email_verify_token: token,
        }, null, {$set: {emailVerified: true}}, (err, doc) => {
          if (err || !doc.value) {
            reject(err);
          } else {
            resolve(doc.value);
          }
        });
      });
       
    });    
  }
  
  checkResetTokenValidity(username, token) {
    return new Promise((resolve, reject) => {
      return this.config.database.collection('_User').then(coll => {
        return coll.findOne({
          username: username,
          _perishable_token: token,
        }, (err, doc) => {
          if (err || !doc) {
            reject(err);
          } else {
            resolve(doc);
          }
        });
      });
    });
  }
  

  sendVerificationEmail(user) {
    if (!this.shouldVerifyEmails) {
      return;
    }
    
    const token = encodeURIComponent(user._email_verify_token);
    const username = encodeURIComponent(user.username);
   
    let link = `${this.config.verifyEmailURL}?token=${token}&username=${username}`;
    this.adapter.sendVerificationEmail({
      appName: this.config.appName,
      link: link,
      user: inflate('_User', user),
    });
  }
  
  setPasswordResetToken(email) {
    var database = this.config.database;
    var token = randomString(25);
    return new Promise((resolve, reject) => {
      return database.collection('_User').then(coll => {
        // Need direct database access because verification token is not a parse field
        return coll.findAndModify({
          email: email,
        }, null, {$set: {_perishable_token: token}}, (err, doc) => {
          if (err || !doc.value) {
            console.error(err);
            reject(err);
          } else {
            doc.value._perishable_token = token;
            resolve(doc.value);
          }
        });
      });
    });
  }

  sendPasswordResetEmail(email) {
    if (!this.adapter) {
      throw "Trying to send a reset password but no adapter is set";
      //  TODO: No adapter?
      return;
    }
    
    return this.setPasswordResetToken(email).then((user) => {

      const token = encodeURIComponent(user._perishable_token);
      const username = encodeURIComponent(user.username);    
      let link = `${this.config.requestResetPasswordURL}?token=${token}&username=${username}`
      this.adapter.sendPasswordResetEmail({
        appName: this.config.appName,
        link: link,
        user: inflate('_User', user),
      });
      return Promise.resolve(user);
    });
  }
  
  updatePassword(username, token, password, config) {
   return this.checkResetTokenValidity(username, token).then(() => {
     return updateUserPassword(username, token, password, this.config);
   });
  }
}

// Mark this private
function updateUserPassword(username, token, password, config) { 
    var write = new RestWrite(config, Auth.master(config), '_User', {
            username: username, 
            _perishable_token: token
          }, {password: password, _perishable_token: null }, undefined);
    return write.execute();
 }

export default UserController;
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`import { randomString } from '../cryptoUtils';`
			`import { inflate } from '../triggers';`
			`import AdaptableController from './AdaptableController';`
			`import MailAdapter from '../Adapters/Email/MailAdapter';`
Refactors verify_email, adds public html 2016-02-25 19:04:27 -05:00
			`var DatabaseAdapter = require('../DatabaseAdapter');`
Adds reset password logic 2016-02-27 14:46:29 -05:00			`var RestWrite = require('../RestWrite');`
			`var hash = require('../password').hash;`
			`var Auth = require('../Auth');`
Refactors verify_email, adds public html 2016-02-25 19:04:27 -05:00
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`export class UserController extends AdaptableController {`

			`constructor(adapter, appId, options = {}) {`
			`super(adapter, appId, options);`
			`}`

			`validateAdapter(adapter) {`
			`// Allow no adapter`
			`if (!adapter && !this.shouldVerifyEmails) {`
			`return;`
			`}`
			`super.validateAdapter(adapter);`
			`}`
Refactors verify_email, adds public html 2016-02-25 19:04:27 -05:00
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`expectedAdapterType() {`
			`return MailAdapter;`
Refactors verify_email, adds public html 2016-02-25 19:04:27 -05:00			`}`

Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`get shouldVerifyEmails() {`
			`return this.options.verifyUserEmails;`
			`}`

			`setEmailVerifyToken(user) {`
			`if (this.shouldVerifyEmails) {`
			`user._email_verify_token = randomString(25);`
			`user.emailVerified = false;`
			`}`
			`}`


Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`verifyEmail(username, token) {`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00
			`return new Promise((resolve, reject) => {`

			`// Trying to verify email when not enabled`
			`if (!this.shouldVerifyEmails) {`
			`reject();`
			`return;`
			`}`

Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`var database = this.config.database;`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00
			`database.collection('_User').then(coll => {`
			`// Need direct database access because verification token is not a parse field`
			`return coll.findAndModify({`
			`username: username,`
			`_email_verify_token: token,`
			`}, null, {$set: {emailVerified: true}}, (err, doc) => {`
			`if (err \|\| !doc.value) {`
Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`reject(err);`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`} else {`
Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`resolve(doc.value);`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`}`
			`});`
			`});`

			`});`
			`}`

Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`checkResetTokenValidity(username, token) {`
Refactors verify_email, adds public html 2016-02-25 19:04:27 -05:00			`return new Promise((resolve, reject) => {`
Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`return this.config.database.collection('_User').then(coll => {`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`return coll.findOne({`
			`username: username,`
Adds reset password logic 2016-02-27 14:46:29 -05:00			`_perishable_token: token,`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`}, (err, doc) => {`
Adds reset password logic 2016-02-27 14:46:29 -05:00			`if (err \|\| !doc) {`
			`reject(err);`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`} else {`
Adds reset password logic 2016-02-27 14:46:29 -05:00			`resolve(doc);`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`}`
			`});`
			`});`
			`});`
			`}`

Adds reset password logic 2016-02-27 14:46:29 -05:00
Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`sendVerificationEmail(user) {`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`if (!this.shouldVerifyEmails) {`
			`return;`
			`}`

			`const token = encodeURIComponent(user._email_verify_token);`
			`const username = encodeURIComponent(user.username);`

Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			let link = `${this.config.verifyEmailURL}?token=${token}&username=${username}`;
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`this.adapter.sendVerificationEmail({`
Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`appName: this.config.appName,`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`link: link,`
			`user: inflate('_User', user),`
Refactors verify_email, adds public html 2016-02-25 19:04:27 -05:00			`});`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`}`

Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`setPasswordResetToken(email) {`
			`var database = this.config.database;`
Adds reset password logic 2016-02-27 14:46:29 -05:00			`var token = randomString(25);`
			`return new Promise((resolve, reject) => {`
			`return database.collection('_User').then(coll => {`
			`// Need direct database access because verification token is not a parse field`
			`return coll.findAndModify({`
			`email: email,`
			`}, null, {$set: {_perishable_token: token}}, (err, doc) => {`
			`if (err \|\| !doc.value) {`
			`console.error(err);`
			`reject(err);`
			`} else {`
			`doc.value._perishable_token = token;`
			`resolve(doc.value);`
			`}`
			`});`
			`});`
			`});`
			`}`

Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`sendPasswordResetEmail(email) {`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`if (!this.adapter) {`
Adds reset password logic 2016-02-27 14:46:29 -05:00			`throw "Trying to send a reset password but no adapter is set";`
			`// TODO: No adapter?`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`return;`
			`}`
Refactors verify_email, adds public html 2016-02-25 19:04:27 -05:00
Adds reset password logic 2016-02-27 14:46:29 -05:00			`return this.setPasswordResetToken(email).then((user) => {`

			`const token = encodeURIComponent(user._perishable_token);`
			`const username = encodeURIComponent(user.username);`
Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			let link = `${this.config.requestResetPasswordURL}?token=${token}&username=${username}`
Adds reset password logic 2016-02-27 14:46:29 -05:00			`this.adapter.sendPasswordResetEmail({`
Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`appName: this.config.appName,`
Adds reset password logic 2016-02-27 14:46:29 -05:00			`link: link,`
			`user: inflate('_User', user),`
			`});`
			`return Promise.resolve(user);`
Refactor and advancements - Drops mailController, centralized in UserController - Adds views folder for change_password - Improves PromiseRouter to support text results - Improves PromiseRouter to support empty responses for redirects - Adds options to AdaptableController - UsersController gracefully fails when no adapter is set - Refactors GlobalConfig into same style for Routers 2016-02-27 10:51:12 -05:00			`});`
			`}`
Adds reset password logic 2016-02-27 14:46:29 -05:00
Sends verification email upon set and update email - nits 2016-02-27 15:24:45 -05:00			`updatePassword(username, token, password, config) {`
			`return this.checkResetTokenValidity(username, token).then(() => {`
			`return updateUserPassword(username, token, password, this.config);`
Adds reset password logic 2016-02-27 14:46:29 -05:00			`});`
			`}`
Refactors verify_email, adds public html 2016-02-25 19:04:27 -05:00			`}`

Adds reset password logic 2016-02-27 14:46:29 -05:00			`// Mark this private`
			`function updateUserPassword(username, token, password, config) {`
			`var write = new RestWrite(config, Auth.master(config), '_User', {`
			`username: username,`
			`_perishable_token: token`
			`}, {password: password, _perishable_token: null }, undefined);`
			`return write.execute();`
			`}`

Refactors verify_email, adds public html 2016-02-25 19:04:27 -05:00			`export default UserController;`