implement the 2-stage email verification process
parent
023d1b039a
commit
756cf4ab72
@ -0,0 +1,16 @@
|
||||
var join = require('path').join
|
||||
, name = 'squatconf'
|
||||
, cwd = process.cwd()
|
||||
|
||||
module.exports = require('rc')(name, {
|
||||
db_opts: { valueEncoding: 'json' }
|
||||
, db_path: join(cwd, 'db', name)
|
||||
, port: 8000
|
||||
, host: "squatconf.eu"
|
||||
, email: {
|
||||
from : "no-reply@squatconf.eu"
|
||||
, subject : "Hello, everyone is welcome at SquatConf.."
|
||||
, bodyText : "Please verify that you wish to signup by following this link\n%link%\nYou can ignore this message if you DID NOT request to signup at our website\nhttp://squatconf.eu\n\nThe next event is in Paris, we hope to see you there !!\n\nKind regards from the team,\nSquatConf Paris 2014"
|
||||
}
|
||||
})
|
||||
|
@ -1,13 +0,0 @@
|
||||
{
|
||||
"db": {
|
||||
"path": ""
|
||||
},
|
||||
|
||||
"email": {
|
||||
"from" : "no-reply@squatconf.eu"
|
||||
, "subject" : "Hello, everyone is welcome at SquatConf.."
|
||||
, "bodyText": "Please verify that you wish to signup by following this link\n%link%\nYou can ignore this message if you DID NOT request to signup at our website\nhttp://squatconf.eu\n\nThe next event is in Paris, we hope to see you there !!\n\nKind regards from the team,\nSquatConf Paris 2014"
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -0,0 +1,39 @@
|
||||
var sanitize = require('xss-escape')
|
||||
, ip = require('./ip-trace')
|
||||
|
||||
module.exports = function(db) {
|
||||
return function (req, res, next) {
|
||||
req.resume()
|
||||
|
||||
var params = require('url').parse(req.url, true)
|
||||
|
||||
if (params && params.query.email && params.query.token) {
|
||||
//console.log('got token:', params.query)
|
||||
|
||||
var email = sanitize(params.query.email)
|
||||
, token = sanitize(params.query.token)
|
||||
|
||||
db.get(email, function(err, obj) {
|
||||
if (err) next(err)
|
||||
|
||||
// db read OK..
|
||||
if (obj && obj.token === token) {
|
||||
obj.verified = true
|
||||
obj.trace = obj.trace.concat(ip(req))
|
||||
|
||||
db.put(email, obj, function(err) {
|
||||
if (err) next(err)
|
||||
|
||||
// db write OK..
|
||||
res.statusCode = 302
|
||||
res.setHeader('Location', '/verified.html')
|
||||
return res.end()
|
||||
})
|
||||
}
|
||||
})
|
||||
|
||||
if (next) return next()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -0,0 +1,54 @@
|
||||
var sanitize = require('xss-escape')
|
||||
, rn = require('./rng')
|
||||
, ip = require('./ip-trace')
|
||||
, config = require('../config')
|
||||
|
||||
module.exports = function(db) {
|
||||
return function (req, res, next) {
|
||||
req.resume()
|
||||
|
||||
var params = require('url').parse(req.url, true)
|
||||
|
||||
if (params && params.query.email) {
|
||||
console.log('got email:', params.query)
|
||||
|
||||
var obj = {}
|
||||
, email = sanitize(params.query.email)
|
||||
|
||||
obj.token = rn()
|
||||
obj.verified = false
|
||||
obj.events = { paris: params.query.paris ? true : false }
|
||||
obj.trace = ip(req)
|
||||
|
||||
db.put(email, obj, function(err) {
|
||||
if (err) next(err)
|
||||
|
||||
// db write OK..
|
||||
var nodemailer = require('nodemailer')
|
||||
, transporter = nodemailer.createTransport()
|
||||
, url = 'http://squatconf.eu/confirm'
|
||||
, link = url +'?email='+ email +'&token='+ obj.token +'\n\n'
|
||||
|
||||
var opts = {
|
||||
from : config.email.from
|
||||
, to : email
|
||||
, subject: config.email.subject
|
||||
, text : config.email.bodyText.replace(/\%link\%/, link)
|
||||
}
|
||||
|
||||
transporter.sendMail(opts, function(err, data) {
|
||||
if (err) throw err
|
||||
// validation email sent
|
||||
console.log('email sent..', data)
|
||||
})
|
||||
|
||||
res.statusCode = 302
|
||||
res.setHeader('Location', '/')
|
||||
return res.end()
|
||||
})
|
||||
}
|
||||
|
||||
if (next) return next()
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue