forked from Squatconf/Website
implement the 2-stage email verification process
parent
023d1b039a
commit
756cf4ab72
@ -0,0 +1,16 @@
|
|||||||
|
var join = require('path').join
|
||||||
|
, name = 'squatconf'
|
||||||
|
, cwd = process.cwd()
|
||||||
|
|
||||||
|
module.exports = require('rc')(name, {
|
||||||
|
db_opts: { valueEncoding: 'json' }
|
||||||
|
, db_path: join(cwd, 'db', name)
|
||||||
|
, port: 8000
|
||||||
|
, host: "squatconf.eu"
|
||||||
|
, email: {
|
||||||
|
from : "no-reply@squatconf.eu"
|
||||||
|
, subject : "Hello, everyone is welcome at SquatConf.."
|
||||||
|
, bodyText : "Please verify that you wish to signup by following this link\n%link%\nYou can ignore this message if you DID NOT request to signup at our website\nhttp://squatconf.eu\n\nThe next event is in Paris, we hope to see you there !!\n\nKind regards from the team,\nSquatConf Paris 2014"
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
@ -1,13 +0,0 @@
|
|||||||
{
|
|
||||||
"db": {
|
|
||||||
"path": ""
|
|
||||||
},
|
|
||||||
|
|
||||||
"email": {
|
|
||||||
"from" : "no-reply@squatconf.eu"
|
|
||||||
, "subject" : "Hello, everyone is welcome at SquatConf.."
|
|
||||||
, "bodyText": "Please verify that you wish to signup by following this link\n%link%\nYou can ignore this message if you DID NOT request to signup at our website\nhttp://squatconf.eu\n\nThe next event is in Paris, we hope to see you there !!\n\nKind regards from the team,\nSquatConf Paris 2014"
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -0,0 +1,39 @@
|
|||||||
|
var sanitize = require('xss-escape')
|
||||||
|
, ip = require('./ip-trace')
|
||||||
|
|
||||||
|
module.exports = function(db) {
|
||||||
|
return function (req, res, next) {
|
||||||
|
req.resume()
|
||||||
|
|
||||||
|
var params = require('url').parse(req.url, true)
|
||||||
|
|
||||||
|
if (params && params.query.email && params.query.token) {
|
||||||
|
//console.log('got token:', params.query)
|
||||||
|
|
||||||
|
var email = sanitize(params.query.email)
|
||||||
|
, token = sanitize(params.query.token)
|
||||||
|
|
||||||
|
db.get(email, function(err, obj) {
|
||||||
|
if (err) next(err)
|
||||||
|
|
||||||
|
// db read OK..
|
||||||
|
if (obj && obj.token === token) {
|
||||||
|
obj.verified = true
|
||||||
|
obj.trace = obj.trace.concat(ip(req))
|
||||||
|
|
||||||
|
db.put(email, obj, function(err) {
|
||||||
|
if (err) next(err)
|
||||||
|
|
||||||
|
// db write OK..
|
||||||
|
res.statusCode = 302
|
||||||
|
res.setHeader('Location', '/verified.html')
|
||||||
|
return res.end()
|
||||||
|
})
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
if (next) return next()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,54 @@
|
|||||||
|
var sanitize = require('xss-escape')
|
||||||
|
, rn = require('./rng')
|
||||||
|
, ip = require('./ip-trace')
|
||||||
|
, config = require('../config')
|
||||||
|
|
||||||
|
module.exports = function(db) {
|
||||||
|
return function (req, res, next) {
|
||||||
|
req.resume()
|
||||||
|
|
||||||
|
var params = require('url').parse(req.url, true)
|
||||||
|
|
||||||
|
if (params && params.query.email) {
|
||||||
|
console.log('got email:', params.query)
|
||||||
|
|
||||||
|
var obj = {}
|
||||||
|
, email = sanitize(params.query.email)
|
||||||
|
|
||||||
|
obj.token = rn()
|
||||||
|
obj.verified = false
|
||||||
|
obj.events = { paris: params.query.paris ? true : false }
|
||||||
|
obj.trace = ip(req)
|
||||||
|
|
||||||
|
db.put(email, obj, function(err) {
|
||||||
|
if (err) next(err)
|
||||||
|
|
||||||
|
// db write OK..
|
||||||
|
var nodemailer = require('nodemailer')
|
||||||
|
, transporter = nodemailer.createTransport()
|
||||||
|
, url = 'http://squatconf.eu/confirm'
|
||||||
|
, link = url +'?email='+ email +'&token='+ obj.token +'\n\n'
|
||||||
|
|
||||||
|
var opts = {
|
||||||
|
from : config.email.from
|
||||||
|
, to : email
|
||||||
|
, subject: config.email.subject
|
||||||
|
, text : config.email.bodyText.replace(/\%link\%/, link)
|
||||||
|
}
|
||||||
|
|
||||||
|
transporter.sendMail(opts, function(err, data) {
|
||||||
|
if (err) throw err
|
||||||
|
// validation email sent
|
||||||
|
console.log('email sent..', data)
|
||||||
|
})
|
||||||
|
|
||||||
|
res.statusCode = 302
|
||||||
|
res.setHeader('Location', '/')
|
||||||
|
return res.end()
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
if (next) return next()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue