|
|
|
var sanitize = require('xss-escape')
|
|
|
|
, ip = require('./ip-trace')
|
|
|
|
|
|
|
|
module.exports = function(db) {
|
|
|
|
return function (req, res, next) {
|
|
|
|
req.resume()
|
|
|
|
|
|
|
|
function error(e) {
|
|
|
|
console.error(e)
|
|
|
|
return next(e || e.msg || 'ERROR')
|
|
|
|
}
|
|
|
|
|
|
|
|
var params = require('url').parse(req.url, true)
|
|
|
|
|
|
|
|
if (params && params.query.email && params.query.token) {
|
|
|
|
|
|
|
|
var email = sanitize(params.query.email)
|
|
|
|
, token = sanitize(params.query.token)
|
|
|
|
|
|
|
|
db.get(email, function(err, obj) {
|
|
|
|
if (err) return error(err)
|
|
|
|
|
|
|
|
// db read OK..
|
|
|
|
if (obj && ! obj.verified) {
|
|
|
|
if (obj.token === token) {
|
|
|
|
obj.verified = true
|
|
|
|
obj.trace = obj.trace.concat(ip(req))
|
|
|
|
|
|
|
|
db.put(email, obj, function(err) {
|
|
|
|
if (err) return error(err)
|
|
|
|
|
|
|
|
// db write OK..
|
|
|
|
res.statusCode = 302
|
|
|
|
res.setHeader('Location', '/verified.html')
|
|
|
|
return res.end()
|
|
|
|
})
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
error('email is already verified: '+ email)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
|
|
|
} else {
|
|
|
|
error('invalid input: '+ JSON.stringify(params.query))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|