This repository has been archived by the owner on Jun 14, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
102 lines (83 loc) · 2.98 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
var http = require('http')
var appa = require('appa')
var send = require('appa/send')
var error = require('appa/error')
var memdb = require('memdb')
var stub = require('nodemailer-stub-transport')
var townshipAccounts = require('township-accounts')
var townshipEmail = require('township-email')
var resetTokens = require('../index')
var db = memdb()
var app = appa()
var secret = 'choose something more secret'
var accounts = townshipAccounts(db, {
secret: secret
})
var reset = resetTokens(db, {
secret: secret
})
var email = townshipEmail({
transport: stub()
})
app.on('/account', function (req, res, ctx) {
if (req.method === 'POST') {
return accounts.register(ctx.body, function (err, account) {
if (err) return error(403, 'problem creating account').pipe(res)
send(account).pipe(res)
})
} else {
error(405, 'Method not allowed').pipe(res)
}
})
app.on('/login', function (req, res, ctx) {
if (req.method === 'POST') {
return accounts.login(ctx.body, function (err, account) {
if (err) return error(403, 'problem logging in to account').pipe(res)
send(account).pipe(res)
})
} else {
error(405, 'Method not allowed').pipe(res)
}
})
app.on('/reset/:accountKey', function (req, res, ctx) {
var accountKey = ctx.params.accountKey
if (req.method === 'POST') {
accounts.auth.get(accountKey, function (err, authData) {
if (err) return error(404, 'account not found').pipe(res)
reset.create({ accountKey: accountKey }, function (err, token) {
if (err) return error(500, 'problem creating reset token').pipe(res)
var url = `http://example.com/${accountKey}/${token}`
var emailOptions = { to: authData.email, from: 'hey@hi.com', url: url }
email.confirm(emailOptions, function (err, info) {
if (err) return error(500, 'problem sending confirmation email').pipe(res)
// pretend like i'm checking my email with a link to fill out a form
// but just for this demo i'll grab the info i need from this response:
send({ accountKey: accountKey, resetToken: token }).pipe(res)
})
})
})
} else {
error(405, 'Method not allowed').pipe(res)
}
})
app.on('/reset/:accountKey/:token', function (req, res, ctx) {
var accountKey = ctx.params.accountKey
if (req.method === 'POST') {
accounts.auth.get(accountKey, function (err, authData) {
if (err) return error(404, 'account not found').pipe(res)
ctx.body.email = authData.basic.email
reset.confirm(ctx.params, function (err) {
if (err) return error(500, 'problem resetting password').pipe(res)
accounts.updatePassword(ctx.body, function (err, huh) {
if (err) return error(500, 'problem resetting password').pipe(res)
send({ reset: 'success' }).pipe(res)
})
})
})
} else {
error(405, 'Method not allowed').pipe(res)
}
})
http.createServer(app).listen(4343, function () {
app.log.info('server started on http://127.0.0.1:4343')
})