codecombat/app/core/auth.coffee

85 lines
2.8 KiB
CoffeeScript
Raw Normal View History

{backboneFailure, genericFailure, parseServerError} = require 'core/errors'
2014-01-03 13:32:13 -05:00
User = require 'models/User'
storage = require 'core/storage'
2014-01-03 13:32:13 -05:00
BEEN_HERE_BEFORE_KEY = 'beenHereBefore'
init = ->
module.exports.me = window.me = new User(window.userObject) # inserted into main.html
module.exports.me.onLoaded()
trackFirstArrival()
if me and not me.get('testGroupNumber')?
# Assign testGroupNumber to returning visitors; new ones in server/routes/auth
me.set 'testGroupNumber', Math.floor(Math.random() * 256)
me.patch()
Backbone.listenTo me, 'sync', -> Backbone.Mediator.publish('auth:me-synced', me: me)
2014-03-31 16:56:13 -04:00
module.exports.createUser = (userObject, failure=backboneFailure, nextURL=null) ->
2014-01-03 13:32:13 -05:00
user = new User(userObject)
user.notyErrors = false
2014-01-03 13:32:13 -05:00
user.save({}, {
2014-06-30 22:16:26 -04:00
error: (model, jqxhr, options) ->
error = parseServerError(jqxhr.responseText)
property = error.property if error.property
if jqxhr.status is 409 and property is 'name'
anonUserObject = _.omit(userObject, 'name')
module.exports.createUser anonUserObject, failure, nextURL
else
genericFailure(jqxhr)
success: -> if nextURL then window.location.href = nextURL else window.location.reload()
2014-01-03 13:32:13 -05:00
})
2014-05-06 19:58:08 -04:00
2014-04-24 18:27:37 -04:00
module.exports.createUserWithoutReload = (userObject, failure=backboneFailure) ->
user = new User(userObject)
user.save({}, {
error: failure
2014-05-06 19:58:08 -04:00
success: ->
2014-06-30 22:16:26 -04:00
Backbone.Mediator.publish('created-user-without-reload')
2014-04-24 18:27:37 -04:00
})
2014-01-03 13:32:13 -05:00
2015-02-11 19:12:26 -05:00
module.exports.loginUser = (userObject, failure=genericFailure, nextURL=null) ->
console.log 'logging in as', userObject.email
2014-01-03 13:32:13 -05:00
jqxhr = $.post('/auth/login',
{
2014-06-30 22:16:26 -04:00
username: userObject.email,
password: userObject.password
2014-01-03 13:32:13 -05:00
},
2015-02-11 19:12:26 -05:00
(model) -> if nextURL then window.location.href = nextURL else window.location.reload()
2014-01-03 13:32:13 -05:00
)
jqxhr.fail(failure)
module.exports.logoutUser = ->
2016-03-09 17:39:40 -05:00
# TODO: Refactor to use User.logout
FB?.logout?()
2015-02-24 11:54:30 -05:00
callback = ->
location = _.result(currentView, 'logoutRedirectURL')
if location
window.location = location
else
window.location.reload()
2015-02-24 11:54:30 -05:00
res = $.post('/auth/logout', {}, callback)
2014-01-03 13:32:13 -05:00
res.fail(genericFailure)
Improve student account recovery This adds the ability to verify email addresses of a user, so we know they have access to the email address on their account. Until a user has verified their email address, any teacher of a class they're in can reset their password for them via the Teacher Dashboard. When a user's email address is verified, a teacher may trigger a password recovery email to be sent to the student. Verification links are valid forever, until the user changes the email address they have on file. They are created using a timestamp, with a sha256 of timestamp+salt+userID+email. Currently the hash value is rather long, could be shorter. Squashed commit messages: Add server endpoints for verifying email address Add server endpoints for verifying email address (pt 2) Add Server+Client endpoint for sending verification email Add client view for verification links Add Edit Student Modal for resetting passwords Add specs for EditStudentModal Tweak method name in EditStudentModal Add edit student button to TeacherClassView Fix up frontend for teacher password resetting Add middleware for teacher password resetting Improve button UX in EditStudentModal Add JoinClassModal Add welcome emails, use broad name Use email without domain as fallback instead of full email Fetch user on edit student modal open Don't allow password reset if student email is verified Set role to student on user signup with classCode Tweak interface for joinClassModal Add button to request verification email for yourself Fix verify email template ID Move text to en.coffee Minor tweaks Fix code review comments Fix some tests, disable a broken one Fix misc tests Fix more tests Refactor recovery email sending to auth Fix overbroad sass Add options to refactored recovery email function Rename getByCode to fetchByCode Fix error message Fix up error handling in users middleware Use .get instead of .toObject Use findById Fix more code review comments Disable still-broken test
2016-05-11 17:39:26 -04:00
module.exports.sendRecoveryEmail = (email, options={}) ->
options = _.merge(options,
{method: 'POST', url: '/auth/reset', data: { email }}
)
$.ajax(options)
2014-01-03 13:32:13 -05:00
onSetVolume = (e) ->
return if e.volume is me.get('volume')
me.set('volume', e.volume)
me.save()
Backbone.Mediator.subscribe('level:set-volume', onSetVolume, module.exports)
2014-01-03 13:32:13 -05:00
trackFirstArrival = ->
# will have to filter out users who log in with existing accounts separately
# but can at least not track logouts as first arrivals using local storage
2014-01-26 17:44:08 -05:00
beenHereBefore = storage.load(BEEN_HERE_BEFORE_KEY)
2014-01-03 13:32:13 -05:00
return if beenHereBefore
2014-01-06 20:45:35 -05:00
window.tracker?.trackEvent 'First Arrived'
2014-01-26 17:44:08 -05:00
storage.save(BEEN_HERE_BEFORE_KEY, true)
init()