mirror of
https://github.com/codeninjasllc/codecombat.git
synced 2024-11-28 10:06:08 -05:00
3d705e5d70
Fix link to /teachers/classes (fixes bugquest#20) Fix edit button color/icon (bugquest#23) Fix bugquest#34 Fix password input width (bugquest#33) Center new pasword text Fix teacher password reset endpoint (bugquest#4) Refactor+use NewHomeView logic for user page button (Fixes bugquest#2) Refactor teacher-password-reset endpoint This makes it much easier to prevent collisions with other logic when PUTing new User attributes. Add regression test for converting to teacher account Fix email verified links, require login (fix bugquest#16) Fix me having stale emailVerified value (Fixes bugquest#40) Don't show JoinClassModal to students Add paragraph to JoinClassModal (fixes bugquest#14) Update change-password label text (fixes bugquest#30) Fix prompting for login on Account Settings page (bugquest #10) Show validation errors for teacher password reset (bugquest#36) Show yellow progress dot in My Classes if anyone has started (bugquest#55) Remove confusing text (bugquest#100)
96 lines
3.7 KiB
CoffeeScript
96 lines
3.7 KiB
CoffeeScript
_ = require 'lodash'
|
|
co = require 'co'
|
|
errors = require '../commons/errors'
|
|
wrap = require 'co-express'
|
|
Promise = require 'bluebird'
|
|
parse = require '../commons/parse'
|
|
request = require 'request'
|
|
mongoose = require 'mongoose'
|
|
sendwithus = require '../sendwithus'
|
|
User = require '../models/User'
|
|
Classroom = require '../models/Classroom'
|
|
|
|
|
|
module.exports =
|
|
fetchByGPlusID: wrap (req, res, next) ->
|
|
gpID = req.query.gplusID
|
|
gpAT = req.query.gplusAccessToken
|
|
return next() unless gpID and gpAT
|
|
|
|
dbq = User.find()
|
|
dbq.select(parse.getProjectFromReq(req))
|
|
url = "https://www.googleapis.com/oauth2/v2/userinfo?access_token=#{gpAT}"
|
|
[googleRes, body] = yield request.getAsync(url, {json: true})
|
|
idsMatch = gpID is body.id
|
|
throw new errors.UnprocessableEntity('Invalid G+ Access Token.') unless idsMatch
|
|
user = yield User.findOne({gplusID: gpID})
|
|
throw new errors.NotFound('No user with that G+ ID') unless user
|
|
res.status(200).send(user.toObject({req: req}))
|
|
|
|
fetchByFacebookID: wrap (req, res, next) ->
|
|
fbID = req.query.facebookID
|
|
fbAT = req.query.facebookAccessToken
|
|
return next() unless fbID and fbAT
|
|
|
|
dbq = User.find()
|
|
dbq.select(parse.getProjectFromReq(req))
|
|
url = "https://graph.facebook.com/me?access_token=#{fbAT}"
|
|
[facebookRes, body] = yield request.getAsync(url, {json: true})
|
|
idsMatch = fbID is body.id
|
|
throw new errors.UnprocessableEntity('Invalid Facebook Access Token.') unless idsMatch
|
|
user = yield User.findOne({facebookID: fbID})
|
|
throw new errors.NotFound('No user with that Facebook ID') unless user
|
|
res.status(200).send(user.toObject({req: req}))
|
|
|
|
removeFromClassrooms: wrap (req, res, next) ->
|
|
yield req.user.removeFromClassrooms()
|
|
next()
|
|
|
|
remainTeacher: wrap (req, res, next) ->
|
|
yield req.user.removeFromClassrooms()
|
|
user = yield User.findById req.user.id
|
|
res.status(200).send(user.toObject({req: req}))
|
|
|
|
becomeStudent: wrap (req, res, next) ->
|
|
userID = mongoose.Types.ObjectId(req.user.id)
|
|
yield Classroom.remove({ ownerID: userID }, false)
|
|
userID = mongoose.Types.ObjectId(req.user.id)
|
|
yield User.update({ _id: userID }, { $set: { "role": "student" } })
|
|
user = yield User.findById req.user.id
|
|
res.status(200).send(user.toObject({req: req}))
|
|
|
|
verifyEmailAddress: wrap (req, res, next) ->
|
|
user = yield User.findOne({ _id: mongoose.Types.ObjectId(req.params.userID) })
|
|
[timestamp, hash] = req.params.verificationCode.split(':')
|
|
unless user
|
|
throw new errors.UnprocessableEntity('User not found')
|
|
unless req.params.verificationCode is user.verificationCode(timestamp)
|
|
throw new errors.UnprocessableEntity('Verification code does not match')
|
|
yield User.update({ _id: user.id }, { emailVerified: true })
|
|
res.status(200).send({ role: user.get('role') })
|
|
|
|
resetEmailVerifiedFlag: wrap (req, res, next) ->
|
|
newEmail = req.body.email
|
|
_id = mongoose.Types.ObjectId(req.body._id)
|
|
if newEmail
|
|
user = yield User.findOne({ _id })
|
|
oldEmail = user.get('email')
|
|
if newEmail isnt oldEmail
|
|
yield User.update({ _id }, { $set: { emailVerified: false } })
|
|
next()
|
|
|
|
sendVerificationEmail: wrap (req, res, next) ->
|
|
user = yield User.findById(req.params.userID)
|
|
timestamp = (new Date).getTime()
|
|
if not user
|
|
throw new errors.NotFound('User not found')
|
|
context =
|
|
email_id: sendwithus.templates.verify_email
|
|
recipient:
|
|
address: user.get('email')
|
|
name: user.broadName()
|
|
email_data:
|
|
name: user.broadName()
|
|
verify_link: "http://codecombat.com/user/#{user._id}/verify/#{user.verificationCode(timestamp)}"
|
|
sendwithus.api.send context, (err, result) ->
|
|
res.status(200).send({})
|