jketreno/ketr.photos
1
0
Fork 0
Code Issues 1 Activity

Email system plumbed to send authentication request.

Browse Source
This commit is contained in:
James Ketrenos 2018-10-01 14:07:36 -07:00
parent effb1f31c8
commit 1dc3d74743
3 changed files with 83 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package.json
View File

@ -21,10 +21,12 @@
"exif-reader": "github:paras20xx/exif-reader", "exif-reader": "github:paras20xx/exif-reader",
"express": "^4.16.2", "express": "^4.16.2",
"express-session": "^1.15.6", "express-session": "^1.15.6",
"handlebars": "^4.0.12",
"ldapauth-fork": "^4.0.2", "ldapauth-fork": "^4.0.2",
"mariasql": "^0.2.6", "mariasql": "^0.2.6",
"moment": "^2.22.2", "moment": "^2.22.2",
"morgan": "^1.9.0", "morgan": "^1.9.0",
"mustache": "^3.0.0",
"nodemailer": "^4.6.8", "nodemailer": "^4.6.8",
"qs": "^6.5.2", "qs": "^6.5.2",
"sequelize": "^4.28.6", "sequelize": "^4.28.6",

5
server/db/users.js
View File

@ -65,7 +65,10 @@ function init() {
key: 'id', key: 'id',
} }
} }
}) }, {
timestamps: false
});
return db.sequelize.sync({ return db.sequelize.sync({
force: false force: false
}).then(function () { }).then(function () {

88
server/routes/users.js
View File

@ -4,13 +4,14 @@ const express = require("express"),
config = require("config"), config = require("config"),
LdapAuth = require("ldapauth-fork"), LdapAuth = require("ldapauth-fork"),
crypto = require("crypto"), crypto = require("crypto"),
createTransport = require("nodemailer").createTransport; createTransport = require("nodemailer").createTransport,
hb = require("handlebars");
const router = express.Router(); const router = express.Router();
let userDB; let userDB;
let mail = createTransport({ let transporter = createTransport({
host: config.get("smtp.host"), host: config.get("smtp.host"),
pool: true, pool: true,
port: config.has("smtp.port") ? config.get("smtp.port") : 25 port: config.has("smtp.port") ? config.get("smtp.port") : 25
@ -34,6 +35,29 @@ router.get("/", function(req, res/*, next*/) {
return res.status(200).send({}); return res.status(200).send({});
}); });
const templates = {
"html": [
"<p>Dear {{name}},</p>",
"",
"<p>Welcome to HTML {{username}}.</p>",
"",
"<p>Your secret is: <b>{{secret}}</b>.</p>",
"",
"<p>Sincerely,</p>",
"<p>James</p>"
].join("\n"),
"text": [
"Dear {{name}},",
"",
"Welcome to TEXT {{username}}.",
"",
"Your secret is: {{secret}}.",
"",
"Sincerely,",
"James"
].join("\n")
};
function ldapPromise(username, password) { function ldapPromise(username, password) {
if (!ldap) { if (!ldap) {
return Promise.reject("LDAP not being used"); return Promise.reject("LDAP not being used");
@ -69,8 +93,10 @@ router.post("/create", function(req, res) {
return res.status(400).send("Email address already used."); return res.status(400).send("Email address already used.");
} }
let re = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; let re = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/,
secret = "magic cookie";
if (!re.exec(mail)) { if (!re.exec(mail)) {
console.log("Invalid email address: " + mail);
return res.status(400).send("Invalid email address."); return res.status(400).send("Invalid email address.");
} }
@ -89,20 +115,60 @@ router.post("/create", function(req, res) {
"(userId,issued,key,type) VALUES " + "(userId,issued,key,type) VALUES " +
"(:userId,CURRENT_TIMESTAMP,:key,'account-setup')", { "(:userId,CURRENT_TIMESTAMP,:key,'account-setup')", {
replacements: { replacements: {
key: "magic cookie", key: secret,
userId: metadata.lastID userId: metadata.lastID
} }
}).then(function() { }).catch(function(error) {
console.log(error);
throw error;
}); });
/* }).spread(function(results, metadata) {
req.session.user = { let data = {
name: name, username: name,
mail: mail, mail: mail,
username: username, secret: secret
}, envelope = {
to: mail,
from: config.get("smtp.sender"),
subject: "Request to create account for " + name,
cc: "",
bcc: "",
text: hb.compile(templates.text)(data),
html: hb.compile(templates.html)(data)
}; };
return res.status(200).send(req.session.user); return new Promise(function (resolve, reject) {
*/ let attempts = 10;
function send(envelope) {
/* Rate limit to ten per second */
transporter.sendMail(envelope, function (error, info) {
if (!error) {
console.log('Message sent: ' + info.response);
return resolve();
}
if (attempts == 0) {
console.log("Error sending email: ", error)
return reject(error);
}
attempts--;
console.log("Unable to send mail. Trying again in 100ms (" + attempts + " attempts remain): ", error);
setTimeout(send.bind(undefined, envelope), 100);
});
}
send(envelope);
});
}).then(function() { }).then(function() {
/*
req.session.user = {
name: name,
mail: mail,
username: username,
};
return res.status(200).send(req.session.user);
*/
req.session.user = {}; req.session.user = {};
return res.status(401).send("Account has not been authenticated."); return res.status(401).send("Account has not been authenticated.");
}); });