Started adding authentication mailer sequence

2018-10-01 11:45:29 -07:00 · 2018-10-01 11:45:29 -07:00 · effb1f31c8
commit effb1f31c8
parent 44924b3dc7
3 changed files with 45 additions and 2 deletions
--- a/package.json
+++ b/package.json
@ -25,6 +25,7 @@
    "mariasql": "^0.2.6",
    "moment": "^2.22.2",
    "morgan": "^1.9.0",
+    "nodemailer": "^4.6.8",
    "qs": "^6.5.2",
    "sequelize": "^4.28.6",
    "sequelize-mysql": "^1.7.0",
--- a/server/db/users.js
+++ b/server/db/users.js
@ -45,6 +45,27 @@ function init() {
    }, {
      timestamps: false
    });
+
+    const Authentication = db.sequelize.define('authentication', {
+      key: {
+        type: Sequelize.STRING,
+        primaryKey: true,
+        allowNull: false
+      },
+      issued: Sequelize.DATE,
+      type: {
+        type: Sequelize.ENUM,
+        values: [ 'account-setup', 'password-reset' ]
+      },
+      userId: {
+        type: Sequelize.INTEGER,
+        allowNull: false,
+        references: {
+          model: User,
+          key: 'id',
+        }
+      }
+    })
    return db.sequelize.sync({
      force: false
    }).then(function () {
--- a/server/routes/users.js
+++ b/server/routes/users.js
@ -3,12 +3,18 @@
 const express = require("express"),
  config = require("config"),
  LdapAuth = require("ldapauth-fork"),
-  crypto = require("crypto");
+  crypto = require("crypto"),
+  createTransport = require("nodemailer").createTransport;

 const router = express.Router();

 let userDB;

+let mail = createTransport({
+  host: config.get("smtp.host"),
+  pool: true,
+  port: config.has("smtp.port") ? config.get("smtp.port") : 25
+});

 let ldap;
 if (config.has("ldap.url")) {
@ -63,6 +69,11 @@ router.post("/create", function(req, res) {
      return res.status(400).send("Email address already used.");
    }

+    let re = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
+    if (!re.exec(mail)) {
+      return res.status(400).send("Invalid email address.");
+    }
+
    return userDB.sequelize.query("INSERT INTO users " + 
        "(uid,displayName,password,mail,memberSince,authenticated,notes) " +
        "VALUES(:username,:name,:password,:mail,CURRENT_TIMESTAMP,0,:notes)", {
@ -73,7 +84,16 @@ router.post("/create", function(req, res) {
        mail: mail,
        notes: who
      }
-    }).then(function(results) {
+    }).spread(function(results, metadata) {
+      return userDB.sequelize.query("INSERT INTO authentications " + 
+        "(userId,issued,key,type) VALUES " +
+        "(:userId,CURRENT_TIMESTAMP,:key,'account-setup')", {
+        replacements: {
+          key: "magic cookie",
+          userId: metadata.lastID
+        }
+      }).then(function() {
+      });
 /*
      req.session.user = {
        name: name,
@ -82,6 +102,7 @@ router.post("/create", function(req, res) {
      };
      return res.status(200).send(req.session.user);
 */
+    }).then(function() {
      req.session.user = {};
      return res.status(401).send("Account has not been authenticated.");
    });