joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Properly querystring encode the parameters

Browse Source
This commit is contained in:
Florent Vilmart
2016-03-12 10:27:34 -05:00
parent 49531e7efe
commit 2557ea6300
1 changed files with 36 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
src/Routers/PublicAPIRouter.js
View File

@@ -4,36 +4,38 @@ import Config from '../Config';
import express from 'express';
import path from 'path';
import fs from 'fs';
import qs from 'querystring';
let public_html = path.resolve(__dirname, "../../public_html");
let views = path.resolve(__dirname, '../../views');
export class PublicAPIRouter extends PromiseRouter {
verifyEmail(req) {
let { token, username }= req.query;
let appId = req.params.appId;
let config = new Config(appId);
if (!config.publicServerURL) {
return this.missingPublicServerURL();
}
if (!token || !username) {
return this.invalidLink(req);
}
let userController = config.userController;
return userController.verifyEmail(username, token).then( () => {
let params = qs.stringify({username});
return Promise.resolve({
status: 302,
location: `${config.verifyEmailSuccessURL}?username=${username}`
location: `${config.verifyEmailSuccessURL}?${params}`
});
}, ()=> {
return this.invalidLink(req);
})
}
changePassword(req) {
return new Promise((resolve, reject) => {
let config = new Config(req.query.id);
@@ -55,61 +57,63 @@ export class PublicAPIRouter extends PromiseRouter {
});
});
}
requestResetPassword(req) {
let config = req.config;
if (!config.publicServerURL) {
return this.missingPublicServerURL();
}
let { username, token } = req.query;
if (!username || !token) {
return this.invalidLink(req);
}
return config.userController.checkResetTokenValidity(username, token).then( (user) => {
let params = qs.stringify({token, id: config.applicationId, username, app: config.appName, });
return Promise.resolve({
status: 302,
location: `${config.choosePasswordURL}?token=${token}&id=${config.applicationId}&username=${username}&app=${config.appName}`
location: `${config.choosePasswordURL}?${params}`
})
}, () => {
return this.invalidLink(req);
})
}
resetPassword(req) {
let config = req.config;
if (!config.publicServerURL) {
return this.missingPublicServerURL();
}
let {
username,
token,
new_password
} = req.body;
if (!username || !token || !new_password) {
return this.invalidLink(req);
}
return config.userController.updatePassword(username, token, new_password).then((result) => {
return Promise.resolve({
status: 302,
location: config.passwordResetSuccessURL
});
}, (err) => {
let params = qs.stringify({username: username, token: token, id: config.applicationId, error:err, app:config.appName})
return Promise.resolve({
status: 302,
location: `${config.choosePasswordURL}?token=${token}&id=${config.applicationId}&username=${username}&error=${err}&app=${config.appName}`
location: `${config.choosePasswordURL}?${params}`
});
});
}
invalidLink(req) {
@@ -118,36 +122,36 @@ export class PublicAPIRouter extends PromiseRouter {
location: req.config.invalidLinkURL
});
}
missingPublicServerURL() {
return Promise.resolve({
text: 'Not found.',
status: 404
});
}
setConfig(req) {
req.config = new Config(req.params.appId);
return Promise.resolve();
}
mountRoutes() {
this.route('GET','/apps/:appId/verify_email',
req => { this.setConfig(req) },
this.route('GET','/apps/:appId/verify_email',
req => { this.setConfig(req) },
req => { return this.verifyEmail(req); });
this.route('GET','/apps/choose_password',
this.route('GET','/apps/choose_password',
req => { return this.changePassword(req); });
this.route('POST','/apps/:appId/request_password_reset',
req => { this.setConfig(req) },
this.route('POST','/apps/:appId/request_password_reset',
req => { this.setConfig(req) },
req => { return this.resetPassword(req); });
this.route('GET','/apps/:appId/request_password_reset',
req => { this.setConfig(req) },
this.route('GET','/apps/:appId/request_password_reset',
req => { this.setConfig(req) },
req => { return this.requestResetPassword(req); });
}
expressApp() {
let router = express();
router.use("/apps", express.static(public_html));