app.post('*', (req: Request, res: Response, next: NextFunction) => {
if (
!req.header('Content-Type') ||
(req.header('Content-Type') !== 'application/json' && !req.header('Content-Type').includes('application/x-www-form-urlencoded'))
) {
return res.status(406).json({
error: 'Unsupported "Content-Type"'
});
}
return next();
});
const validateParams = (params: { entity: ISong, admin: IAdmin }, req: Request, log: Log) => {
if (!params.entity) {
log.error('params', params)
return ERRORS.PARAMS
}
req.check('entity.name')
.notEmpty()
.isLength({ max: 100 }).withMessage('存储 name 不正确')
req.check('entity.name')
.notEmpty()
.isLength({ max: 100 }).withMessage('存储 key 不正确')
req.check('entity.title').notEmpty().isLength({ max: 100 }).withMessage('歌曲名称不正确')
req.check('entity.artist').notEmpty().isLength({ max: 100 }).withMessage('歌手名称不正确')
req.check('entity.album').notEmpty().isLength({ max: 100 }).withMessage('专辑名称不正确')
req.check('entity.size').notEmpty().isLength({ max: 100 }).withMessage('歌曲文件信息不正确')
req.check('entity.mimeType').notEmpty().isLength({ max: 100 }).withMessage('歌曲文件类型不正确')
req.check('entity.duration').notEmpty().isLength({ max: 100 }).withMessage('歌曲时长不正确')
req.check('entity.image._id').notEmpty().isLength({ max: 100 }).withMessage('歌曲封面信息不正确')
const errors = req.validationErrors()
if (errors) {
log.error('params', { params, errors })
return new RouterError(2, errors[0].msg)
}
if (isNaN(+params.entity.duration)) {
log.error('params', params)
return new RouterError(3, '歌曲时长信息不正确')
}
if (isNaN(+params.entity.size)) {
log.error('params', params)
return new RouterError(4, '歌曲文件信息不正确')
}
return null
}
export let postContact = (req: Request, res: Response) => {
req.assert("name", "Name cannot be blank").notEmpty();
req.assert("email", "Email is not valid").isEmail();
req.assert("message", "Message cannot be blank").notEmpty();
const errors = req.validationErrors();
if (errors) {
req.flash("errors", errors);
return res.redirect("/contact");
}
const mailOptions = {
to: "*****@*****.**",
from: `${req.body.name} <${req.body.email}>`,
subject: "Contact Form",
text: req.body.message
};
transporter.sendMail(mailOptions, (err) => {
if (err) {
req.flash("errors", { msg: err.message });
return res.redirect("/contact");
}
req.flash("success", { msg: "Email has been sent successfully!" });
res.redirect("/contact");
});
};
export let postLogin = (req: Request, res: Response, next: NextFunction) => {
req.assert("email", "Email is not valid").isEmail();
req.assert("password", "Password cannot be blank").notEmpty();
req.sanitize("email").normalizeEmail({ gmail_remove_dots: false });
const errors = req.validationErrors();
if (errors) {
req.flash("errors", errors);
return res.redirect("/login");
}
passport.authenticate("local", (err: Error, user: UserModel, info: IVerifyOptions) => {
if (err) { return next(err); }
if (!user) {
req.flash("errors", info.message);
return res.redirect("/login");
}
req.logIn(user, (err) => {
if (err) { return next(err); }
req.flash("success", { msg: "Success! You are logged in." });
res.redirect(req.session.returnTo || "/");
});
})(req, res, next);
};
export let postUpdateProfile = (req: Request, res: Response, next: NextFunction) => {
req.assert("email", "Please enter a valid email address.").isEmail();
req.sanitize("email").normalizeEmail({ gmail_remove_dots: false });
const errors = req.validationErrors();
if (errors) {
req.flash("errors", errors);
return res.redirect("/account");
}
User.findById(req.user.id, (err, user: UserModel) => {
if (err) { return next(err); }
user.email = req.body.email || "";
user.profile.name = req.body.name || "";
user.profile.gender = req.body.gender || "";
user.profile.location = req.body.location || "";
user.profile.website = req.body.website || "";
user.save((err: WriteError) => {
if (err) {
if (err.code === 11000) {
req.flash("errors", { msg: "The email address you have entered is already associated with an account." });
return res.redirect("/account");
}
return next(err);
}
req.flash("success", { msg: "Profile information has been updated." });
res.redirect("/account");
});
});
};
export let postForgot = (req: Request, res: Response, next: NextFunction) => {
req.assert("email", "Please enter a valid email address.").isEmail();
req.sanitize("email").normalizeEmail({ gmail_remove_dots: false });
const errors = req.validationErrors();
if (errors) {
req.flash("errors", errors);
return res.redirect("/forgot");
}
async.waterfall([
function createRandomToken(done: Function) {
crypto.randomBytes(16, (err, buf) => {
const token = buf.toString("hex");
done(err, token);
});
},
function setRandomToken(token: AuthToken, done: Function) {
User.findOne({ email: req.body.email }, (err, user: any) => {
if (err) { return done(err); }
if (!user) {
req.flash("errors", { msg: "Account with that email address does not exist." });
return res.redirect("/forgot");
}
user.passwordResetToken = token;
user.passwordResetExpires = Date.now() + 3600000; // 1 hour
user.save((err: WriteError) => {
done(err, token, user);
});
});
},
function sendForgotPasswordEmail(token: AuthToken, user: UserModel, done: Function) {
const transporter = nodemailer.createTransport({
service: "SendGrid",
auth: {
user: process.env.SENDGRID_USER,
pass: process.env.SENDGRID_PASSWORD
}
});
const mailOptions = {
to: user.email,
from: "*****@*****.**",
subject: "Reset your password on Hackathon Starter",
text: `You are receiving this email because you (or someone else) have requested the reset of the password for your account.\n\n
Please click on the following link, or paste this into your browser to complete the process:\n\n
http://${req.headers.host}/reset/${token}\n\n
If you did not request this, please ignore this email and your password will remain unchanged.\n`
};
transporter.sendMail(mailOptions, (err) => {
req.flash("info", { msg: `An e-mail has been sent to ${user.email} with further instructions.` });
done(err);
});
}
], (err) => {
if (err) { return next(err); }
res.redirect("/forgot");
});
};
transporter.sendMail(mailOptions, (err) => {
if (err) {
req.flash("errors", { msg: err.message });
return res.redirect("/contact");
}
req.flash("success", { msg: "Email has been sent successfully!" });
res.redirect("/contact");
});
export let postReset = (req: Request, res: Response, next: NextFunction) => {
req.assert("password", "Password must be at least 4 characters long.").len({ min: 4 });
req.assert("confirm", "Passwords must match.").equals(req.body.password);
const errors = req.validationErrors();
if (errors) {
req.flash("errors", errors);
return res.redirect("back");
}
async.waterfall([
function resetPassword(done: Function) {
User
.findOne({ passwordResetToken: req.params.token })
.where("passwordResetExpires").gt(Date.now())
.exec((err, user: any) => {
if (err) { return next(err); }
if (!user) {
req.flash("errors", { msg: "Password reset token is invalid or has expired." });
return res.redirect("back");
}
user.password = req.body.password;
user.passwordResetToken = undefined;
user.passwordResetExpires = undefined;
user.save((err: WriteError) => {
if (err) { return next(err); }
req.logIn(user, (err) => {
done(err, user);
});
});
});
},
function sendResetPasswordEmail(user: UserModel, done: Function) {
const transporter = nodemailer.createTransport({
service: "SendGrid",
auth: {
user: process.env.SENDGRID_USER,
pass: process.env.SENDGRID_PASSWORD
}
});
const mailOptions = {
to: user.email,
from: "*****@*****.**",
subject: "Your password has been changed",
text: `Hello,\n\nThis is a confirmation that the password for your account ${user.email} has just been changed.\n`
};
transporter.sendMail(mailOptions, (err) => {
req.flash("success", { msg: "Success! Your password has been changed." });
done(err);
});
}
], (err) => {
if (err) { return next(err); }
res.redirect("/");
});
};
user.save((err: WriteError) => {
if (err) {
if (err.code === 11000) {
req.flash("errors", { msg: "The email address you have entered is already associated with an account." });
return res.redirect("/account");
}
return next(err);
}
req.flash("success", { msg: "Profile information has been updated." });
res.redirect("/account");
});
passport.authenticate("local", (err: Error, user: UserModel, info: IVerifyOptions) => {
if (err) { return next(err); }
if (!user) {
req.flash("errors", info.message);
return res.redirect("/login");
}
req.logIn(user, (err) => {
if (err) { return next(err); }
req.flash("success", { msg: "Success! You are logged in." });
res.redirect(req.session.returnTo || "/");
});
})(req, res, next);
