creating users

author: Jules Laplace <julescarbon@gmail.com> 2017-12-12 05:31:06 +0100
committer: Jules Laplace <julescarbon@gmail.com> 2017-12-12 05:31:06 +0100
commit: 3b0cde84d5186693dd48c9f136a47480b3c23c89 (patch)
tree: 4c5103400d6f9fc97491f45fed04b742ff0e04ff
parent: 041efed20500c145a639d8303c2a0e770bba4552 (diff)
7 files changed, 77 insertions, 27 deletions
diff --git a/bucky/util/auth.js b/bucky/util/auth.js
index 32d77e8..548ffcc 100644
--- a/bucky/util/auth.js
+++ b/bucky/util/auth.js
@@ -3,6 +3,8 @@ var passport = require('passport');
 var LocalStrategy = require('passport-local').Strategy;
 var crypto = require('crypto');
 var db = require('../db');
+var util = require('./util');
+var crypt = require('unix-crypt-td-js')
 
 var middleware = require('./middleware')
 
@@ -27,29 +29,60 @@ var auth = module.exports = {
       })
     })
     app.get("/logout", auth.logout)
+
+    app.put("/api/signup",
+      function (req, res, next) {
+        var username = util.sanitizeName(req.body.username)
+        db.getUserByUsername(username).then((user) => {
+          if (user) {
+            return res.json({ error: "user exists" })
+          }
+          next()
+        })
+      },
+      function (req, res, next) {
+        if (req.body.password !== req.body.password2) {
+          return res.json({ error: "passwords don't match" })
+        }
+        var username = util.sanitizeName(req.body.username)
+        var data = {
+          username: username,
+          realname: util.sanitizeName(req.body.realname),
+          password: auth.makePassword(username, req.body.password),
+          grass: util.sanitizeName(req.body.grass),
+          firstseen: util.now(),
+          lastseen: util.now(),
+          lastsession: util.now(),
+        }
+        db.createUser(data).then(() => next())
+      },
+      passport.authenticate("local"),
+      auth.login)
     app.put("/api/login",
       passport.authenticate("local"),
-      function (req, res) {
-        if (req.isAuthenticated()) {
-          var returnTo = req.session.returnTo
-          delete req.session.returnTo
-          console.log(">> logged in", req.user.get('username'))
-          return res.json({
-            status: "OK",
-            user: auth.sanitizeUser(req.user),
-            returnTo: returnTo || "/index",
-          })
-        }
-        res.json({
-          error: 'bad credentials',
-        })
-      })
+      auth.login)
     app.put("/api/checkin",
       middleware.ensureAuthenticated,
       auth.checkin
     )  
 	},
-	
+
+  login: function (req, res) {
+    if (req.isAuthenticated()) {
+      var returnTo = req.session.returnTo
+      delete req.session.returnTo
+      console.log(">> logged in", req.user.get('username'))
+      return res.json({
+        status: "OK",
+        user: util.sanitizeUser(req.user),
+        returnTo: returnTo || "/index",
+      })
+    }
+    res.json({
+      error: 'bad credentials',
+    })
+  },
+  
 	serializeUser: function (user, done) {
 		done(null, user.id);
 	},
@@ -60,10 +93,16 @@ var auth = module.exports = {
     })
 	},
 	
+	makePassword: function(username, pw) {
+	  var salt = username.substr(0, 2) // lol
+	  return crypt(pw, salt)
+    // var shasum = crypto.createHash('sha1')
+    // shasum.update(pw)
+    // return shasum.digest('hex');
+	},
+	
 	validPassword: function(user, pw){
-    var shasum = crypto.createHash('sha1')
-    shasum.update(pw)
-    return user.get('password') === shasum.digest('hex');
+    return user.get('password') === auth.makePassword(user.get('username'), pw);
   },
 
 	verifyLocalUser: function (username, password, done) {
@@ -83,7 +122,7 @@ var auth = module.exports = {
 	},
 	
   checkin: function (req, res) {
-    var user = auth.sanitizeUser(req.user)
+    var user = util.sanitizeUser(req.user)
     res.json(user)
   },
 
diff --git a/package-lock.json b/package-lock.json
index b5f9eff..167694d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1891,6 +1891,11 @@
         "random-bytes": "1.0.0"
       }
     },
+    "unix-crypt-td-js": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/unix-crypt-td-js/-/unix-crypt-td-js-1.0.0.tgz",
+      "integrity": "sha1-HAgkFQSBvHoB1J6Y8exmjYJBLzs="
+    },
     "unpipe": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",
diff --git a/package.json b/package.json
index 653b542..08d0a34 100644
--- a/package.json
+++ b/package.json
@@ -38,6 +38,7 @@
     "passport-local": "^1.0.0",
     "serve-favicon": "^2.3.0",
     "sessionstore": "^1.2.18",
-    "skipper": "^0.5.5"
+    "skipper": "^0.5.5",
+    "unix-crypt-td-js": "^1.0.0"
   }
 }
diff --git a/public/assets/css/bucky.css b/public/assets/css/bucky.css
index 1ba5010..45b2ed0 100644
--- a/public/assets/css/bucky.css
+++ b/public/assets/css/bucky.css
@@ -364,6 +364,7 @@ tr:nth-child(even) td.black       { background-color: #eee; border-bottom-color:
   margin-bottom: 2px;
   background-position: center center;
 }
+#comments tr#comment_form + tr .comment,
 #comments tr:first-child .comment {
   border-top: 1px solid #ccc;
 }
@@ -380,8 +381,9 @@ tr:nth-child(even) td.black       { background-color: #eee; border-bottom-color:
 .comment .body {
   font-size: 12px;
   line-height: 1.3;
-  max-width: 100%;
+  width: 100%;
   padding-bottom: 3px;
+  margin-right: 110px;
 }
 .comment .date {
   position: absolute;
diff --git a/public/assets/js/lib/views/details/index.js b/public/assets/js/lib/views/details/index.js
index 871ac62..b10e5cc 100644
--- a/public/assets/js/lib/views/details/index.js
+++ b/public/assets/js/lib/views/details/index.js
@@ -29,7 +29,7 @@ var DetailsView = View.extend({
   populate: function(data){
     this.data = data
     console.log(data)
-    set_background_color(data.thread.color || data.keyword.color)
+    set_background_color(data.thread.color || (data.keyword ? data.keyword.color : 'plain'))
     $("body").removeClass('loading')
     var thread = data.thread
     $("h1").html(sanitize(thread.title))
diff --git a/public/assets/js/vendor/view/formview.js b/public/assets/js/vendor/view/formview.js
index 1f681cb..6b03849 100644
--- a/public/assets/js/vendor/view/formview.js
+++ b/public/assets/js/vendor/view/formview.js
@@ -100,11 +100,14 @@ var FormView = View.extend({
       dataType: "json",
       processData: false,
       success: function(response){
-        console.log(response)
         if (response.error) {
           var errors = []
-          for (var key in response.error.errors) {
-            errors.push(response.error.errors[key].message);
+          if (response.error.errors) {
+            for (var key in response.error.errors) {
+              errors.push(response.error.errors[key].message);
+            }
+          } else {
+            errors.push(response.error)
           }
           if (errorCallback) {
             errorCallback(errors)
diff --git a/views/pages/signup.ejs b/views/pages/signup.ejs
index baf653e..c13fc33 100644
--- a/views/pages/signup.ejs
+++ b/views/pages/signup.ejs
@@ -1,6 +1,6 @@
 <% include ../partials/header %>
 
-<div id="login">
+<div id="signup">
   <br>
   <img src="/assets/img/newme.jpg">
author	Jules Laplace <julescarbon@gmail.com>	2017-12-12 05:31:06 +0100
committer	Jules Laplace <julescarbon@gmail.com>	2017-12-12 05:31:06 +0100
commit	3b0cde84d5186693dd48c9f136a47480b3c23c89 (patch)
tree	4c5103400d6f9fc97491f45fed04b742ff0e04ff
parent	041efed20500c145a639d8303c2a0e770bba4552 (diff)