diff --git a/packages/users/public/controllers/meanUser.js b/packages/users/public/controllers/meanUser.js index 52203b0b22..4dc1f96bb4 100644 --- a/packages/users/public/controllers/meanUser.js +++ b/packages/users/public/controllers/meanUser.js @@ -13,8 +13,8 @@ angular.module('mean.users') }); } ]) - .controller('LoginCtrl', ['$scope', '$rootScope', '$http', '$location', 'Global', - function($scope, $rootScope, $http, $location, Global) { + .controller('LoginCtrl', ['$scope', '$rootScope', '$http', '$location', 'Global', 'MeanUser', + function($scope, $rootScope, $http, $location, Global, MeanUser) { // This object will be filled by the form $scope.user = {}; $scope.global = Global; @@ -34,36 +34,19 @@ angular.module('mean.users') $scope.input.tooltipText = $scope.input.tooltipText === 'Show password' ? 'Hide password' : 'Show password'; }; + // Watch for loginfail event and update $scope.loginerror + $rootScope.$on('loginfail', function(){ + $scope.loginerror = MeanUser.loginerror; + }); + // Register the login() function $scope.login = function() { - $http.post('/login', { - email: $scope.user.email, - password: $scope.user.password - }) - .success(function(response) { - // authentication OK - $scope.loginError = 0; - $rootScope.user = response.user; - $rootScope.$emit('loggedin'); - if (response.redirect) { - if (window.location.href === response.redirect) { - //This is so an admin user will get full admin page - window.location.reload(); - } else { - window.location = response.redirect; - } - } else { - $location.url('/'); - } - }) - .error(function() { - $scope.loginerror = 'Authentication failed.'; - }); + MeanUser.login($scope.user); }; } ]) - .controller('RegisterCtrl', ['$scope', '$rootScope', '$http', '$location', 'Global', - function($scope, $rootScope, $http, $location, Global) { + .controller('RegisterCtrl', ['$scope', '$rootScope', '$http', '$location', 'Global', 'MeanUser', + function($scope, $rootScope, $http, $location, Global, MeanUser) { $scope.user = {}; $scope.global = Global; $scope.global.registerForm = true; @@ -75,6 +58,10 @@ angular.module('mean.users') tooltipText: 'Show password', tooltipTextConfirmPass: 'Show password' }; + + $scope.usernameError = MeanUser.usernameError; + $scope.registerError = MeanUser.registerError; + $scope.emailError = MeanUser.emailError; $scope.togglePasswordVisible = function() { $scope.input.type = $scope.input.type === 'text' ? 'password' : 'text'; @@ -88,34 +75,20 @@ angular.module('mean.users') $scope.input.iconClassConfirmPass = $scope.input.iconClassConfirmPass === 'icon_hide_password' ? '' : 'icon_hide_password'; $scope.input.tooltipTextConfirmPass = $scope.input.tooltipTextConfirmPass === 'Show password' ? 'Hide password' : 'Show password'; }; + + // Watch for registerfail event and update error messages in $scope + $rootScope.$on('registerfail', function(){ + $scope.usernameError = MeanUser.usernameError; + $scope.registerError = MeanUser.registerError; + $scope.emailError = MeanUser.emailError; + }); + + $rootScope.$on('loggedin', function(){ + $scope.registerError = MeanUser.registerError; + }); - $scope.register = function() { - $scope.usernameError = null; - $scope.registerError = null; - $http.post('/register', { - email: $scope.user.email, - password: $scope.user.password, - confirmPassword: $scope.user.confirmPassword, - username: $scope.user.username, - name: $scope.user.name - }) - .success(function() { - // authentication OK - $scope.registerError = 0; - $rootScope.user = $scope.user; - Global.user = $rootScope.user; - Global.authenticated = !! $rootScope.user; - $rootScope.$emit('loggedin'); - $location.url('/'); - }) - .error(function(error) { - // Error: authentication failed - if (error === 'Username already taken') { - $scope.usernameError = error; - } else if (error === 'Email already taken') { - $scope.emailError = error; - } else $scope.registerError = error; - }); + $scope.register = function (){ + MeanUser.register($scope.user); }; } ]) @@ -137,36 +110,20 @@ angular.module('mean.users') }; } ]) - .controller('ResetPasswordCtrl', ['$scope', '$rootScope', '$http', '$location', '$stateParams', 'Global', - function($scope, $rootScope, $http, $location, $stateParams, Global) { + .controller('ResetPasswordCtrl', ['$scope', '$rootScope', '$http', '$location', '$stateParams', 'Global', 'MeanUser', + function($scope, $rootScope, $http, $location, $stateParams, Global, MeanUser) { $scope.user = {}; $scope.global = Global; $scope.global.registerForm = false; + + // Watch for resetpasswordfail event and update error messages in $scope + $rootScope.$on('resetpasswordfail', function(){ + $scope.resetpassworderror = MeanUser.resetpassworderror; + $scope.validationError = MeanUser.validationError; + }); + $scope.resetpassword = function() { - $http.post('/reset/' + $stateParams.tokenId, { - password: $scope.user.password, - confirmPassword: $scope.user.confirmPassword - }) - .success(function(response) { - $rootScope.user = response.user; - $rootScope.$emit('loggedin'); - if (response.redirect) { - if (window.location.href === response.redirect) { - //This is so an admin user will get full admin page - window.location.reload(); - } else { - window.location = response.redirect; - } - } else { - $location.url('/'); - } - }) - .error(function(error) { - if (error.msg === 'Token invalid or expired') - $scope.resetpassworderror = 'Could not update password as token is invalid or may have expired'; - else - $scope.validationError = error; - }); + MeanUser.resetpassword($scope.user); }; } ]); diff --git a/packages/users/public/services/meanUser.js b/packages/users/public/services/meanUser.js index 7da8f78dd7..4ef47efad9 100644 --- a/packages/users/public/services/meanUser.js +++ b/packages/users/public/services/meanUser.js @@ -1,10 +1,118 @@ 'use strict'; -angular.module('mean.users').factory('MeanUser', [ +angular.module('mean.users').factory('MeanUser', [ '$rootScope', '$http', '$location', '$window', '$stateParams', 'Global', + function($rootScope, $http, $location, $window, $stateParams, Global) { + var MeanUserFactory = {}; - function() { - return { - name: 'users' - }; - } + MeanUserFactory.name = 'users'; + + MeanUserFactory.loginerror = 0; + MeanUserFactory.usernameError = null; + MeanUserFactory.registerError = 0; + MeanUserFactory.resetpassworderror = null; + MeanUserFactory.validationError = null; + + MeanUserFactory.login = function (user) { + // this is an ugly hack due to mean-admin needs + var destination = $location.path().indexOf('/login') === -1 ? $location.absUrl() : false; + $http.post('/login', { + email: user.email, + password: user.password, + redirect: destination + }) + .success(function(response) { + // authentication OK + MeanUserFactory.loginerror = 0; + $rootScope.user = response.user; + Global.user = response.user; + $window.user = response.user; + Global.authenticated = !! $rootScope.user; + $rootScope.$emit('loggedin'); + if (response.redirect && angular.isDefined(response.user)) { + if ($window.location.href === response.redirect && response.user.roles.indexOf('admin') !== -1) { + //This is so an admin user will get full admin page, but no need to refresh if user is not admin + $window.location.reload(); + } else { + $window.location = response.redirect; + } + } else { + if (response.user.roles.indexOf('admin') !== -1) { + $window.location.reload(); + } + else { + $location.url('/'); + } + } + }) + .error(function(response) { + $location.path(response.redirect); + MeanUserFactory.loginerror = 'Authentication failed.'; + $rootScope.$emit('loginfail'); + }); + }; + + MeanUserFactory.register = function(user) { + MeanUserFactory.usernameError = null; + MeanUserFactory.registerError = null; + $http.post('/register', { + email: user.email, + password: user.password, + confirmPassword: user.confirmPassword, + username: user.username, + name: user.name + }) + .success(function() { + // authentication OK + MeanUserFactory.registerError = 0; + $rootScope.user = user; + Global.user = $rootScope.user; + $window.user = $rootScope.user; + Global.authenticated = !! $rootScope.user; + $rootScope.$emit('loggedin'); + $location.url('/'); + }) + .error(function(error) { + // Error: authentication failed + if (error === 'Username already taken') { + MeanUserFactory.usernameError = error; + } else if (error === 'Email already taken') { + MeanUserFactory.emailError = error; + } else MeanUserFactory.registerError = error; + $rootScope.$emit('registerfail'); + }); + }; + + MeanUserFactory.resetpassword = function(user) { + $http.post('/reset/' + $stateParams.tokenId, { + password: user.password, + confirmPassword: user.confirmPassword + }) + .success(function(response) { + $rootScope.user = response.user; + Global.user = response.user; + $window.user = response.user; + Global.authenticated = !! response.user; + $rootScope.$emit('loggedin'); + if (response.redirect) { + if ($window.location.href === response.redirect) { + //This is so an admin user will get full admin page + $window.location.reload(); + } else { + $window.location = response.redirect; + } + } else { + $location.url('/'); + } + }) + .error(function(error) { + if (error.msg === 'Token invalid or expired') + MeanUserFactory.resetpassworderror = 'Could not update password as token is invalid or may have expired'; + else + MeanUserFactory.validationError = error; + $rootScope.$emit('resetpasswordfail'); + }); + }; + + return MeanUserFactory; + } ]); diff --git a/packages/users/server/routes/users.js b/packages/users/server/routes/users.js index 8a6f0a3838..83d379b6ac 100644 --- a/packages/users/server/routes/users.js +++ b/packages/users/server/routes/users.js @@ -31,15 +31,27 @@ module.exports = function(MeanUser, app, auth, database, passport) { }); // Setting the local strategy route - app.route('/login') - .post(passport.authenticate('local', { - failureFlash: true - }), function(req, res) { - res.send({ - user: req.user, - redirect: (req.user.roles.indexOf('admin') !== -1) ? req.get('referer') : false - }); - }); + app.post('/login', function(req, res, next) { + passport.authenticate('local', { + failureFlash: true + }, function(err, user, info) { + // in case of exception + if (err) { return next(err); } + // if login fails due to wrong credentials + /*if (!user) { + //return res.redirect('/login'); + res.send({ redirect: '#!' + req.body.redirect }); + }*/ + // if login successful, execute login + req.logIn(user, function(err) { + if (err) { return next(err); } + res.send({ + user: req.user, + redirect: req.body.redirect + }); + }); + })(req, res, next); + }); // AngularJS route to get config of social buttons app.route('/get-config')