router.get('/forgot',(req,res) => res.render('forgot'));
router.post('/forgot',function(req,res,next) {
async.waterfall([
function(done) {
crypto.randomBytes(20,function(err,buf) {
var token = buf.toString('hex');
done(err,token);
});
},function(token,done) {
User.findOne({ email: req.body.email },user) {
if (!user) {
req.flash('error_msg','No account with that email address exists');
return res.redirect('/users/forgot');
}
user.resetPasswordToken = token;
user.resetPasswordExpires = Date.now() + 3600000; // 1 hour
user.save(function(err) {
done(err,token,user);
});
});
},user,done) {
var smtpTransport = nodemailer.createTransport({
service: 'Gmail',auth: {
user: process.env.EMAIL,pass: process.env.PASSWORD
}
});
var mailOptiOns= {
to: user.email,from: process.env.EMAIL,subject: 'Node.js Password Reset',text: 'You are receiving this because you (or someone else) have requested the reset of the password for your account.\n\n' +
'Please click on the following link,or paste this into your browser to complete the process:\n\n' +
'http://' + req.headers.host + '/users/reset/' + token + '\n\n' +
'If you did not request this,please ignore this email and your password will remain unchanged.\n'
};
smtpTransport.sendMail(mailOptions,function(err) {
console.log('mail sent');
req.flash('success_msg','An e-mail has been sent to ' + user.email + ' with further instructions.');
done(err,'done');
});
}
],function(err) {
if (err) return next(err);
res.redirect('/users/forgot');
});
});
router.get('/users/reset/:token',res) {
User.findOne({ resetPasswordToken: req.params.token,resetPasswordExpires: { $gt: Date.now() } },user) {
if (!user) {
req.flash('error','Password reset token is invalid or has expired.');
return res.redirect('/users/forgot');
}
res.render('/users/reset',{token: req.params.token});
});
});
router.post('/users/reset/:token',res) {
async.waterfall([
function(done) {
User.findOne({ resetPasswordToken: req.params.token,user) {
if (!user) {
req.flash('error_msg','Password reset token is invalid or has expired.');
return res.redirect('back');
}
if(req.body.password === req.body.confirm) {
user.setPassword(req.body.password,function(err) {
user.resetPasswordToken = undefined;
user.resetPasswordExpires = undefined;
user.save(function(err) {
req.logIn(user,function(err) {
done(err,user);
});
});
})
} else {
req.flash("error_msg","Passwords do not match.");
return res.redirect('back');
}
});
},function(user,done) {
var smtpTransport = nodemailer.createTransport({
service: 'mail',auth: {
user: process.env.EMAIL,pass: process.env.PASSWORD
}
});
var mailOptiOns= {
to: user.email,subject: 'Your password has been changed',text: 'Hello,\n\n' +
'This is a confirmation that the password for your account ' + user.email + ' has just been changed.\n'
};
smtpTransport.sendMail(mailOptions,function(err) {
req.flash('success_msg','Success! Your password has been changed.');
done(err);
});
}
],function(err) {
res.redirect('/users/login');
});
});