summaryrefslogtreecommitdiff
path: root/server.js
diff options
context:
space:
mode:
Diffstat (limited to 'server.js')
-rw-r--r--server.js30
1 files changed, 14 insertions, 16 deletions
diff --git a/server.js b/server.js
index 5ce38b0..fc812b9 100644
--- a/server.js
+++ b/server.js
@@ -598,18 +598,18 @@ app.post("/signup", must_pass_altcha, function (req, res) {
res.redirect("/profile")
})
-function create_and_mail_verification_token(user) {
- if (!SQL_FIND_TOKEN.get(user.user_id))
- mail_verification_token(user, SQL_CREATE_TOKEN.get(user.user_id))
-}
-
app.get("/account/mail/verify", must_be_logged_in, function (req, res) {
- var token = req.query.token
if (SQL_SELECT_USER_VERIFIED.get(req.user.user_id))
return res.redirect("/profile")
- if (!token)
- create_and_mail_verification_token(req.user)
- res.render("verify_mail.pug", { token })
+ var sent_token = SQL_FIND_TOKEN.get(req.user.user_id)
+ var input_token = req.query.token
+ res.render("account_mail_verify.pug", { input_token, sent_token })
+})
+
+app.post("/account/mail/verify-send", must_be_logged_in, function (req, res) {
+ if (!SQL_FIND_TOKEN.get(req.user.user_id))
+ mail_verification_token(req.user, SQL_CREATE_TOKEN.get(req.user.user_id))
+ res.redirect("/account/mail/verify")
})
app.post("/account/mail/verify", must_be_logged_in, function (req, res) {
@@ -617,8 +617,8 @@ app.post("/account/mail/verify", must_be_logged_in, function (req, res) {
SQL_UPDATE_USER_VERIFIED.run(1, req.user.user_id)
res.redirect("/profile")
} else {
- create_and_mail_verification_token(req.user)
- res.render("verify_mail.pug", { flash: "Invalid or expired token!" })
+ var sent_token = SQL_FIND_TOKEN.get(req.user.user_id)
+ res.render("account_mail_verify.pug", { sent_token, flash: "Invalid or expired token!" })
}
})
@@ -632,11 +632,8 @@ app.post("/account/forgot-password", must_pass_altcha, function (req, res) {
let mail = req.body.mail
let user = SQL_SELECT_LOGIN_BY_MAIL.get(mail)
if (user) {
- let token = SQL_FIND_TOKEN.get(user.user_id)
- if (!token) {
- token = SQL_CREATE_TOKEN.get(user.user_id)
- mail_password_reset_token(user, token)
- }
+ var token = SQL_CREATE_TOKEN.get(user.user_id)
+ mail_password_reset_token(user, token)
return res.redirect("/account/reset-password?mail=" + mail)
}
res.render("forgot_password.pug", { flash: "User not found." })
@@ -811,6 +808,7 @@ app.post("/account/change-mail", must_be_logged_in, function (req, res) {
return res.render("change_mail.pug", { flash: "That mail address is already taken!" })
SQL_UPDATE_USER_MAIL.run(newmail, req.user.user_id)
SQL_UPDATE_USER_VERIFIED.run(0, req.user.user_id)
+ SQL_UPDATE_USER_NOTIFY.run(0, req.user.user_id)
return res.redirect("/profile")
})