closes #171

app.js

@@ -18,10 +18,10 @@
 
 var fs = require('fs'),
 	winston = require('winston'),
-	nconf = require('nconf'),
 	pkg = require('./package.json'),
 	url = require('url');
 
+nconf = require('nconf');
 // Runtime environment
 global.env = process.env.NODE_ENV || 'production',
 
@@ -54,7 +54,7 @@ if(nconf.get('upgrade')) {
 } else if (!nconf.get('setup') && nconf.get('base_url')) {
 	nconf.set('url', nconf.get('base_url') + (nconf.get('use_port') ? ':' + nconf.get('port') : '') + nconf.get('relative_path') + '/');
 	nconf.set('upload_url', nconf.get('url') + 'uploads/');
-	global.nconf = nconf;
+
 
 	winston.info('Initializing NodeBB v' + pkg.version + ', on port ' + nconf.get('port') + ', using Redis store at ' + nconf.get('redis:host') + ':' + nconf.get('redis:port') + '.');
 	winston.info('Base Configuration OK.');

public/src/templates.js

@@ -181,7 +181,7 @@
 			if (!templates[tpl_url] || !template_data) return;
 			
 			if(typeof global !== "undefined")
-				template_data['relative_path'] = global.nconf.get('relative_path');
+				template_data['relative_path'] = nconf.get('relative_path');
 			else 
 				template_data['relative_path'] = RELATIVE_PATH;
 			

public/templates/config.json

@@ -31,7 +31,10 @@
 		"unread": "unread",
 		"popular": "category",
 		"active": "category",
-		"search": "search"
+		"search": "search",
+		"reset/[^]*": "reset_code",
+		"reset": "reset"
+		
 	},
 	"force_refresh": {
 		"logout": true

src/categories.js

@@ -39,9 +39,9 @@ var	RDB = require('./redis.js'),
 					'category_id': category_id,
 					'active_users': [],
 					'topics' : [],
-					'twitter-intent-url': 'https://twitter.com/intent/tweet?url=' + encodeURIComponent(global.nconf.get('url') + 'category/' + category_slug) + '&text=' + encodeURIComponent(category_name),
-					'facebook-share-url': 'https://www.facebook.com/sharer/sharer.php?u=' + encodeURIComponent(global.nconf.get('url') + 'category/' + category_slug),
-					'google-share-url': 'https://plus.google.com/share?url=' + encodeURIComponent(global.nconf.get('url') + 'category/' + category_slug)
+					'twitter-intent-url': 'https://twitter.com/intent/tweet?url=' + encodeURIComponent(nconf.get('url') + 'category/' + category_slug) + '&text=' + encodeURIComponent(category_name),
+					'facebook-share-url': 'https://www.facebook.com/sharer/sharer.php?u=' + encodeURIComponent(nconf.get('url') + 'category/' + category_slug),
+					'google-share-url': 'https://plus.google.com/share?url=' + encodeURIComponent(nconf.get('url') + 'category/' + category_slug)
 				};
 
 				function getTopics(next) {

src/meta.js

@@ -48,9 +48,9 @@ var utils = require('./../public/src/utils.js'),
 								if (exists) {
 									fs.readFile(themeConfPath, function(err, conf) {
 										conf = JSON.parse(conf);
-										conf.src = global.nconf.get('url') + 'themes/' + themeDir + '/' + conf.src;
-										if (conf.screenshot) conf.screenshot = global.nconf.get('url') + 'themes/' + themeDir + '/' + conf.screenshot;
-										else conf.screenshot = global.nconf.get('url') + 'images/themes/default.png';
+										conf.src = nconf.get('url') + 'themes/' + themeDir + '/' + conf.src;
+										if (conf.screenshot) conf.screenshot = nconf.get('url') + 'themes/' + themeDir + '/' + conf.screenshot;
+										else conf.screenshot = nconf.get('url') + 'images/themes/default.png';
 										themeArr.push(conf);
 										next();
 									});

src/postTools.js

@@ -169,7 +169,7 @@ var	RDB = require('./redis.js'),
 
 		if (md && md.length > 0) {
 			var	parsedContentDOM = cheerio.load(marked(md));
-			var	domain = global.nconf.get('url');
+			var	domain = nconf.get('url');
 			
 			parsedContentDOM('a').each(function() {
 				this.attr('rel', 'nofollow');

src/posts.js

@@ -39,7 +39,7 @@ var	RDB = require('./redis.js'),
 			post.user_rep = userData.reputation || 0;
 			post.user_postcount = userData.postcount || 0;
 			post.user_banned = userData.banned || '0';
-			post.picture = userData.picture || require('gravatar').url('', {}, https=global.nconf.get('https'));
+			post.picture = userData.picture || require('gravatar').url('', {}, https=nconf.get('https'));
 			post.signature = postTools.markdownToHTML(userData.signature, true);
 
 			if(post.editor !== '') {

src/routes/admin.js

@@ -18,7 +18,7 @@ var user = require('./../user.js'),
 	Admin.build_header = function(res) {
 		return templates['admin/header'].parse({
 			csrf:res.locals.csrf_token,
-			relative_path: global.nconf.get('relative_path')
+			relative_path: nconf.get('relative_path')
 		});
 	}
 

src/routes/api.js

@@ -161,11 +161,11 @@ var user = require('./../user.js'),
 			if (url) {
 				res.json({
 					url: url,
-					home: global.nconf.get('url')
+					home: nconf.get('url')
 				});
 			} else {
 				res.status(404);
-				res.redirect(global.nconf.get('relative_path') + '/404');
+				res.redirect(nconf.get('relative_path') + '/404');
 			}
 		});	
 
@@ -224,6 +224,14 @@ var user = require('./../user.js'),
 			});
 		});
 		
+		app.get('/api/reset', function(req, res) {
+			res.json({});
+		});
+
+		app.get('/api/reset/:code', function(req, res) {
+			res.json({ reset_code: req.params.code });
+		});
+
 		app.get('/api/404', function(req, res) {
 			res.json({});
 		});

src/routes/authentication.js

@@ -127,13 +127,13 @@
 
 		app.get('/reset/:code', function(req, res) {
 			app.build_header({ req: req, res: res }, function(err, header) {
-				res.send(header + templates['reset_code'].parse({ reset_code: req.params.code }) + templates['footer']);
+				res.send(header + app.create_route('reset/'+req.params.code) + templates['footer']);
 			});
 		});
 
 		app.get('/reset', function(req, res) {
 			app.build_header({ req: req, res: res }, function(err, header) {
-				res.send(header + templates['reset'] + templates['footer']);
+				res.send(header + app.create_route('reset') + templates['footer']);
 			});
 		});
 		
@@ -160,10 +160,10 @@
 					req.login({
 						uid: uid
 					}, function() {
-						res.redirect(global.nconf.get('relative_path') + '/');
+						res.redirect(nconf.get('relative_path') + '/');
 					});
 				} else {
-					res.redirect(global.nconf.get('relative_path') + '/register');
+					res.redirect(nconf.get('relative_path') + '/register');
 				}
 			});
 		});

src/sitemap.js

@@ -56,7 +56,7 @@ var	path = require('path'),
 			async.parallel([sitemap.getStaticUrls, sitemap.getDynamicUrls], function(err, urls) {
 				var urls = urls[0].concat(urls[1]),
 					map = sm.createSitemap({
-						hostname: global.nconf.get('url'),
+						hostname: nconf.get('url'),
 						cacheTime: 600000,
 						urls: urls
 					}),

src/user.js

@@ -376,7 +376,7 @@ var utils = require('./../public/src/utils.js'),
 			options.forcedefault = 'y';
 		}
 
-		return require('gravatar').url(email, options, https=global.nconf.get('https'));
+		return require('gravatar').url(email, options, https=nconf.get('https'));
 	}
 
 	User.hashPassword = function(password, callback) {
@@ -589,7 +589,7 @@ var utils = require('./../public/src/utils.js'),
 				topics.getTopicField(tid, 'slug', function(err, slug) {
 					var message = username + ' made a new post';
 
-					notifications.create(message, 5, global.nconf.get('url') + 'topic/' + slug + '#' + pid, 'notification_'+ Date.now(), function(nid) {
+					notifications.create(message, 5, nconf.get('url') + 'topic/' + slug + '#' + pid, 'notification_'+ Date.now(), function(nid) {
 		 				notifications.push(nid, followers);
 					});
 				});
@@ -792,6 +792,7 @@ var utils = require('./../public/src/utils.js'),
 
 	User.reset = {
 		validate: function(socket, code, callback) {
+			
 			if (typeof callback !== 'function') {
 				callback = null;
 			}
@@ -841,13 +842,13 @@ var utils = require('./../public/src/utils.js'),
 					RDB.set('reset:' + reset_code + ':uid', uid);
 					RDB.set('reset:' + reset_code + ':expiry', (60*60)+new Date()/1000|0);	// Active for one hour
 
-					var reset_link = config.url + 'reset/' + reset_code,
+					var reset_link = nconf.get('url') + 'reset/' + reset_code,
 						reset_email = global.templates['emails/reset'].parse({'RESET_LINK': reset_link}),
 						reset_email_plaintext = global.templates['emails/reset_plaintext'].parse({ 'RESET_LINK': reset_link });
 
 					var message = emailjs.message.create({
 						text: reset_email_plaintext,
-						from: config.mailer.from,
+						from: config.mailer?config.mailer.from:'localhost@example.org',
 						to: email,
 						subject: 'Password Reset Requested',
 						attachment: [
@@ -884,14 +885,17 @@ var utils = require('./../public/src/utils.js'),
 			});
 		},
 		commit: function(socket, code, password) {
-			this.validate(code, function(validated) {
+			this.validate(socket, code, function(validated) {
 				if (validated) {
 					RDB.get('reset:' + code + ':uid', function(err, uid) {
 						if (err) {
 							RDB.handle(err);
 						}
 
-						User.setUserField(uid, 'password', password);
+						User.hashPassword(password, function(hash) {
+							User.setUserField(uid, 'password', hash);
+						});
+
 						RDB.del('reset:' + code + ':uid');
 						RDB.del('reset:' + code + ':expiry');
 

src/webserver.js

@@ -5,7 +5,7 @@ var express = require('express'),
 	RedisStore = require('connect-redis')(express),
 	path = require('path'),
 	redis = require('redis'),
-	redisServer = redis.createClient(global.nconf.get('redis:port'), global.nconf.get('redis:host')),
+	redisServer = redis.createClient(nconf.get('redis:port'), nconf.get('redis:host')),
 	marked = require('marked'),
 	utils = require('../public/src/utils.js'),
 	pkg = require('../package.json'),
@@ -40,11 +40,11 @@ var express = require('express'),
 			],
 			metaString = utils.buildMetaTags(defaultMetaTags.concat(options.metaTags || [])),
 			templateValues = {
-				cssSrc: global.config['theme:src'] || global.nconf.get('relative_path') + '/vendor/bootstrap/css/bootstrap.min.css',
+				cssSrc: global.config['theme:src'] || nconf.get('relative_path') + '/vendor/bootstrap/css/bootstrap.min.css',
 				title: global.config['title'] || 'NodeBB',
 				browserTitle: global.config['title'] || 'NodeBB',
 				csrf: options.res.locals.csrf_token,
-				relative_path: global.nconf.get('relative_path'),
+				relative_path: nconf.get('relative_path'),
 				meta_tags: metaString
 			};
 
@@ -60,7 +60,7 @@ var express = require('express'),
 	// Middlewares
 	app.use(express.favicon(path.join(__dirname, '../', 'public', 'favicon.ico')));
 	app.use(require('less-middleware')({ src: path.join(__dirname, '../', 'public') }));
-	app.use(global.nconf.get('relative_path'), express.static(path.join(__dirname, '../', 'public')));
+	app.use(nconf.get('relative_path'), express.static(path.join(__dirname, '../', 'public')));
 	app.use(express.bodyParser());	// Puts POST vars in request.body
 	app.use(express.cookieParser());	// If you want to parse cookies (res.cookies)
 	app.use(express.compress());
@@ -69,7 +69,7 @@ var express = require('express'),
 			client: redisServer,
 			ttl: 60*60*24*14
 		}),
-		secret: global.nconf.get('secret'),
+		secret: nconf.get('secret'),
 		key: 'express.sid'
 	}));
 	app.use(express.csrf());
@@ -86,7 +86,7 @@ var express = require('express'),
 	
 	app.use(function(req, res, next) {
 		
-		global.nconf.set('https', req.secure);
+		nconf.set('https', req.secure);
 		
 		// Don't bother with session handling for API requests
 		if (/^\/api\//.test(req.url)) return next();
@@ -109,7 +109,7 @@ var express = require('express'),
 		// respond with html page
 		if (req.accepts('html')) {
 			//res.json('404', { url: req.url });
-			res.redirect(global.nconf.get('relative_path') + '/404');
+			res.redirect(nconf.get('relative_path') + '/404');
 			return;
 		}
 
@@ -141,7 +141,7 @@ var express = require('express'),
 	};
 	
 
-	app.namespace(global.nconf.get('relative_path'), function() {
+	app.namespace(nconf.get('relative_path'), function() {
 
 		auth.create_routes(app);
 		admin.create_routes(app);
@@ -243,7 +243,7 @@ var express = require('express'),
 							{ name: "title", content: topicData.topic_name },
 							{ property: 'og:title', content: topicData.topic_name + ' | ' + (global.config.title || 'NodeBB') },
 							{ property: "og:type", content: 'article' },
-							{ property: "og:url", content: global.nconf.get('url') + 'topic/' + topicData.slug },
+							{ property: "og:url", content: nconf.get('url') + 'topic/' + topicData.slug },
 							{ property: 'og:image', content: topicData.main_posts[0].picture },
 							{ property: "article:published_time", content: new Date(parseInt(topicData.main_posts[0].timestamp, 10)).toISOString() },
 							{ property: 'article:modified_time', content: new Date(lastMod).toISOString() },
@@ -338,7 +338,7 @@ var express = require('express'),
 			res.send(	"User-agent: *\n" +
 						"Disallow: \n" +
 						"Disallow: /admin/\n" +
-						"Sitemap: " + global.nconf.get('url') + "sitemap.xml");
+						"Sitemap: " + nconf.get('url') + "sitemap.xml");
 		});
 
 		app.get('/cid/:cid', function(req, res) {

src/websockets.js

@@ -16,12 +16,12 @@ var SocketIO = require('socket.io').listen(global.server, { log:false }),
 	async = require('async'),
 	RedisStoreLib = require('connect-redis')(express),
 	redis = require('redis'),
-	redisServer = redis.createClient(global.nconf.get('redis:port'), global.nconf.get('redis:host')),
+	redisServer = redis.createClient(nconf.get('redis:port'), nconf.get('redis:host')),
 	RedisStore = new RedisStoreLib({
 		client: redisServer,
 		ttl: 60*60*24*14
 	}),
-	socketCookieParser = express.cookieParser(global.nconf.get('secret')),
+	socketCookieParser = express.cookieParser(nconf.get('secret')),
 	admin = {
 		'categories': require('./admin/categories.js'),
 		'user': require('./admin/user.js')
@@ -187,7 +187,7 @@ var SocketIO = require('socket.io').listen(global.server, { log:false }),
 					uid:0,
 					username: "Anonymous User",
 					email: '',
-					picture: require('gravatar').url('', {s:'24'}, https=global.nconf.get('https'))
+					picture: require('gravatar').url('', {s:'24'}, https=nconf.get('https'))
 				});
 			}