Merge branch 'master' of github.com:akhoury/NodeBB into akhoury-master

Conflicts: src/user.js
11 years ago · f02cd9df82
parent 4cfd970d5f 659817b4f1
commit f02cd9df82
8 changed files with 95 additions and 45 deletions
--- a/public/src/utils.js
+++ b/public/src/utils.js
@ -126,8 +126,7 @@
 		// from http://stackoverflow.com/questions/46155/validate-email-address-in-javascript
 		isEmailValid: function(email) {
 			// var re = /[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/;
-			var valid = email.indexOf('@') !== -1 ? true : false;
-			return valid;
+			return email.indexOf('@') !== -1;
 		},

 		isUserNameValid: function(name) {
@ -137,6 +136,21 @@
 		isPasswordValid: function(password) {
 			return password && password.indexOf(' ') === -1;
 		},
+		isNumber: function(n) {
+			return !isNaN(parseFloat(n)) && isFinite(n);
+		},
+		// shallow objects merge
+		merge: function() {
+			var result = {}, obj, keys;
+			for (var i = 0; i < arguments.length; i++) {
+				obj = arguments[i] || {};
+				keys = Object.keys(obj);
+				for (var j = 0; j < keys.length; j++) {
+					result[keys[j]] = obj[keys[j]];
+				}
+			}
+			return result;
+		},
 		buildMetaTags: function(tagsArr) {
 			var tags = '',
 				tag;
--- a/src/admin/user.js
+++ b/src/admin/user.js
@ -11,7 +11,7 @@ var utils = require('../../public/src/utils'),
 			}

 			if (isAdmin) {
-				user.create(userData.username, userData.password, userData.email, function(err) {
+				user.create(userData, function(err) {
 					if(err) {
 						return callback(err);
 					}
--- a/src/install.js
+++ b/src/install.js
@ -25,7 +25,13 @@ var async = require('async'),
 			description: 'Use a port number to access NodeBB?',
 			'default': (nconf.get('use_port') !== undefined ? (nconf.get('use_port') ? 'y' : 'n') : 'y'),
 			pattern: /y[es]*|n[o]?/,
-			message: 'Please enter \'yes\' or \'no\'',
+			message: 'Please enter \'yes\' or \'no\''
+		}, {
+			name: 'use_proxy',
+			description: 'is NodeBB behind a proxy?',
+			'default': (nconf.get('use_proxy') !== undefined ? (nconf.get('use_proxy') ? 'y' : 'n') : 'y'),
+			pattern: /y[es]*|n[o]?/,
+			message: 'Please enter \'yes\' or \'no\''
 		}, {
 			name: 'secret',
 			description: 'Please enter a NodeBB secret',
@ -141,6 +147,7 @@ var async = require('async'),
 							config.bcrypt_rounds = 12;
 							config.upload_path = '/public/uploads';
 							config.use_port = config.use_port.slice(0, 1) === 'y';
+							config.use_proxy = config.use_proxy.slice(0, 1) === 'y';

 							var urlObject = url.parse(config.base_url),
 								relative_path = (urlObject.pathname && urlObject.pathname.length > 1) ? urlObject.pathname : '',
@ -218,7 +225,7 @@ var async = require('async'),
 							value: 1
 						}, {
 							field: 'allowFileUploads',
-							value: 0,
+							value: 0
 						}, {
 							field: 'maximumFileSize',
 							value: 2048
@ -404,7 +411,7 @@ var async = require('async'),
 					}

 					nconf.set('bcrypt_rounds', 12);
-					User.create(results.username, results.password, results.email, function (err, uid) {
+					User.create({username: results.username, password: results.password, email: results.email}, function (err, uid) {
 						if (err) {
 							winston.warn(err.message + ' Please try again.');
 							return callback(new Error('invalid-values'));
--- a/src/login.js
+++ b/src/login.js
@ -70,7 +70,7 @@ var user = require('./user'),
 				});
 			} else {
 				// New User
-				user.create(handle, undefined, undefined, function(err, uid) {
+				user.create({username: handle}, function(err, uid) {
 					if(err) {
 						return callback(err);
 					}
@ -93,7 +93,7 @@ var user = require('./user'),
 				});
 			}
 		});
-	}
+	};

 	Login.loginViaGoogle = function(gplusid, handle, email, callback) {
 		user.getUidByGoogleId(gplusid, function(err, uid) {
@ -115,7 +115,7 @@ var user = require('./user'),
 					callback(null, {
 						uid: uid
 					});
-				}
+				};

 				user.getUidByEmail(email, function(err, uid) {
 					if(err) {
@ -123,7 +123,7 @@ var user = require('./user'),
 					}

 					if (!uid) {
-						user.create(handle, undefined, email, function(err, uid) {
+						user.create({username: handle, email: email}, function(err, uid) {
 							if(err) {
 								return callback(err);
 							}
@ -136,7 +136,7 @@ var user = require('./user'),
 				});
 			}
 		});
-	}
+	};

 	Login.loginViaFacebook = function(fbid, name, email, callback) {
 		user.getUidByFbid(fbid, function(err, uid) {
@ -158,7 +158,7 @@ var user = require('./user'),
 					callback(null, {
 						uid: uid
 					});
-				}
+				};

 				user.getUidByEmail(email, function(err, uid) {
 					if(err) {
@ -166,7 +166,7 @@ var user = require('./user'),
 					}

 					if (!uid) {
-						user.create(name, undefined, email, function(err, uid) {
+						user.create({username: name, email: email}, function(err, uid) {
 							if(err) {
 								return callback(err);
 							}
@ -181,4 +181,4 @@ var user = require('./user'),
 		});
 	}

-}(exports));
+}(exports));
--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@ -197,7 +197,7 @@
 					return res.send(403);
 				}

-				user.create(req.body.username, req.body.password, req.body.email, function(err, uid) {
+				user.create({username: req.body.username, password: req.body.password, email: req.body.email, ip: req.ip}, function(err, uid) {
 					if (err === null && uid) {
 						req.login({
 							uid: uid
--- a/src/user.js
+++ b/src/user.js
@ -19,34 +19,35 @@ var bcrypt = require('bcrypt'),

 (function(User) {
 	'use strict';
-	User.create = function(username, password, email, callback) {
-		var userslug = utils.slugify(username);
+	User.create = function(userData, callback) {
+		userData = userData || {};
+		userData.userslug = utils.slugify(userData.username);

-		username = username.trim();
-		if (email !== undefined) {
-			email = email.trim();
+		userData.username = userData.username.trim();
+		if (userData.email !== undefined) {
+			userData.email = userData.email.trim();
 		}

 		async.parallel([
 			function(next) {
-				if (email !== undefined) {
-					next(!utils.isEmailValid(email) ? new Error('Invalid Email!') : null);
+				if (userData.email) {
+					next(!utils.isEmailValid(userData.email) ? new Error('Invalid Email!') : null);
 				} else {
 					next();
 				}
 			},
 			function(next) {
-				next((!utils.isUserNameValid(username) || !userslug) ? new Error('Invalid Username!') : null);
+				next((!utils.isUserNameValid(userData.username) || !userData.userslug) ? new Error('Invalid Username!') : null);
 			},
 			function(next) {
-				if (password !== undefined) {
-					next(!utils.isPasswordValid(password) ? new Error('Invalid Password!') : null);
+				if (userData.password) {
+					next(!utils.isPasswordValid(userData.password) ? new Error('Invalid Password!') : null);
 				} else {
 					next();
 				}
 			},
 			function(next) {
-				User.exists(userslug, function(err, exists) {
+				User.exists(userData.userslug, function(err, exists) {
 					if (err) {
 						return next(err);
 					}
@ -54,8 +55,8 @@ var bcrypt = require('bcrypt'),
 				});
 			},
 			function(next) {
-				if (email !== undefined) {
-					User.isEmailAvailable(email, function(err, available) {
+				if (userData.email) {
+					User.isEmailAvailable(userData.email, function(err, available) {
 						if (err) {
 							return next(err);
 						}
@ -64,8 +65,14 @@ var bcrypt = require('bcrypt'),
 				} else {
 					next();
 				}
+			},
+			function(next) {
+				plugins.fireHook('filter:user.create', userData, function(err, filteredUserData){
+					next(err, utils.merge(userData, filteredUserData));
+				});
 			}
 		], function(err, results) {
+			userData = results[results.length - 1];
 			if (err) {
 				return callback(err);
 			}
@ -75,18 +82,19 @@ var bcrypt = require('bcrypt'),
 					return callback(err);
 				}

-				var gravatar = User.createGravatarURLFromEmail(email);
+				var gravatar = User.createGravatarURLFromEmail(userData.email);
 				var timestamp = Date.now();
+				var password = userData.password;

-				db.setObject('user:' + uid, {
+				userData = {
 					'uid': uid,
-					'username': username,
-					'userslug': userslug,
+					'username': userData.username,
+					'userslug': userData.userslug,
 					'fullname': '',
 					'location': '',
 					'birthday': '',
 					'website': '',
-					'email': email || '',
+					'email': userData.email || '',
 					'signature': '',
 					'joindate': timestamp,
 					'picture': gravatar,
@ -98,19 +106,21 @@ var bcrypt = require('bcrypt'),
 					'lastposttime': 0,
 					'banned': 0,
 					'showemail': 0
-				});
+				};
+
+				db.setObject('user:' + uid, userData);

-				db.setObjectField('username:uid', username, uid);
-				db.setObjectField('userslug:uid', userslug, uid);
+				db.setObjectField('username:uid', userData.username, uid);
+				db.setObjectField('userslug:uid', userData.userslug, uid);

-				if (email !== undefined) {
-					db.setObjectField('email:uid', email, uid);
+				if (userData.email !== undefined) {
+					db.setObjectField('email:uid', userData.email, uid);
 					if (parseInt(uid, 10) !== 1) {
-						User.email.verify(uid, email);
+						User.email.verify(uid, userData.email);
 					}
 				}

-				plugins.fireHook('action:user.create', {uid: uid, username: username, email: email, picture: gravatar, timestamp: timestamp});
+				plugins.fireHook('action:user.create', userData);
 				db.incrObjectField('global', 'userCount');

 				db.sortedSetAdd('users:joindate', timestamp, uid);
@ -120,7 +130,7 @@ var bcrypt = require('bcrypt'),
 				// Join the "registered-users" meta group
 				groups.joinByGroupName('registered-users', uid);

-				if (password !== undefined) {
+				if (password) {
 					User.hashPassword(password, function(err, hash) {
 						User.setUserField(uid, 'password', hash);
 						callback(null, uid);
--- a/src/webserver.js
+++ b/src/webserver.js
@ -191,6 +191,25 @@ if(nconf.get('ssl')) {

 				app.use(express.csrf());

+				// negative boolean with type check here to support a config.json without a 'use_proxy' value, 
+				// so unless it's specifically set to false, it's true (as long as it's not a dev env)
+				// todo: remove double negative with a minor release, where backward compatibility can be broken
+				// and if dev mode, then it's probably not behind a proxy but it can be forced by setting 'use_proxy' to true
+
+				if (nconf.get('use_proxy') === false) {
+					winston.info('\'use_proxy\' is set to false in config file, skipping \'trust proxy\'');
+
+				} else if (!nconf.get('use_proxy') && process.env.NODE_ENV === 'development') {
+					winston.info('\'use_proxy\' is not set, skipping because you\'re in development env. Set to true to force enabling it.');
+
+				} else {
+					winston.info('\'use_proxy\''
+						+ (nconf.get('use_proxy') === true ? ' is set to true ' : ' is not set ')
+						+ 'in config file, enabling \'trust proxy\', set to false to disable it.');
+
+					app.enable('trust proxy');
+				}
+
 				// Local vars, other assorted setup
 				app.use(function (req, res, next) {
 					nconf.set('https', req.secure);
@ -210,7 +229,7 @@ if(nconf.get('ssl')) {
 						user.setUserField(req.user.uid, 'lastonline', Date.now());
 					}
 					next();
-				})
+				});

 				next();
 			},
--- a/tests/user.js
+++ b/tests/user.js
@ -26,16 +26,16 @@ describe('User', function() {

 	describe('when created', function() {
 		it('should be created properly', function(done){
-			User.create(userData.name, userData.password, userData.email, function(error,userId){
+			User.create({usename: userData.name, password: userData.password, email: userData.email}, function(error,userId){
 				assert.equal(error, null, 'was created with error');
 				assert.ok(userId);
 				done();
 			});
 		});

-		it('should have a valid email', function() {
+		it('should have a valid email, if using an email', function() {
 			assert.throws(
-				User.create(userData.name, userData.password, 'fakeMail',function(){}),
+				User.create({username: userData.name, password: userData.password, email: 'fakeMail'},function(){}),
 				Error,
 				'does not validate email'
 			);