Merge branch 'master' of github.com:akhoury/NodeBB into akhoury-master

Conflicts:
	src/user.js
v1.18.x
Julian Lam 11 years ago
commit f02cd9df82

@ -126,8 +126,7 @@
// from http://stackoverflow.com/questions/46155/validate-email-address-in-javascript // from http://stackoverflow.com/questions/46155/validate-email-address-in-javascript
isEmailValid: function(email) { isEmailValid: function(email) {
// var re = /[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/; // var re = /[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/;
var valid = email.indexOf('@') !== -1 ? true : false; return email.indexOf('@') !== -1;
return valid;
}, },
isUserNameValid: function(name) { isUserNameValid: function(name) {
@ -137,6 +136,21 @@
isPasswordValid: function(password) { isPasswordValid: function(password) {
return password && password.indexOf(' ') === -1; return password && password.indexOf(' ') === -1;
}, },
isNumber: function(n) {
return !isNaN(parseFloat(n)) && isFinite(n);
},
// shallow objects merge
merge: function() {
var result = {}, obj, keys;
for (var i = 0; i < arguments.length; i++) {
obj = arguments[i] || {};
keys = Object.keys(obj);
for (var j = 0; j < keys.length; j++) {
result[keys[j]] = obj[keys[j]];
}
}
return result;
},
buildMetaTags: function(tagsArr) { buildMetaTags: function(tagsArr) {
var tags = '', var tags = '',
tag; tag;

@ -11,7 +11,7 @@ var utils = require('../../public/src/utils'),
} }
if (isAdmin) { if (isAdmin) {
user.create(userData.username, userData.password, userData.email, function(err) { user.create(userData, function(err) {
if(err) { if(err) {
return callback(err); return callback(err);
} }

@ -25,7 +25,13 @@ var async = require('async'),
description: 'Use a port number to access NodeBB?', description: 'Use a port number to access NodeBB?',
'default': (nconf.get('use_port') !== undefined ? (nconf.get('use_port') ? 'y' : 'n') : 'y'), 'default': (nconf.get('use_port') !== undefined ? (nconf.get('use_port') ? 'y' : 'n') : 'y'),
pattern: /y[es]*|n[o]?/, pattern: /y[es]*|n[o]?/,
message: 'Please enter \'yes\' or \'no\'', message: 'Please enter \'yes\' or \'no\''
}, {
name: 'use_proxy',
description: 'is NodeBB behind a proxy?',
'default': (nconf.get('use_proxy') !== undefined ? (nconf.get('use_proxy') ? 'y' : 'n') : 'y'),
pattern: /y[es]*|n[o]?/,
message: 'Please enter \'yes\' or \'no\''
}, { }, {
name: 'secret', name: 'secret',
description: 'Please enter a NodeBB secret', description: 'Please enter a NodeBB secret',
@ -141,6 +147,7 @@ var async = require('async'),
config.bcrypt_rounds = 12; config.bcrypt_rounds = 12;
config.upload_path = '/public/uploads'; config.upload_path = '/public/uploads';
config.use_port = config.use_port.slice(0, 1) === 'y'; config.use_port = config.use_port.slice(0, 1) === 'y';
config.use_proxy = config.use_proxy.slice(0, 1) === 'y';
var urlObject = url.parse(config.base_url), var urlObject = url.parse(config.base_url),
relative_path = (urlObject.pathname && urlObject.pathname.length > 1) ? urlObject.pathname : '', relative_path = (urlObject.pathname && urlObject.pathname.length > 1) ? urlObject.pathname : '',
@ -218,7 +225,7 @@ var async = require('async'),
value: 1 value: 1
}, { }, {
field: 'allowFileUploads', field: 'allowFileUploads',
value: 0, value: 0
}, { }, {
field: 'maximumFileSize', field: 'maximumFileSize',
value: 2048 value: 2048
@ -404,7 +411,7 @@ var async = require('async'),
} }
nconf.set('bcrypt_rounds', 12); nconf.set('bcrypt_rounds', 12);
User.create(results.username, results.password, results.email, function (err, uid) { User.create({username: results.username, password: results.password, email: results.email}, function (err, uid) {
if (err) { if (err) {
winston.warn(err.message + ' Please try again.'); winston.warn(err.message + ' Please try again.');
return callback(new Error('invalid-values')); return callback(new Error('invalid-values'));

@ -70,7 +70,7 @@ var user = require('./user'),
}); });
} else { } else {
// New User // New User
user.create(handle, undefined, undefined, function(err, uid) { user.create({username: handle}, function(err, uid) {
if(err) { if(err) {
return callback(err); return callback(err);
} }
@ -93,7 +93,7 @@ var user = require('./user'),
}); });
} }
}); });
} };
Login.loginViaGoogle = function(gplusid, handle, email, callback) { Login.loginViaGoogle = function(gplusid, handle, email, callback) {
user.getUidByGoogleId(gplusid, function(err, uid) { user.getUidByGoogleId(gplusid, function(err, uid) {
@ -115,7 +115,7 @@ var user = require('./user'),
callback(null, { callback(null, {
uid: uid uid: uid
}); });
} };
user.getUidByEmail(email, function(err, uid) { user.getUidByEmail(email, function(err, uid) {
if(err) { if(err) {
@ -123,7 +123,7 @@ var user = require('./user'),
} }
if (!uid) { if (!uid) {
user.create(handle, undefined, email, function(err, uid) { user.create({username: handle, email: email}, function(err, uid) {
if(err) { if(err) {
return callback(err); return callback(err);
} }
@ -136,7 +136,7 @@ var user = require('./user'),
}); });
} }
}); });
} };
Login.loginViaFacebook = function(fbid, name, email, callback) { Login.loginViaFacebook = function(fbid, name, email, callback) {
user.getUidByFbid(fbid, function(err, uid) { user.getUidByFbid(fbid, function(err, uid) {
@ -158,7 +158,7 @@ var user = require('./user'),
callback(null, { callback(null, {
uid: uid uid: uid
}); });
} };
user.getUidByEmail(email, function(err, uid) { user.getUidByEmail(email, function(err, uid) {
if(err) { if(err) {
@ -166,7 +166,7 @@ var user = require('./user'),
} }
if (!uid) { if (!uid) {
user.create(name, undefined, email, function(err, uid) { user.create({username: name, email: email}, function(err, uid) {
if(err) { if(err) {
return callback(err); return callback(err);
} }
@ -181,4 +181,4 @@ var user = require('./user'),
}); });
} }
}(exports)); }(exports));

@ -197,7 +197,7 @@
return res.send(403); return res.send(403);
} }
user.create(req.body.username, req.body.password, req.body.email, function(err, uid) { user.create({username: req.body.username, password: req.body.password, email: req.body.email, ip: req.ip}, function(err, uid) {
if (err === null && uid) { if (err === null && uid) {
req.login({ req.login({
uid: uid uid: uid

@ -19,34 +19,35 @@ var bcrypt = require('bcrypt'),
(function(User) { (function(User) {
'use strict'; 'use strict';
User.create = function(username, password, email, callback) { User.create = function(userData, callback) {
var userslug = utils.slugify(username); userData = userData || {};
userData.userslug = utils.slugify(userData.username);
username = username.trim(); userData.username = userData.username.trim();
if (email !== undefined) { if (userData.email !== undefined) {
email = email.trim(); userData.email = userData.email.trim();
} }
async.parallel([ async.parallel([
function(next) { function(next) {
if (email !== undefined) { if (userData.email) {
next(!utils.isEmailValid(email) ? new Error('Invalid Email!') : null); next(!utils.isEmailValid(userData.email) ? new Error('Invalid Email!') : null);
} else { } else {
next(); next();
} }
}, },
function(next) { function(next) {
next((!utils.isUserNameValid(username) || !userslug) ? new Error('Invalid Username!') : null); next((!utils.isUserNameValid(userData.username) || !userData.userslug) ? new Error('Invalid Username!') : null);
}, },
function(next) { function(next) {
if (password !== undefined) { if (userData.password) {
next(!utils.isPasswordValid(password) ? new Error('Invalid Password!') : null); next(!utils.isPasswordValid(userData.password) ? new Error('Invalid Password!') : null);
} else { } else {
next(); next();
} }
}, },
function(next) { function(next) {
User.exists(userslug, function(err, exists) { User.exists(userData.userslug, function(err, exists) {
if (err) { if (err) {
return next(err); return next(err);
} }
@ -54,8 +55,8 @@ var bcrypt = require('bcrypt'),
}); });
}, },
function(next) { function(next) {
if (email !== undefined) { if (userData.email) {
User.isEmailAvailable(email, function(err, available) { User.isEmailAvailable(userData.email, function(err, available) {
if (err) { if (err) {
return next(err); return next(err);
} }
@ -64,8 +65,14 @@ var bcrypt = require('bcrypt'),
} else { } else {
next(); next();
} }
},
function(next) {
plugins.fireHook('filter:user.create', userData, function(err, filteredUserData){
next(err, utils.merge(userData, filteredUserData));
});
} }
], function(err, results) { ], function(err, results) {
userData = results[results.length - 1];
if (err) { if (err) {
return callback(err); return callback(err);
} }
@ -75,18 +82,19 @@ var bcrypt = require('bcrypt'),
return callback(err); return callback(err);
} }
var gravatar = User.createGravatarURLFromEmail(email); var gravatar = User.createGravatarURLFromEmail(userData.email);
var timestamp = Date.now(); var timestamp = Date.now();
var password = userData.password;
db.setObject('user:' + uid, { userData = {
'uid': uid, 'uid': uid,
'username': username, 'username': userData.username,
'userslug': userslug, 'userslug': userData.userslug,
'fullname': '', 'fullname': '',
'location': '', 'location': '',
'birthday': '', 'birthday': '',
'website': '', 'website': '',
'email': email || '', 'email': userData.email || '',
'signature': '', 'signature': '',
'joindate': timestamp, 'joindate': timestamp,
'picture': gravatar, 'picture': gravatar,
@ -98,19 +106,21 @@ var bcrypt = require('bcrypt'),
'lastposttime': 0, 'lastposttime': 0,
'banned': 0, 'banned': 0,
'showemail': 0 'showemail': 0
}); };
db.setObject('user:' + uid, userData);
db.setObjectField('username:uid', username, uid); db.setObjectField('username:uid', userData.username, uid);
db.setObjectField('userslug:uid', userslug, uid); db.setObjectField('userslug:uid', userData.userslug, uid);
if (email !== undefined) { if (userData.email !== undefined) {
db.setObjectField('email:uid', email, uid); db.setObjectField('email:uid', userData.email, uid);
if (parseInt(uid, 10) !== 1) { if (parseInt(uid, 10) !== 1) {
User.email.verify(uid, email); User.email.verify(uid, userData.email);
} }
} }
plugins.fireHook('action:user.create', {uid: uid, username: username, email: email, picture: gravatar, timestamp: timestamp}); plugins.fireHook('action:user.create', userData);
db.incrObjectField('global', 'userCount'); db.incrObjectField('global', 'userCount');
db.sortedSetAdd('users:joindate', timestamp, uid); db.sortedSetAdd('users:joindate', timestamp, uid);
@ -120,7 +130,7 @@ var bcrypt = require('bcrypt'),
// Join the "registered-users" meta group // Join the "registered-users" meta group
groups.joinByGroupName('registered-users', uid); groups.joinByGroupName('registered-users', uid);
if (password !== undefined) { if (password) {
User.hashPassword(password, function(err, hash) { User.hashPassword(password, function(err, hash) {
User.setUserField(uid, 'password', hash); User.setUserField(uid, 'password', hash);
callback(null, uid); callback(null, uid);

@ -191,6 +191,25 @@ if(nconf.get('ssl')) {
app.use(express.csrf()); app.use(express.csrf());
// negative boolean with type check here to support a config.json without a 'use_proxy' value,
// so unless it's specifically set to false, it's true (as long as it's not a dev env)
// todo: remove double negative with a minor release, where backward compatibility can be broken
// and if dev mode, then it's probably not behind a proxy but it can be forced by setting 'use_proxy' to true
if (nconf.get('use_proxy') === false) {
winston.info('\'use_proxy\' is set to false in config file, skipping \'trust proxy\'');
} else if (!nconf.get('use_proxy') && process.env.NODE_ENV === 'development') {
winston.info('\'use_proxy\' is not set, skipping because you\'re in development env. Set to true to force enabling it.');
} else {
winston.info('\'use_proxy\''
+ (nconf.get('use_proxy') === true ? ' is set to true ' : ' is not set ')
+ 'in config file, enabling \'trust proxy\', set to false to disable it.');
app.enable('trust proxy');
}
// Local vars, other assorted setup // Local vars, other assorted setup
app.use(function (req, res, next) { app.use(function (req, res, next) {
nconf.set('https', req.secure); nconf.set('https', req.secure);
@ -210,7 +229,7 @@ if(nconf.get('ssl')) {
user.setUserField(req.user.uid, 'lastonline', Date.now()); user.setUserField(req.user.uid, 'lastonline', Date.now());
} }
next(); next();
}) });
next(); next();
}, },

@ -26,16 +26,16 @@ describe('User', function() {
describe('when created', function() { describe('when created', function() {
it('should be created properly', function(done){ it('should be created properly', function(done){
User.create(userData.name, userData.password, userData.email, function(error,userId){ User.create({usename: userData.name, password: userData.password, email: userData.email}, function(error,userId){
assert.equal(error, null, 'was created with error'); assert.equal(error, null, 'was created with error');
assert.ok(userId); assert.ok(userId);
done(); done();
}); });
}); });
it('should have a valid email', function() { it('should have a valid email, if using an email', function() {
assert.throws( assert.throws(
User.create(userData.name, userData.password, 'fakeMail',function(){}), User.create({username: userData.name, password: userData.password, email: 'fakeMail'},function(){}),
Error, Error,
'does not validate email' 'does not validate email'
); );

Loading…
Cancel
Save