pyc-website
main website for pyc inc.
git clone https://9o.is/git/pyc-website.git
EmailResetToken.scala
(3320B)
1 package inc.pyc
2 package model
3
4 import lib._
5 import config._
6 import net.liftweb._
7 import common._
8 import record._
9 import record.field._
10 import http._
11 import sitemap._, Loc._
12 import mongodb.record._
13 import mongodb.record.field._
14 import util.Helpers._
15 import net.liftmodules._
16 import mongoauth._
17 import mongoauth.field._
18 import mongoauth.Locs._
19 import org.joda.time.Hours
20 import org.bson.types.ObjectId
21 import scala.concurrent._
22 import ExecutionContext.Implicits.global
23
24 /**
25 * This is a token for verifying new email.
26 */
27 class EmailResetToken extends MongoRecord[EmailResetToken] with ObjectIdPk[EmailResetToken] {
28 def meta = EmailResetToken
29
30 object userId extends ObjectIdField(this)
31 object expires extends ExpiresField(this, meta.resetEmailTokenExpires)
32 object email extends EmailField(this, 64)
33
34 def url: String = meta.url(this)
35 }
36
37 object EmailResetToken extends EmailResetToken with MongoMetaRecord[EmailResetToken] {
38 import mongodb.BsonDSL._
39
40 override def collectionName = "user.emailresettokens"
41
42 ensureIndex((userId.name -> 1))
43
44 private lazy val resetEmailTokenUrl = "/reset-email-token"
45 private lazy val resetEmailTokenExpires = Hours.hours(48)
46
47 def url(inst: EmailResetToken): String = "%s%s?token=%s".format(Site.domain, resetEmailTokenUrl, inst.id.toString)
48
49 def createForUserId(uid: ObjectId, email: String): EmailResetToken = {
50 createRecord.userId(uid).email(email).save()
51 }
52
53 def deleteAllByUserIdBox(uid: ObjectId): Box[Unit] = tryo {
54 delete(userId.name, uid)
55 }
56
57 def findByStringId(in: String): Box[EmailResetToken] =
58 if (ObjectId.isValid(in)) find(new ObjectId(in))
59 else Failure("Invalid ObjectId: "+in)
60
61 def sendToken(user: User, email: String): Future[Unit] = Future {
62 import net.liftweb.util.Mailer._
63
64 val token = EmailResetToken.createForUserId(user.id.get, email)
65 val title = "Reset Email"
66 val msg = s"Hello ${user.fname.get}, you requested to change your account to this email."
67
68 HtmlEmail.createToken(false, "", msg, title, url, false) map {
69 sendMail(
70 From(MongoAuth.systemFancyEmail),
71 Subject("%s: %s".format(MongoAuth.siteName.vend, title)),
72 To(token.email.get),
73 _
74 )
75 }
76 }
77
78 def handleEmailResetToken: Box[LiftResponse] = {
79 User.logUserOut()
80 val resp = S.param("token").flatMap(EmailResetToken.findByStringId) match {
81 case Full(at) if (at.expires.isExpired) => {
82 at.delete_!
83 RedirectResponse(Site.home.url)
84 }
85 case Full(at) => User.find(at.userId.get).map(user => {
86 if (user.validate.length == 0) {
87 user.verified(true)
88 user.email(at.email.get)
89 user.save()
90 at.delete_!
91 RedirectResponse(Site.login.url)
92 }
93 else {
94 at.delete_!
95 User.regUser(user)
96 RedirectResponse(Site.register.url)
97 }
98 }).openOr(RedirectResponse(Site.home.url))
99 case _ => RedirectResponse(Site.home.url)
100 }
101
102 Full(resp)
103 }
104
105 def buildEmailResetTokenMenu = Menu(Loc(
106 "EmailResetToken", resetEmailTokenUrl.split("/").filter(_.length > 0).toList,
107 S ? "liftmodule-monogoauth.locs.emailResetToken", emailResetTokenLocParams
108 ))
109
110 protected def emailResetTokenLocParams =
111 EarlyResponse(() => handleEmailResetToken) :: Nil
112 }