Merge bb6b43e into 532f177

chidimo · May 23, 2019 · 8367bd8 · 8367bd8
2 parents 532f177 + bb6b43e
commit 8367bd8
Show file tree

Hide file tree

Showing 38 changed files with 2,877 additions and 152 deletions.
diff --git a/UI/authentication.html b/UI/authentication.html
@@ -41,17 +41,18 @@ <h4>Sign Up</h4>
                         <div id="signin_form" class="">
                             <h1 class="authentication_title">Sign in to your account</h1>
                             <hr>
-                            <form class="authentication sign_up" action="">
+                            <form method="POST" class="authentication sign_up" action="http://localhost:3000/auth/signin">
                                 <label for="email"><b>Email</b></label>
-                                <input type="email" placeholder="Enter email" name="email">
+                                <input id="signin_email" type="email" placeholder="Enter email" name="email" required>
 
                                 <label for="password"><b>Password</b></label>
-                                <input type="password" placeholder="Enter password" name="password">
+                                <input id="signin_password" type="password" placeholder="Enter password" name="password" required>
 
                                 <label for="remember">
                                     <input type="checkbox" checked="checked" name="remember">Remember me
                                 </label>
-                                <button id="sign_in_button" type="submit" class="dim submit_button">Sign In</button>
+                                <button type="submit" class="dim submit_button">Sign In</button>
+                                <p>Forgot your password? Reset it <a href="./password-reset.html">Here</a></p>
                             </form>
                         </div>
 
@@ -61,25 +62,25 @@ <h1 class="authentication_title">Create your account</h1>
                             <hr>
                             <form class="authentication sign_up" action="">
                                 <label for="email"><b>Email</b></label>
-                                <input type="email" placeholder="Enter email" name="email">
+                                <input id="signup_email" type="email" placeholder="Enter email" name="email" required>
 
                                 <label for="first_name"><b>First Name</b></label>
-                                <input type="text" placeholder="First Name" name="first_name" required>
+                                <input id="first_name" type="text" placeholder="First Name" name="first_name" required>
 
                                 <label for="last_name"><b>Last Name</b></label>
-                                <input type="text" placeholder="Last Name" name="last_name" required>
+                                <input id="last_name" type="text" placeholder="Last Name" name="last_name" required>
 
                                 <label for="password"><b>Password</b></label>
-                                <input type="password" placeholder="Enter password" name="password">
+                                <input id="signup_password" type="password" placeholder="Enter password" name="password" required>
 
                                 <label for="password-confirm"><b>Confirm password</b></label>
-                                <input type="password" placeholder="Confirm password" name="confirm_password">
+                                <input id="confirm_password" type="password" placeholder="Confirm password" name="confirm_password">
 
                                 <label for="remember">
                                     <input type="checkbox" checked="checked">Remember me
                                 </label>
                                 <p>By creating an account you agree to our <a href="#">Terms & Privacy</a>.</p>
-                                <button id="sign_up_button" type="submit" class="dim submit_button">Sign Up</button>
+                                <button type="submit" class="dim submit_button">Sign Up</button>
                             </form>
                         </div>
                     </div>

diff --git a/UI/js/authentication.js b/UI/js/authentication.js
@@ -4,20 +4,6 @@ const signup_form = document.getElementById('signup_form');
 const activate_signup = document.getElementById('activate_signup');
 const activate_signin = document.getElementById('activate_signin');
 
-const sign_in_button = document.getElementById('sign_in_button');
-const sign_up_button = document.getElementById('sign_up_button');
-
-// temporarily redirect the sign up and sign in pages to dashboard
-sign_in_button.addEventListener('click', e => {
-    e.preventDefault();
-    window.location = './dashboard.html';
-});
-
-sign_up_button.addEventListener('click', e => {
-    e.preventDefault();
-    window.location = './dashboard.html';
-});
-
 const swap_classes = (dom_1, dom_2) => {
     dom_1.classList.add('hide_form');
     dom_2.classList.remove('hide_form');
@@ -39,3 +25,74 @@ activate_signup.addEventListener('click', e => {
     swap_classes(signin_form, signup_form);
     activate_form(activate_signup, activate_signin);
 });
+
+
+// const base_url = 'https://qcredit.herokuapp.com';
+const base_url = 'http://localhost:3000';
+const signupEndpoint = `${base_url}/auth/signup`;
+const signinEndpoint = `${base_url}/auth/signin`;
+
+signin_form.addEventListener('submit', e => {
+    e.preventDefault();
+    const email = document.getElementById('signin_email').value;
+    const password = document.getElementById('signin_password').value;
+
+    const body = { email, password };
+
+    const options = {
+        method: 'POST',
+        body: JSON.stringify(body),
+        headers: { 
+            'Access-Control-Allow-Origin': '*',
+            'Content-Type': 'application/json',
+        },
+    };
+    fetch(signinEndpoint, options)
+        .then(response => {
+            if (response.status !== 200) {
+                console.log('Request error ', response.status);
+            }
+            return response.json(); })
+        .then(resp => {
+            console.log('response ', resp);
+            if (resp.error) { alert(resp.error); }
+            else {
+                localStorage.setItem('QCtoken', resp.data.token);
+                window.location = './dashboard.html';
+            }
+        });
+});
+
+signup_form.addEventListener('click', e => {
+    e.preventDefault();
+    const email = document.getElementById('signup_email').value;
+    const password = document.getElementById('signup_password').value;
+    const confirm_password = document.getElementById('confirm_password').value;
+    const firstname = document.getElementById('first_name').value;
+    const lastname = document.getElementById('last_name').value;
+
+    const body = { email, password, confirm_password, firstname, lastname };
+
+    const options = {
+        method: 'POST',
+        body: JSON.stringify(body),
+        headers: { 
+            'Access-Control-Allow-Origin': '*',
+            'Content-Type': 'application/json',
+        },
+    };
+    fetch(signupEndpoint, options)
+        .then(response => {
+            if (response.status !== 200) {
+                console.log('Request error ', response.status);
+            }
+            return response.json(); })
+        .then(resp => {
+            console.log('response ', resp);
+            if (resp.error) { alert(resp.error); }
+            else {
+                localStorage.setItem('QCtoken', resp.data.token);
+                window.location = './dashboard.html';
+            }
+        });
+});
diff --git a/UI/js/password_reset.js b/UI/js/password_reset.js
@@ -0,0 +1,6 @@
+const reset_password_form = document.getElementById('reset_password_form');
+
+reset_password_form.addEventListener('submit', e => {
+    e.preventDefault();
+    console.log('Reset password');
+});
diff --git a/UI/password-reset.html b/UI/password-reset.html
@@ -0,0 +1,65 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <meta http-equiv="X-UA-Compatible" content="ie=edge">
+        <meta name="Author" content="Orji Chidi Matthew">
+        <meta name="description" content="Easily accessible short term loans">
+        <meta name="keywords", content="loan, cash, short term loan">
+        <link href="https://fonts.googleapis.com/css?family=Open+Sans&display=swap" rel="stylesheet">
+        <link href="https://fonts.googleapis.com/css?family=Open+Sans|Roboto+Slab&display=swap" rel="stylesheet">
+        <link rel="stylesheet" href="./css/style.css">
+        <title>Quick Credit | Registration</title>
+    </head>
+
+    <body>
+        <div class="page_wrapper">
+            <div class="page_section_one">
+                <header id="header">
+                    <div class="container">
+                        <div id="branding">
+                            <a id="brand_name" href="index.html"><h1>Quick Credit</h1></a>
+                        </div>
+                    </div>
+                </header>
+
+                <section class="authentication_section">
+
+                    <div id="reg_form_toggle" class="container">
+                    </div>
+
+                    <div class="form_wrapper container">
+                        <div id="reset_password_form" class="">
+                            <h1 class="authentication_title">Reset your password</h1>
+                            <hr>
+                            <p>If you don't remember your password, click submit and your password will be emailed to you.</p>
+                            <hr>
+                            <form class="authentication reset_password" >
+                                <label for="password"><b>Old password</b></label>
+                                <input id="current_password" type="password" placeholder="Enter password" name="current_password">
+
+                                <label for="new_pass"><b>New password</b></label>
+                                <input id="new_pass" type="password" placeholder="Enter password" name="new_pass">
+
+                                <label for="password"><b>Confirm new password</b></label>
+                                <input id="confirm_new" type="password" placeholder="Enter confirmation password" name="confirm_new">
+
+                                <button type="submit" class="dim submit_button">Submit</button>
+                            </form>
+                        </div>
+                    </div>
+                </section>
+            </div>
+
+            <footer>
+                <div class="footer_text">
+                    <p>Quick Credit &copy; 2019</p>
+                    <p>Contact us: +2349036650603 | orjichidi95@gmail.com</p>
+                </div>
+            </footer>
+        </div>
+
+        <script src="./js/password_reset.js"></script>        
+    </body>
+</html>
diff --git a/app.js b/app.js
@@ -18,9 +18,9 @@ app.use(express.urlencoded({ extended: true }));
 app.use(cookieParser());
 app.use(express.static(path.join(__dirname, 'public')));
 app.use(validator());
-app.use(cors());
+app.use(cors('*'));
 
-app.use('/', indexRouter);
+app.use('/api/v1', indexRouter);
 
 // catch 404 and forward to error handler
 // app.use((req, res, next) => {

diff --git a/controllers/LoansController.js b/controllers/LoansController.js
@@ -38,7 +38,7 @@ const LoansController = {
             }
             return res.status(200).json({ data: data.rows });
         }
-        catch (e) { throw InternalServerError(res, e); }
+        catch (e) { return InternalServerError(res, e); }
     },
 
     get_loan: async (req, res) => {
@@ -83,7 +83,7 @@ const LoansController = {
             return res.status(404)
                 .json({ error: `Loan with id ${id} does not exist.` });
         }
-        catch (e) { throw InternalServerError(res, e); }
+        catch (e) { return InternalServerError(res, e); }
     },
 
     loan_repayment_history: async (req, res) => {
@@ -93,7 +93,7 @@ const LoansController = {
                 return await loan_repayment_history(repayments_model, req, res);
             }
         }
-        catch (e) { throw InternalServerError(res, e); }
+        catch (e) { return InternalServerError(res, e); }
     },
 
     post_repayment: async (req, res) => {
@@ -123,7 +123,7 @@ const LoansController = {
             );
             return res.status(200).json({ data: data.rows });
         }
-        catch (e) { throw InternalServerError(res, e); }
+        catch (e) { return InternalServerError(res, e); }
     },
 };
 

diff --git a/controllers/UsersController.js b/controllers/UsersController.js
@@ -1,13 +1,57 @@
+import generatePassword from 'password-generator';
 import Model from '../models/Model';
 import { InternalServerError } from '../utils/errorHandlers';
 import {
-    get_existing_user, check_user_exists, update_if_exists
+    get_existing_user,
+    check_user_exists,
+    update_if_exists,
+    check_password,
+    update_pass,
+    sendPassword
 } from './helpers/AuthController';
 import { aws_signed_url, } from './helpers/UsersController';
 
 const users_model = new Model('users');
 
 const UsersController = {
+    reset_password: async (req, res) => {
+        const { email } = req.params;
+        const { current_password, confirm_new, new_pass } = req.body;
+
+        const remember_password = (
+            (current_password !== '') &&
+            (new_pass !== '') &&
+            (confirm_new !== '')
+        );
+
+        const clause = `WHERE email='${email}'`;
+        try {
+            const exists = await check_user_exists(users_model, clause, res);
+            if (exists) {
+                if (remember_password) {
+                    const knows_pass = await check_password(
+                        users_model, email, current_password, res);
+
+                    if (knows_pass) {
+                        await update_pass(users_model, new_pass, clause, res);
+                        sendPassword(email, new_pass);
+                        return res.status(204)
+                            .json({ message: 'Password has been emailed to you.' });
+                    }
+                    return res.status(404)
+                        .json({ error: 'You entered an incorrect password' });
+                }
+                const new_password = generatePassword();
+                await update_pass(users_model, new_password, clause, res);
+                sendPassword(email, new_password);
+                return res.status(204).json({ message: 'Password has been emailed to you.' });
+            }
+            return res.status(404)
+                .json({ error: `User with email ${email} not found` });
+        }
+        catch (e) { return; }
+    },
+
     confirm_account: async (req, res) => {
         try {
 
@@ -55,12 +99,10 @@ const UsersController = {
                     rows, `WHERE status='${status}'`
                 );
             }
-            else {
-                data = await users_model.select(rows);
-            }
+            else { data = await users_model.select(rows); }
             return res.status(200).json({ data: data.rows });
         }
-        catch (e) { throw InternalServerError(res, e); }
+        catch (e) { return InternalServerError(res, e); }
     },
 
     update_user_profile: async (req, res) => {