attempting to support #20

adding a switch to /fogot/change so that if we have a logged in user we don’t read the spoken, rather just render the form rendering the form is working OK, but when I try to post the form i get an immediate 404 Not Found, and thus any call to render within the form success handler is causing a “can’t set headers after re-sent” error
stormpath · Oct 9, 2014 · be3efae · be3efae
1 parent cf6897b
commit be3efae
Showing 1 changed file with 43 additions and 34 deletions.
diff --git a/lib/controllers.js b/lib/controllers.js
@@ -321,42 +321,51 @@ module.exports.forgotChange = function(req, res) {
   res.locals.app = req.app;
   res.locals.csrfToken = req.csrfToken();
 
-  req.app.get('stormpathApplication').verifyPasswordResetToken(req.query.sptoken, function(err, account) {
-    if (err) {
-      res.send(400);
-    } else {
-      forms.changePasswordForm.handle(req, {
-        // If we get here, it means the user is submitting a password change
-        // request, so we should attempt to change the user's password.
-        success: function(form) {
-          if (form.data.password !== form.data.passwordAgain) {
-            helpers.render(view, res, { error: 'Passwords do not match.', form: form });
-          } else {
-            account.password = form.data.password;
-            account.save(function(err, done) {
-              if (err) {
-                helpers.render(view, res, { error: err.userMessage, form: form });
-              } else {
-                helpers.render(req.app.get('stormpathForgotPasswordCompleteView'), res);
-              }
-            })
-          }
-        },
+  function renderForm(account){
+    forms.changePasswordForm.handle(req, {
+      // If we get here, it means the user is submitting a password change
+      // request, so we should attempt to change the user's password.
+      success: function(form) {
+        if (form.data.password !== form.data.passwordAgain) {
+          helpers.render(view, res, { error: 'Passwords do not match.', form: form });
+        } else {
+          account.password = form.data.password;
+          account.save(function(err) {
+            if (err) {
+              helpers.render(view, res, { error: err.userMessage, form: form });
+            } else {
+              helpers.render(req.app.get('stormpathForgotPasswordCompleteView'), res);
+            }
+          });
+        }
+      },
+
+      // If we get here, it means the user didn't supply required form fields.
+      error: function(form) {
+        var formErrors = helpers.collectFormErrors(form);
+        helpers.render(view, res, { form: form, formErrors: formErrors });
+      },
+
+      // If we get here, it means the user is doing a simple GET request, so we
+      // should just render the forgot password template.
+      empty: function(form) {
+        helpers.render(view, res, { form: form });
+      }
+    });
+  }
 
-        // If we get here, it means the user didn't supply required form fields.
-        error: function(form) {
-      var formErrors = helpers.collectFormErrors(form);
-          helpers.render(view, res, { form: form, formErrors: formErrors });
-        },
+  if(req.user){
+    renderForm(req.user);
+  }else{
+    req.app.get('stormpathApplication').verifyPasswordResetToken(req.query.sptoken, function(err, account) {
+      if (err) {
+        res.send(400);
+      } else {
+        renderForm(account);
+      }
+    });
+  }
 
-        // If we get here, it means the user is doing a simple GET request, so we
-        // should just render the forgot password template.
-        empty: function(form) {
-          helpers.render(view, res, { form: form });
-        }
-      });
-    }
-  });
 };