Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-02 12:05:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

banned users cant login, show error messages on failed logins

Browse Source
This commit is contained in:
Baris Usakli
2013-08-14 15:49:56 -04:00
parent 9ad82f4907
commit 74af205426
6 changed files with 34 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
public/src/forum/login.js
View File

@@ -27,11 +27,15 @@
url: RELATIVE_PATH + '/login', url: RELATIVE_PATH + '/login',
data: loginData, data: loginData,
success: function(data, textStatus, jqXHR) { success: function(data, textStatus, jqXHR) {
if(!data.success) {
$('#login-error-notify').html(data.message).show();
} else {
$('#login-error-notify').hide(); $('#login-error-notify').hide();
window.location.replace(RELATIVE_PATH + "/?loggedin"); window.location.replace(RELATIVE_PATH + "/?loggedin");
}
}, },
error : function(data, textStatus, jqXHR) { error : function(data, textStatus, jqXHR) {
$('#login-error-notify').show().delay(1000).fadeOut(250); $('#login-error-notify').show();
}, },
dataType: 'json', dataType: 'json',
async: true, async: true,

2
public/templates/login.tpl
View File

@@ -14,7 +14,7 @@
<button class="btn btn-primary" id="login" type="submit">Login</button> &nbsp; <a href="/reset">Forgot Password?</a> <button class="btn btn-primary" id="login" type="submit">Login</button> &nbsp; <a href="/reset">Forgot Password?</a>
</form> </form>
<span id="login-error-notify" class="label label-important hide">Invalid username/password</span><br/> <div id="login-error-notify" class="alert alert-danger hide">Invalid username/password</div>
</div> </div>
<div class="well span6 {alternate_logins:display}"> <div class="well span6 {alternate_logins:display}">

2
src/categories.js
View File

@@ -281,7 +281,7 @@ var RDB = require('./redis.js'),
} }
Categories.hasReadCategory(cid, current_user, function(hasRead) { Categories.hasReadCategory(cid, current_user, function(hasRead) {
categoryData['badgeclass'] = (parseInt(categoryData.topic_count,10) === 0 || (hasRead && current_user != 0)) ? '' : 'badge-important'; categoryData['badgeclass'] = (parseInt(categoryData.topic_count, 10) === 0 || (hasRead && current_user != 0)) ? '' : 'badge-important';
categories.push(categoryData); categories.push(categoryData);
callback(null); callback(null);

10
src/login.js
View File

@@ -25,8 +25,14 @@ var user = require('./user.js'),
}); });
} }
user.getUserField(uid, 'password', function(user_password) { user.getUserFields(uid, ['password', 'banned'], function(userData) {
bcrypt.compare(password, user_password, function(err, res) { if(userData.banned && userData.banned === '1') {
return next({
status: "error",
message: "user-banned"
});
}
bcrypt.compare(password, userData.password, function(err, res) {
if(err) { if(err) {
winston.err(err); winston.err(err);
next({ next({

17
src/routes/authentication.js
View File

@@ -137,9 +137,20 @@
}); });
}); });
app.post('/login', function(req, res, next) {
app.post('/login', passport.authenticate('local'), function(req, res) { passport.authenticate('local', function(err, user, info) {
res.json({success:1}); if(err) {
return next(err);
}
if (!user) {
return res.send({ success : false, message : info.message });
}
req.login({
uid: user.uid
}, function() {
res.send({ success : true, message : 'authentication succeeded' });
});
})(req, res, next);
}); });
app.post('/register', function(req, res) { app.post('/register', function(req, res) {

1
src/webserver.js
View File

@@ -124,6 +124,7 @@ var express = require('express'),
}); });
app.use(function(err, req, res, next) { app.use(function(err, req, res, next) {
// we may use properties of the error object // we may use properties of the error object
// here and next(err) appropriately, or if // here and next(err) appropriately, or if
// we possibly recovered from the error, simply next(). // we possibly recovered from the error, simply next().