From f2d8b8b9637fe236eb0cb303df5fc66ecd5c03f1 Mon Sep 17 00:00:00 2001
From: Casper Rasmussen <cr@nodes.dk>
Date: Mon, 6 Mar 2017 17:52:27 +0100
Subject: [PATCH] fixed reset pw

---
 .../FrontendResetPasswordController.swift     |  27 +--
 .../Api/Users/ResetPasswordRequest.swift      |   4 +-
 .../Resources/Views/ResetPassword/form.leaf   | 178 +++++++++---------
 3 files changed, 98 insertions(+), 111 deletions(-)

diff --git a/Sources/JWTKeychain/Controllers/Frontend/FrontendResetPasswordController.swift b/Sources/JWTKeychain/Controllers/Frontend/FrontendResetPasswordController.swift
index b57a75c..04ef3b4 100644
--- a/Sources/JWTKeychain/Controllers/Frontend/FrontendResetPasswordController.swift
+++ b/Sources/JWTKeychain/Controllers/Frontend/FrontendResetPasswordController.swift
@@ -40,10 +40,11 @@ open class FrontendResetPasswordController: FrontendResetPasswordControllerType
         } catch {
             throw Abort.custom(status: .badRequest, message: "The provided token does not validate. Try to reset your password again")
         }
-
-        print(request.storage)
         
-        return try drop.view.make("ResetPassword/form", ["token": token], for: request)
+        return try drop.view.make("ResetPassword/form", [
+            "token": token,
+            "fieldset": request.storage["_fieldset"] as? Node ?? nil
+        ], for: request)
     }
 
     open func resetPasswordChange(request: Request) throws -> Response {
@@ -68,25 +69,21 @@ open class FrontendResetPasswordController: FrontendResetPasswordControllerType
                 let userId = jwt.payload["user"]?.object?["id"]?.int,
                 let userPasswordHash = jwt.payload["user"]?.object?["password"]?.string,
                 var user = try User.query().filter("id", userId).first() else {
-                    print("Token is invalid")
                     return Response(redirect: "/reset-password/form/" + requestData.token)
                         .flash(.error, "Token is invalid")
             }
 
             if user.email != requestData.email {
-                print("Email did not match")
                 return Response(redirect: "/reset-password/form/" + requestData.token)
                     .flash(.error, "Email did not match")
             }
 
             if user.password != userPasswordHash {
-                print("Password already changed. Cannot use the same token again.")
                 return Response(redirect: "/reset-password/form/" + requestData.token)
                     .flash(.error, "Password already changed. Cannot use the same token again.")
             }
 
             if requestData.password != requestData.passwordConfirmation {
-                print("Password and password confirmation don't match")
                 return Response(redirect: "/reset-password/form/" + requestData.token)
                     .flash(.error, "Password and password confirmation don't match")
             }
@@ -94,30 +91,20 @@ open class FrontendResetPasswordController: FrontendResetPasswordControllerType
             user.password = BCrypt.hash(password: requestData.password)
             try user.save()
 
-            print("success")
             return Response(redirect: "/reset-password/form/" + requestData.token)
                 .flash(.success, "Password changed. You can close this page now.")
 
 
         } catch FormError.validationFailed(let fieldset) {
 
-            let response = Response(redirect: "/reset-password/form/" + (request.data["token"]?.string ?? "invalid"))
-                .flash(.error, "Data is invalid")
-            
-            
-            print("Data is invalid")
-            print(fieldset)
-            
-            response.storage["_fieldset"] = try fieldset.makeNode()
-            
-            return response
+            return Response(redirect: "/reset-password/form/" + (request.data["token"]?.string ?? "invalid"))
+                .flash(.error, "Validation error(s)")
+                .withFieldset(fieldset)
             
         } catch {
             
-            print(error)
             return Response(redirect: "/reset-password/form/" + (request.data["token"]?.string ?? "invalid"))
                 .flash(.error, "Something went wrong")
         }
-        
     }
 }
diff --git a/Sources/JWTKeychain/Requests/Api/Users/ResetPasswordRequest.swift b/Sources/JWTKeychain/Requests/Api/Users/ResetPasswordRequest.swift
index 75bf71c..11a10b2 100644
--- a/Sources/JWTKeychain/Requests/Api/Users/ResetPasswordRequest.swift
+++ b/Sources/JWTKeychain/Requests/Api/Users/ResetPasswordRequest.swift
@@ -11,8 +11,8 @@ class ResetPasswordRequest: Form {
 
     static let fieldset = Fieldset([
         "email": StringField(String.EmailValidator()),
-        "password": StringField(String.MinimumLengthValidator(characters: 6), RegexValidator(regex: "^(?=.*[0-9])(?=.*[A-Z])(?=.*[a-z])")),
-        "password_confirmation": StringField(String.MinimumLengthValidator(characters: 6), RegexValidator(regex: "^(?=.*[0-9])(?=.*[A-Z])(?=.*[a-z])")),
+        "password": StringField(String.MinimumLengthValidator(characters: 6), RegexValidator(regex: "^(?=.*[0-9])(?=.*[A-Z])(?=.*[a-z])", message: "Must have 1 number and 1 big letter")),
+        "password_confirmation": StringField(String.MinimumLengthValidator(characters: 6), RegexValidator(regex: "^(?=.*[0-9])(?=.*[A-Z])(?=.*[a-z])", message: "Must have 1 number and 1 big letter")),
         
         // any form of verification in order to get the field passed along
         "token": StringField(String.MinimumLengthValidator(characters: 10))
diff --git a/Sources/JWTKeychain/Resources/Views/ResetPassword/form.leaf b/Sources/JWTKeychain/Resources/Views/ResetPassword/form.leaf
index efeb4dd..96e721e 100644
--- a/Sources/JWTKeychain/Resources/Views/ResetPassword/form.leaf
+++ b/Sources/JWTKeychain/Resources/Views/ResetPassword/form.leaf
@@ -1,99 +1,99 @@
 <html>
-<head>
-    <!-- Latest compiled and minified CSS -->
-    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css"
-          integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
-</head>
-
-<body>
-    <div class="row">
-        <div class="col-xs-12 col-sm-offset-4 col-sm-4">
-        
-            <div id="reset-password" class="panel panel-default">
-                <div class="panel-body">
-                    <div class="panel-heading">
-                        <h3 class="panel-title text-center">Reset password</h3>
-                    </div>
-
-                    <!--Error-->
-                    #if(request.storage._flash.error) {
-                    <div class="alert alert-danger alert-dismissible fade in to-be-animated-in" role="alert">
-                        <button type="button" class="close" data-dismiss="alert" aria-label="Close">
-                            <span aria-hidden="true">&times;</span>
-                        </button>
-                        <span class="fa fa-exclamation-circle"></span>
-                        #(request.storage._flash.error)
-                    </div>
-                    }
-
-                    <!--Success-->
-                    #if(request.storage._flash.success) {
-                    <div class="alert alert-success alert-dismissible fade in to-be-animated-in" role="alert">
-                        <button type="button" class="close" data-dismiss="alert" aria-label="Close">
-                            <span aria-hidden="true">&times;</span>
-                        </button>
-                        <span class="fa fa-check-circle"></span>
-                        #(request.storage._flash.success)
-                    </div>
-                    }
-
-                    <!--Warning-->
-                    #if(request.storage._flash.warning) {
-                    <div class="alert alert-warning alert-dismissible fade in to-be-animated-in" role="alert">
-                        <button type="button" class="close" data-dismiss="alert" aria-label="Close">
-                            <span aria-hidden="true">&times;</span>
-                        </button>
-                        #(request.storage._flash.warning)
-                    </div>
-                    }
-
-                    <!--Info-->
-                    #if(request.storage._flash.info) {
-                    <div class="alert alert-info alert-dismissible fade in to-be-animated-in" role="alert">
-                        <button type="button" class="close" data-dismiss="alert" aria-label="Close">
-                            <span aria-hidden="true">&times;</span>
-                        </button>
-                        #(request.storage._flash.info)
-                    </div>
-                    }
-            
-                    <form method="POST" action="/reset-password/change">
-                        <input type="hidden" name="token" value="#(token)">
+    <head>
+        <!-- Latest compiled and minified CSS -->
+        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css"
+            integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
+    </head>
+    
+    <body>
+        <div class="row">
+            <div class="col-xs-12 col-sm-offset-4 col-sm-4">
                 
-                        <div class="form-group action-wrapper">
-                            <label for="email">E-mail</label>
-                            <input type="email" id="email" class="form-control" name="email" required placeholder="Insert email" 
-                                value='#valueForField(fieldset, "email")'/>
-                                #ifFieldHasErrors(fieldset, "email") { <ul class="errorlist"> }
-                                #loopErrorsForField(fieldset, "email", "message") { <li>#(message)</li> }
-                                #ifFieldHasErrors(fieldset, "email") { </ul> }
+                <div id="reset-password" class="panel panel-default">
+                    <div class="panel-body">
+                        <div class="panel-heading">
+                            <h3 class="panel-title text-center">Reset password</h3>
+                        </div>
+                        
+                        <!--Error-->
+                        #if(request.storage._flash.error) {
+                        <div class="alert alert-danger alert-dismissible fade in to-be-animated-in" role="alert">
+                            <button type="button" class="close" data-dismiss="alert" aria-label="Close">
+                                <span aria-hidden="true">&times;</span>
+                            </button>
+                            <span class="fa fa-exclamation-circle"></span>
+                            #(request.storage._flash.error)
                         </div>
-
-                        <div class="form-group">
-                            <label for="password">New password</label>
-                            <input type="password" id="password" class="form-control" name="password" required
-                                   placeholder="Insert password"/>
-                            #ifFieldHasErrors(fieldset, "password") { <ul class="errorlist"> }
-                            #loopErrorsForField(fieldset, "password", "message") { <li>#(message)</li> }
-                            #ifFieldHasErrors(fieldset, "password") { </ul> }
+                        }
+                        
+                        <!--Success-->
+                        #if(request.storage._flash.success) {
+                        <div class="alert alert-success alert-dismissible fade in to-be-animated-in" role="alert">
+                            <button type="button" class="close" data-dismiss="alert" aria-label="Close">
+                                <span aria-hidden="true">&times;</span>
+                            </button>
+                            <span class="fa fa-check-circle"></span>
+                            #(request.storage._flash.success)
                         </div>
-
-                        <div class="form-group">
-                            <label for="password_confirmation">New password confirmation</label>
-                            <input type="password" id="password_confirmation" class="form-control" name="password_confirmation" required
-                                   placeholder="Insert password"/>
-                            #ifFieldHasErrors(fieldset, "password_confirmation") { <ul class="errorlist"> }
-                            #loopErrorsForField(fieldset, "password_confirmation", "message") { <li>#(message)</li> }
-                            #ifFieldHasErrors(fieldset, "password_confirmation") { </ul> }
+                        }
+                        
+                        <!--Warning-->
+                        #if(request.storage._flash.warning) {
+                        <div class="alert alert-warning alert-dismissible fade in to-be-animated-in" role="alert">
+                            <button type="button" class="close" data-dismiss="alert" aria-label="Close">
+                                <span aria-hidden="true">&times;</span>
+                            </button>
+                            #(request.storage._flash.warning)
                         </div>
-
-                        <div class="form-group">
-                            <input type="submit" class="btn btn-primary form-control" value="Reset password"/>
+                        }
+                        
+                        <!--Info-->
+                        #if(request.storage._flash.info) {
+                        <div class="alert alert-info alert-dismissible fade in to-be-animated-in" role="alert">
+                            <button type="button" class="close" data-dismiss="alert" aria-label="Close">
+                                <span aria-hidden="true">&times;</span>
+                            </button>
+                            #(request.storage._flash.info)
                         </div>
-                    </form>
+                        }
+                        
+                        <form method="POST" action="/reset-password/change">
+                            <input type="hidden" name="token" value="#(token)">
+                                
+                                <div class="form-group action-wrapper">
+                                    <label for="email">E-mail</label>
+                                    <input type="email" id="email" class="form-control" name="email" required placeholder="Insert email"
+                                    value='#valueForField(fieldset, "email")'/>
+                                    #ifFieldHasErrors(fieldset, "email") { <ul class="errorlist"> }
+                                        #loopErrorsForField(fieldset, "email", "message") { <li>#(message)</li> }
+                                        #ifFieldHasErrors(fieldset, "email") { </ul> }
+                                </div>
+                                
+                                <div class="form-group">
+                                    <label for="password">New password</label>
+                                    <input type="password" id="password" class="form-control" name="password" required
+                                    placeholder="Insert password"/>
+                                    #ifFieldHasErrors(fieldset, "password") { <ul class="errorlist"> }
+                                        #loopErrorsForField(fieldset, "password", "message") { <li>#(message)</li> }
+                                        #ifFieldHasErrors(fieldset, "password") { </ul> }
+                                </div>
+                                
+                                <div class="form-group">
+                                    <label for="password_confirmation">New password confirmation</label>
+                                    <input type="password" id="password_confirmation" class="form-control" name="password_confirmation" required
+                                    placeholder="Insert password"/>
+                                    #ifFieldHasErrors(fieldset, "password_confirmation") { <ul class="errorlist"> }
+                                        #loopErrorsForField(fieldset, "password_confirmation", "message") { <li>#(message)</li> }
+                                        #ifFieldHasErrors(fieldset, "password_confirmation") { </ul> }
+                                </div>
+                                
+                                <div class="form-group">
+                                    <input type="submit" class="btn btn-primary form-control" value="Reset password"/>
+                                </div>
+                                </form>
+                    </div>
                 </div>
             </div>
         </div>
-    </div>
-</body>
+    </body>
 </html>