Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
Code Issues Activity

Merge pull request #587 from javorszky/iss288

Browse source 
Email sending with Sendgrid plus password reset
This commit is contained in:
Hannah Wolfe 2013-09-02 15:44:48 -07:00
commit 36874badd5
13 changed files with 446 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
config.js
View file

@ -18,6 +18,19 @@ config.activePlugins = [
'FancyFirstChar'
];
config.mail = {
transport: 'sendgrid',
host: 'smtp.sendgrid.net',
options: {
service: 'Sendgrid',
auth: {
user: '', // Super secret username
pass: '' // Super secret password
}
}
};
// ## Default Navigation Items
// Add new objects here to extend the menu output by {{nav}}
config.nav = [
@ -114,4 +127,4 @@ config.env = {
};
// Export config
module.exports = config;
module.exports = config;

7
core/client/router.js
View file

@ -14,7 +14,8 @@
'debug/' : 'debug',
'register/' : 'register',
'signup/' : 'signup',
'signin/' : 'login'
'signin/' : 'login',
'forgotten/' : 'forgotten'
},
signup: function () {
@ -25,6 +26,10 @@
Ghost.currentView = new Ghost.Views.Login({ el: '.js-login-container' });
},
forgotten: function () {
Ghost.currentView = new Ghost.Views.Forgotten({ el: '.js-login-container' });
},
blog: function () {
var posts = new Ghost.Collections.Posts();
posts.fetch({ data: { status: 'all', orderBy: ['updated_at', 'DESC'] } }).then(function () {

9
core/client/tpl/forgotten.hbs Normal file
View file

@ -0,0 +1,9 @@
<form id="forgotten" method="post" novalidate="novalidate">
<div class="email-wrap">
<input class="email" type="email" placeholder="Email Address" name="email" autocapitalize="off" autocorrect="off">
</div>
<button class="button-save" type="submit">Send new password</button>
<section class="meta">
<a href="/ghost/login/">Log in</a>
</section>
</form>

2
core/client/tpl/login.hbs
View file

@ -7,6 +7,6 @@
</div>
<button class="button-save" type="submit">Log in</button>
<section class="meta">
<a class="forgotten-password" href="#">Forgotten password?</a> &bull; <a href="/ghost/signup/">Register new user</a>
<a class="forgotten-password" href="/ghost/forgotten/">Forgotten password?</a> &bull; <a href="/ghost/signup/">Register new user</a>
</section>
</form>

34
core/client/views/login.js
View file

@ -109,4 +109,38 @@
});
}
});
Ghost.Views.Forgotten = Ghost.SimpleFormView.extend({
templateName: "forgotten",
events: {
'submit #forgotten': 'submitHandler'
},
submitHandler: function (event) {
event.preventDefault();
var email = this.$el.find('.email').val();
$.ajax({
url: '/ghost/forgotten/',
type: 'POST',
data: {
email: email
},
success: function (msg) {
window.location.href = msg.redirect;
},
error: function (xhr) {
Ghost.notifications.addItem({
type: 'error',
message: Ghost.Views.Utils.getRequestErrorMessage(xhr),
status: 'passive'
});
}
});
}
});
}());

9
core/ghost.js
View file

@ -12,6 +12,7 @@ var config = require('./../config'),
nodefn = require('when/node/function'),
_ = require('underscore'),
Polyglot = require('node-polyglot'),
Mailer = require('./server/mail'),
models = require('./server/models'),
plugins = require('./server/plugins'),
requireTree = require('./server/require-tree'),
@ -111,6 +112,7 @@ Ghost = function () {
},
statuses: function () { return statuses; },
polyglot: function () { return polyglot; },
mail: new Mailer(),
getPaths: function () {
return when.all([themeDirectories, pluginDirectories]).then(function (paths) {
instance.themeDirectories = paths[0];
@ -140,8 +142,11 @@ Ghost = function () {
Ghost.prototype.init = function () {
var self = this;
return when.join(instance.dataProvider.init(), instance.getPaths()).then(function () {
// Initialize plugins
return when.join(
instance.dataProvider.init(),
instance.getPaths(),
instance.mail.init(self)
).then(function () {
return self.initPlugins();
}).then(function () {
// Initialize the settings cache

4
core/server/api.js
View file

@ -143,6 +143,10 @@ users = {
changePassword: function changePassword(userData) {
// **returns:** on success, returns a promise for the resulting user in a json object
return dataProvider.User.changePassword(userData);
},
forgottenPassword: function forgottenPassword(email) {
return dataProvider.User.forgottenPassword(email);
}
};

43
core/server/controllers/admin.js
View file

@ -88,7 +88,7 @@ adminControllers = {
}
},
'login': function (req, res) {
res.render('login', {
res.render('signup', {
bodyClass: 'ghost-login',
hideNavbar: true,
adminNav: setSelected(adminNavbar, 'login')
@ -138,6 +138,7 @@ adminControllers = {
adminNav: setSelected(adminNavbar, 'login')
});
},
'doRegister': function (req, res) {
var email = req.body.email,
password = req.body.password;
@ -146,6 +147,9 @@ adminControllers = {
email_address: email,
password: password
}).then(function (user) {
ghost.mail.sendWelcomeMessage({email: user.attributes.email_address});
if (req.session.user === undefined) {
req.session.user = user.id;
}
@ -155,6 +159,43 @@ adminControllers = {
});
},
'forgotten': function (req, res) {
res.render('signup', {
bodyClass: 'ghost-forgotten',
hideNavbar: true,
adminNav: setSelected(adminNavbar, 'login')
});
},
'resetPassword': function (req, res) {
var email = req.body.email;
api.users.forgottenPassword(email).then(function (user) {
var message = {
to: email,
subject: 'Your new password',
html: "<p><strong>Hello!</strong></p>" +
"<p>You've reset your password. Here's the new one: " + user.newPassword + "</p>"
},
notification = {
type: 'success',
message: 'Your password was changed successfully. Check your email for details.',
status: 'passive',
id: 'successresetpw'
};
ghost.mail.send(message);
// let's only add the notification once
if (!_.contains(_.pluck(ghost.notifications, 'id'), 'successresetpw')) {
ghost.notifications.push(notification);
}
res.json(200, {redirect: '/ghost/login/'});
}, function (error) {
res.json(401, {error: error.message});
});
},
'logout': function (req, res) {
delete req.session.user;
var msg = {

127
core/server/mail.js Normal file
View file

@ -0,0 +1,127 @@
var cp = require('child_process'),
url = require('url'),
_ = require('underscore'),
when = require('when'),
nodefn = require('when/node/function'),
nodemailer = require('nodemailer');
function GhostMailer(opts) {
opts = opts || {};
this.transport = opts.transport || null;
}
// ## E-mail transport setup
// *This promise should always resolve to avoid halting Ghost::init*.
GhostMailer.prototype.init = function (ghost) {
this.ghost = ghost;
// TODO: fix circular reference ghost -> mail -> api -> ghost, remove this late require
this.api = require('./api');
var self = this,
config = ghost.config();
if (config.mail && config.mail.transport && config.mail.options) {
this.createTransport(config);
return when.resolve();
}
// Attempt to detect and fallback to `sendmail`
return this.detectSendmail().then(function (binpath) {
self.transport = nodemailer.createTransport('sendmail', {
path: binpath
});
self.usingSendmail();
}, function () {
self.emailDisabled();
}).ensure(function () {
return when.resolve();
});
};
GhostMailer.prototype.isWindows = function () {
return process.platform === 'win32';
};
GhostMailer.prototype.detectSendmail = function () {
if (this.isWindows()) {
return when.reject();
}
return when.promise(function (resolve, reject) {
cp.exec('which sendmail', function (err, stdout) {
if (err && !/bin\/sendmail/.test(stdout)) {
return reject();
}
resolve(stdout.toString());
});
});
};
GhostMailer.prototype.createTransport = function (config) {
this.transport = nodemailer.createTransport(config.mail.transport, _.clone(config.mail.options));
};
GhostMailer.prototype.usingSendmail = function () {
this.api.notifications.add({
type: 'info',
message: [
"Ghost is attempting to use your server's <b>sendmail</b> to send e-mail.",
"It is recommended that you explicitly configure an e-mail service,",
"see <a href=\"https://github.com/TryGhost/Ghost/wiki/\">instructions in the wiki</a>."
].join(' '),
status: 'persistent',
id: 'ghost-mail-fallback'
});
};
GhostMailer.prototype.emailDisabled = function () {
this.api.notifications.add({
type: 'warn',
message: [
"Ghost is currently unable to send e-mail.",
"See <a href=\"https://github.com/TryGhost/Ghost/wiki/\">instructions for configuring",
"an e-mail service</a>."
].join(' '),
status: 'persistent',
id: 'ghost-mail-disabled'
});
this.transport = null;
};
// Sends an e-mail message enforcing `to` (blog owner) and `from` fields
GhostMailer.prototype.send = function (message) {
if (!this.transport) {
return when.reject(new Error('No e-mail transport configured.'));
}
if (!(message && message.subject && message.html)) {
return when.reject(new Error('Incomplete message data.'));
}
var settings = this.ghost.settings(),
from = 'ghost-mailer@' + url.parse(settings.url).hostname,
to = message.to || settings.email,
sendMail = nodefn.lift(this.transport.sendMail.bind(this.transport));
message = _.extend(message, {
from: from,
to: to,
generateTextFromHTML: true
});
return sendMail(message);
};
GhostMailer.prototype.sendWelcomeMessage = function (opts) {
var adminURL = this.ghost.settings().url + "/ghost";
opts = opts || {};
opts.email = opts.email || this.ghost.settings().email;
return this.send({
to: opts.email,
subject: "Welcome to Ghost",
html: "<p><strong>Hello!</strong></p>" +
"<p>Welcome to the Ghost platform.</p>" +
"<p>Your dashboard is ready at <a href=\"" + adminURL + "\">" + adminURL + "</a>"
});
};
module.exports = GhostMailer;

45
core/server/models/user.js
View file

@ -129,11 +129,11 @@ User = GhostBookshelf.Model.extend({
}).then(function (addedUser) {
// Assign the userData to our created user so we can pass it back
userData = addedUser;
// Add this user to the admin role (assumes admin = role_id: 1)
return UserRole.add({role_id: 1, user_id: addedUser.id});
}).then(function (addedUserRole) {
// Return the added user as expected
return when.resolve(userData);
});
@ -182,7 +182,9 @@ User = GhostBookshelf.Model.extend({
userid = _userdata.currentUser,
oldPassword = _userdata.oldpw,
newPassword = _userdata.newpw,
ne2Password = _userdata.ne2pw;
ne2Password = _userdata.ne2pw,
user = null;
if (newPassword !== ne2Password) {
return when.reject(new Error('Your new passwords do not match'));
@ -190,19 +192,34 @@ User = GhostBookshelf.Model.extend({
return validatePasswordLength(newPassword).then(function () {
return self.forge({id: userid}).fetch({require: true});
}).then(function (user) {
return nodefn.call(bcrypt.compare, oldPassword, user.get('password'))
.then(function (matched) {
if (!matched) {
return when.reject(new Error('Your password is incorrect'));
}
return nodefn.call(bcrypt.hash, newPassword, null, null).then(function (hash) {
user.save({password: hash});
return user;
});
});
});
}).then(function (_user) {
user = _user;
return nodefn.call(bcrypt.compare, oldPassword, user.get('password'));
}).then(function (matched) {
if (!matched) {
return when.reject(new Error('Your password is incorrect'));
}
return nodefn.call(bcrypt.hash, newPassword, null, null);
}).then(function (hash) {
user.save({password: hash});
return user;
});
},
forgottenPassword: function (email) {
var newPassword = Math.random().toString(36).slice(2, 12), // This is magick
user = null;
return this.forge({email_address: email}).fetch({require: true}).then(function (_user) {
user = _user;
return nodefn.call(bcrypt.hash, newPassword, null, null);
}).then(function (hash) {
user.save({password: hash});
return { user: user, newPassword: newPassword };
}, function (error) {
return when.reject(new Error('There is no user by that email address. Check again.'));
});
},
effectivePermissions: function (id) {

167
core/test/unit/mail_spec.js Normal file
View file

@ -0,0 +1,167 @@
var cp = require('child_process'),
_ = require("underscore"),
when = require('when'),
sinon = require('sinon'),
should = require('should'),
Ghost = require('../../ghost'),
defaultConfig = require('../../../config'),
SMTP,
SENDMAIL,
fakeConfig,
fakeSettings,
fakeSendmail,
sandbox = sinon.sandbox.create(),
ghost;
// Mock SMTP config
SMTP = {
transport: 'SMTP',
options: {
service: 'Gmail',
auth: {
user: 'nil',
pass: '123'
}
}
};
// Mock Sendmail config
SENDMAIL = {
transport: 'sendmail',
options: {
path: '/nowhere/sendmail'
}
};
describe("Mail", function () {
beforeEach(function () {
// Mock config and settings
fakeConfig = _.extend({}, defaultConfig);
fakeSettings = {
url: 'http://test.tryghost.org',
email: 'ghost-test@localhost'
};
fakeSendmail = '/fake/bin/sendmail';
ghost = new Ghost();
sandbox.stub(ghost, "config", function () {
return fakeConfig;
});
sandbox.stub(ghost, "settings", function () {
return fakeSettings;
});
sandbox.stub(ghost.mail, "isWindows", function () {
return false;
});
sandbox.stub(ghost.mail, "detectSendmail", function () {
return when.resolve(fakeSendmail);
});
});
afterEach(function () {
sandbox.restore();
});
it('should attach mail provider to ghost instance', function () {
should.exist(ghost.mail);
ghost.mail.should.have.property('init');
ghost.mail.should.have.property('transport');
ghost.mail.should.have.property('send').and.be.a('function');
});
it('should setup SMTP transport on initialization', function (done) {
fakeConfig.mail = SMTP;
ghost.mail.init(ghost).then(function(){
ghost.mail.should.have.property('transport');
ghost.mail.transport.transportType.should.eql('SMTP');
ghost.mail.transport.sendMail.should.be.a('function');
done();
}).then(null, done);
});
it('should setup sendmail transport on initialization', function (done) {
fakeConfig.mail = SENDMAIL;
ghost.mail.init(ghost).then(function(){
ghost.mail.should.have.property('transport');
ghost.mail.transport.transportType.should.eql('SENDMAIL');
ghost.mail.transport.sendMail.should.be.a('function');
done();
}).then(null, done);
});
it('should fallback to sendmail if no config set', function (done) {
fakeConfig.mail = null;
ghost.mail.init(ghost).then(function(){
ghost.mail.should.have.property('transport');
ghost.mail.transport.transportType.should.eql('SENDMAIL');
ghost.mail.transport.options.path.should.eql(fakeSendmail);
done();
}).then(null, done);
});
it('should fallback to sendmail if config is empty', function (done) {
fakeConfig.mail = {};
ghost.mail.init(ghost).then(function(){
ghost.mail.should.have.property('transport');
ghost.mail.transport.transportType.should.eql('SENDMAIL');
ghost.mail.transport.options.path.should.eql(fakeSendmail);
done();
}).then(null, done);
});
it('should disable transport if config is empty & sendmail not found', function (done) {
fakeConfig.mail = {};
ghost.mail.detectSendmail.restore();
sandbox.stub(ghost.mail, "detectSendmail", when.reject);
ghost.mail.init(ghost).then(function(){
should.not.exist(ghost.mail.transport);
done();
}).then(null, done);
});
it('should disable transport if config is empty & platform is win32', function (done) {
fakeConfig.mail = {};
ghost.mail.detectSendmail.restore();
ghost.mail.isWindows.restore();
sandbox.stub(ghost.mail, 'isWindows', function(){ return false });
ghost.mail.init(ghost).then(function(){
should.not.exist(ghost.mail.transport);
done();
}).then(null, done);
});
it('should fail to send messages when no transport is set', function (done) {
ghost.mail.detectSendmail.restore();
sandbox.stub(ghost.mail, "detectSendmail", when.reject);
ghost.mail.init(ghost).then(function(){
ghost.mail.send().then(function(){
should.fail();
done();
}, function (err) {
err.should.be.an.instanceOf(Error);
done();
});
});
});
it('should fail to send messages when given insufficient data', function (done) {
when.settle([
ghost.mail.send(),
ghost.mail.send({}),
ghost.mail.send({ subject: '123' }),
ghost.mail.send({ subject: '', html: '123' })
]).then(function (descriptors) {
descriptors.forEach(function (d) {
d.state.should.equal('rejected');
d.reason.should.be.an.instanceOf(Error);
});
done();
});
});
});

2
index.js
View file

@ -221,6 +221,8 @@ when.all([ghost.init(), filters.loadCoreFilters(ghost), helpers.loadCoreHelpers(
});
ghost.app().get('/ghost/signin/', redirectToDashboard, admin.login);
ghost.app().get('/ghost/signup/', redirectToDashboard, admin.signup);
ghost.app().get('/ghost/forgotten/', redirectToDashboard, admin.forgotten);
ghost.app().post('/ghost/forgotten/', admin.resetPassword);
ghost.app().post('/ghost/signin/', admin.auth);
ghost.app().post('/ghost/signup/', admin.doRegister);
ghost.app().post('/ghost/changepw/', auth, admin.changepw);

3
package.json
View file

@ -28,7 +28,8 @@
"fs-extra": "0.6.3",
"downsize": "0.0.2",
"validator": "1.4.0",
"rss": "0.2.0"
"rss": "0.2.0",
"nodemailer": "~0.5.2"
},
"devDependencies": {
"grunt": "~0.4.1",