UNPKG

pass-reset/readme.md

Version:

3.98 kBMarkdownView Raw

1# pass-reset
2
3An _express_ compatable module for creating RESTful password reset endpoints.
4
5## Install
6
7```bash
8$ npm install pass-reset
9```
10
11## Configuration
12
13##### Example expiration
14
15```javascript
16var passReset = require('pass-reset');
17
18// The unit (second param) can be one of the following (or undefined for milliseconds):
19//   "secs", "mins", "hours", "days", or "weeks"
20passReset.expireTimeout(12, 'hours');
21```
22
23##### Example user lookup routine
24
25```javascript
26var passReset = require('pass-reset');
27
28passReset.lookupUsers(function(login, callback) {
29	User.find({ username: login }, function(err, users) {
30		if (err) {return callback(err);}
31		if (! users.length) {return callback(null, false);}
32		callback(null, {
33			email: user.email,
34			users: [{
35				id: user.id,
36				name: user.username
37			}]
38		});
39	});
40});
41```
42
43##### Example set password routine
44
45```javascript
46var passReset = require('pass-reset');
47
48passReset.setPassword(function(id, password, callback) {
49	if (password.length < 8) {
50		return callback(null, false, 'Password must be at least 8 characters');
51	}
52	var hash = doHash(password);
53	var update = { $set: { password: hash } };
54	User.update({ id: id }, update, { }, function(err) {
55		if (err) {return callback(err);}
56		callback(null, true);
57	});
58});
59```
60
61##### Example send email routine
62
63```javascript
64var passReset = require('pass-reset');
65
66var template = handlebars.compile([
67	'<p>You requested a password reset for the following account(s).</p>',
68	'<ul>',
69	'{{#each resets}}',
70		'<li>{{name}}: <a href="{{url}}">{{url}}</a></li>',
71	'{{/each}}',
72	'</ul>'
73].join('\n'));
74
75passReset.sendEmail(function(email, resets, callback) {
76	mailer.send({
77		to: email,
78		from: 'noreply@example.com',
79		subject: 'password reset',
80		body: template({ resets: resets })
81	});
82	callback(null, true);
83});
84```
85
86## Usage
87
88##### Route for requesting a new reset token
89
90```javascript
91app.post('/password/reset',
92	passReset.requestResetToken()
93);
94```
95
96The `requestResetToken` method can also take an object of configuration values. The following values are supported:
97
98* __loginParam__ - The name of the param where the login data (username/email) can be found in `req.body`.
99* __callbackURL__ - The base URL to direct users to actually perform the reset. This value should contain a `"{token}"` somewhere which will be replaced with the token, eg. `"/password/reset/{token}"`.
100* __next__ - By default, when pass-reset is done generating a token and sending it, an empty 200 OK response will be sent. To change this behavior, this value can be given a few different values. If a string is given, it is treated as a redirect, if a function is given, it will be called with the `req`, `res`, and `next` parameters, and if any other truthy value is given, the `next` function will simply be called.
101
102```javascript
103app.post('/password/reset',
104	passReset.requestResetToken({
105		next: true,
106		loginParam: 'login',
107		callbackURL: '/password/reset/{token}',
108	}),
109	function(req, res) {
110		// ...
111	}
112);
113```
114
115##### Route for actually reseting passwords
116
117```javascript
118app.put('/password/reset',
119	passReset.resetPassword()
120);
121```
122
123The `resetPassword` method can also take an object of configuration values. The following values are supported:
124
125* __tokenParam__/__passwordParam__/__confirmParam__ - The name of the params where the respective data (token/password/confirm) can be found in `req.body`.
126* __next__ - By default, after the password is reset, an empty 200 OK response will be sent. To change this behavior, this value can be given a few different values. If a string is given, it is treated as a redirect, if a function is given, it will be called with the `req`, `res`, and `next` parameters, and if any other truthy value is given, the `next` function will simply be called.
127
128```javascript
129app.put('/password/reset',
130	passReset.resetPassword({
131		next: true,
132		tokenParam: 'token',
133		passwordParam: 'password',
134		confirmParam: 'confirm'
135	}),
136	function(req, res) {
137		// ...
138	}
139);
140```
141

1	`# pass-reset`
2
3	`An _express_ compatable module for creating RESTful password reset endpoints.`
4
5	`## Install`
6
7	```bash
8	`$ npm install pass-reset`
9	```
10
11	`## Configuration`
12
13	`##### Example expiration`
14
15	```javascript
16	`var passReset = require('pass-reset');`
17
18	`// The unit (second param) can be one of the following (or undefined for milliseconds):`
19	`// "secs", "mins", "hours", "days", or "weeks"`
20	`passReset.expireTimeout(12, 'hours');`
21	```
22
23	`##### Example user lookup routine`
24
25	```javascript
26	`var passReset = require('pass-reset');`
27
28	`passReset.lookupUsers(function(login, callback) {`
29	`User.find({ username: login }, function(err, users) {`
30	`if (err) {return callback(err);}`
31	`if (! users.length) {return callback(null, false);}`
32	`callback(null, {`
33	`email: user.email,`
34	`users: [{`
35	`id: user.id,`
36	`name: user.username`
37	`}]`
38	`});`
39	`});`
40	`});`
41	```
42
43	`##### Example set password routine`
44
45	```javascript
46	`var passReset = require('pass-reset');`
47
48	`passReset.setPassword(function(id, password, callback) {`
49	`if (password.length < 8) {`
50	`return callback(null, false, 'Password must be at least 8 characters');`
51	`}`
52	`var hash = doHash(password);`
53	`var update = { $set: { password: hash } };`
54	`User.update({ id: id }, update, { }, function(err) {`
55	`if (err) {return callback(err);}`
56	`callback(null, true);`
57	`});`
58	`});`
59	```
60
61	`##### Example send email routine`
62
63	```javascript
64	`var passReset = require('pass-reset');`
65
66	`var template = handlebars.compile([`
67	`'<p>You requested a password reset for the following account(s).</p>',`
68	`'<ul>',`
69	`'{{#each resets}}',`
70	`'<li>{{name}}: <a href="{{url}}">{{url}}</a></li>',`
71	`'{{/each}}',`
72	`'</ul>'`
73	`].join('\n'));`
74
75	`passReset.sendEmail(function(email, resets, callback) {`
76	`mailer.send({`
77	`to: email,`
78	`from: 'noreply@example.com',`
79	`subject: 'password reset',`
80	`body: template({ resets: resets })`
81	`});`
82	`callback(null, true);`
83	`});`
84	```
85
86	`## Usage`
87
88	`##### Route for requesting a new reset token`
89
90	```javascript
91	`app.post('/password/reset',`
92	`passReset.requestResetToken()`
93	`);`
94	```
95
96	The `requestResetToken` method can also take an object of configuration values. The following values are supported:
97
98	* __loginParam__ - The name of the param where the login data (username/email) can be found in `req.body`.
99	* __callbackURL__ - The base URL to direct users to actually perform the reset. This value should contain a `"{token}"` somewhere which will be replaced with the token, eg. `"/password/reset/{token}"`.
100	* __next__ - By default, when pass-reset is done generating a token and sending it, an empty 200 OK response will be sent. To change this behavior, this value can be given a few different values. If a string is given, it is treated as a redirect, if a function is given, it will be called with the `req`, `res`, and `next` parameters, and if any other truthy value is given, the `next` function will simply be called.
101
102	```javascript
103	`app.post('/password/reset',`
104	`passReset.requestResetToken({`
105	`next: true,`
106	`loginParam: 'login',`
107	`callbackURL: '/password/reset/{token}',`
108	`}),`
109	`function(req, res) {`
110	`// ...`
111	`}`
112	`);`
113	```
114
115	`##### Route for actually reseting passwords`
116
117	```javascript
118	`app.put('/password/reset',`
119	`passReset.resetPassword()`
120	`);`
121	```
122
123	The `resetPassword` method can also take an object of configuration values. The following values are supported:
124
125	* __tokenParam__/__passwordParam__/__confirmParam__ - The name of the params where the respective data (token/password/confirm) can be found in `req.body`.
126	* __next__ - By default, after the password is reset, an empty 200 OK response will be sent. To change this behavior, this value can be given a few different values. If a string is given, it is treated as a redirect, if a function is given, it will be called with the `req`, `res`, and `next` parameters, and if any other truthy value is given, the `next` function will simply be called.
127
128	```javascript
129	`app.put('/password/reset',`
130	`passReset.resetPassword({`
131	`next: true,`
132	`tokenParam: 'token',`
133	`passwordParam: 'password',`
134	`confirmParam: 'confirm'`
135	`}),`
136	`function(req, res) {`
137	`// ...`
138	`}`
139	`);`
140	```
141