From 1605f34dcc6463a2696a8241f2de177c3da96e23 Mon Sep 17 00:00:00 2001
From: Matthew Dillon <mrdillon@alaska.edu>
Date: Tue, 27 Oct 2015 16:17:18 -0700
Subject: [PATCH] Clean up password reset

---
 app/authenticators/jwt-resolved.js            | 34 ++++++++++++-------
 app/pods/login/template.hbs                   |  2 +-
 .../users/changepassword/controller.js        |  2 +-
 app/pods/users/lockoutauthenticate/route.js   | 10 ++++--
 .../users/requestlockouthelp/controller.js    |  2 +-
 .../users/requestlockouthelp/template.hbs     |  2 +-
 config/environment.js                         |  1 +
 7 files changed, 35 insertions(+), 18 deletions(-)

diff --git a/app/authenticators/jwt-resolved.js b/app/authenticators/jwt-resolved.js
index 1417236..4abf71b 100644
--- a/app/authenticators/jwt-resolved.js
+++ b/app/authenticators/jwt-resolved.js
@@ -1,19 +1,29 @@
-// Note: this is here for user lockout authentication
+// Note: this authenticator exists for user lockout --- they are sent a copy
+// of a valid JWT to their registered email address. The lockout route plucks
+// the token off the URL and passes it directly into this authenticator.
+
+import BaseAuthenticator from 'ember-simple-auth/authenticators/base';
 import Ember from 'ember';
-import JwtTokenAuthenticator from 'simple-auth-token/authenticators/jwt';
 
-export default JwtTokenAuthenticator.extend({
+const { RSVP, isEmpty } = Ember;
+
+export default BaseAuthenticator.extend({
   authenticate: function(token) {
-    return new Ember.RSVP.Promise(resolve => {
-      let tokenData = this.getTokenData(token);
-      let expiresAt = tokenData[this.tokenExpireName];
-      let response  = {};
-      response[this.tokenPropertyName] = token;
-      response.expiresAt = expiresAt;
-      this.scheduleAccessTokenRefresh(expiresAt, token);
-
-      resolve(this.getResponseData(response));
+    return new RSVP.Promise((resolve, reject) => {
+      if (isEmpty(token)) {
+        reject();
+      } else {
+        // For now assume that the token we have received is actually valid.
+        resolve({'access_token': token});
+      }
     });
   },
 
+  restore: function(data) {
+    return RSVP.resolve(data);
+  },
+
+  invalidate: function(data) {
+    return RSVP.resolve();
+  },
 });
diff --git a/app/pods/login/template.hbs b/app/pods/login/template.hbs
index c56ca42..246c876 100644
--- a/app/pods/login/template.hbs
+++ b/app/pods/login/template.hbs
@@ -7,6 +7,6 @@
   </form>
   <br>
   <div>
-    Forget your password? {{link-to 'Request a lockout email.' 'users.requestlockouthelp'}}
+    {{link-to 'Forget your password?' 'users.requestlockouthelp'}}
   </div>
 {{/x-application}}
diff --git a/app/pods/protected/users/changepassword/controller.js b/app/pods/protected/users/changepassword/controller.js
index 3b54073..b8d100e 100644
--- a/app/pods/protected/users/changepassword/controller.js
+++ b/app/pods/protected/users/changepassword/controller.js
@@ -24,7 +24,7 @@ export default Ember.Controller.extend({
         },
       };
       ajaxRequest(url, options, this.get('session'));
-      this.transitionTo('protected.users.index');
+      this.transitionToRoute('protected.users.index');
       this.get('flashMessages').information('Your password has been changed.');
     },
 
diff --git a/app/pods/users/lockoutauthenticate/route.js b/app/pods/users/lockoutauthenticate/route.js
index 9924157..992f534 100644
--- a/app/pods/users/lockoutauthenticate/route.js
+++ b/app/pods/users/lockoutauthenticate/route.js
@@ -1,13 +1,19 @@
 import Ember from 'ember';
+import UnauthenticatedRouteMixin from 'ember-simple-auth/mixins/unauthenticated-route-mixin';
 
-export default Ember.Route.extend({
+export default Ember.Route.extend(UnauthenticatedRouteMixin, {
   session: Ember.inject.service('session'),
+  currentUser: Ember.inject.service('session-account'),
 
   beforeModel: function(transition) {
     this._super(transition);
 
     let token = Ember.get(transition, 'queryParams.token');
-    this.get('session').authenticate('authenticator:jwt-resolved', token);
+    this.get('session').authenticate('authenticator:jwt-resolved', token).then(() => {
+      this.get('currentUser.account').then((account) => {
+        this.transitionTo('protected.users.changepassword', account.get('id'));
+      })
+    });
   },
 
 });
diff --git a/app/pods/users/requestlockouthelp/controller.js b/app/pods/users/requestlockouthelp/controller.js
index d138cc6..ccda273 100644
--- a/app/pods/users/requestlockouthelp/controller.js
+++ b/app/pods/users/requestlockouthelp/controller.js
@@ -12,7 +12,7 @@ export default Ember.Controller.extend({
         data: { email: this.get('email') },
       };
       ajaxRequest(url, options, this.get('session'));
-      this.transitionTo('login');
+      this.transitionToRoute('login');
       this.get('flashMessages').information('Please check your email');
     },
 
diff --git a/app/pods/users/requestlockouthelp/template.hbs b/app/pods/users/requestlockouthelp/template.hbs
index f348427..7cdd25f 100644
--- a/app/pods/users/requestlockouthelp/template.hbs
+++ b/app/pods/users/requestlockouthelp/template.hbs
@@ -1,7 +1,7 @@
 <div class="grid-1">
   <div class="span-1">
     <fieldset>
-      <legend>Account Lockout Access</legend>
+      <legend>Account Lockout/Password Reset</legend>
       <form {{action 'save' on='submit'}}>
         <ul>
           <li>
diff --git a/config/environment.js b/config/environment.js
index 824739a..fed6d95 100644
--- a/config/environment.js
+++ b/config/environment.js
@@ -22,6 +22,7 @@ module.exports = function(environment) {
     },
     'ember-simple-auth': {
       routeAfterAuthentication: 'protected.compare',
+      routeIfAlreadyAuthenticated: 'protected.compare',
     },
   };