Skip to content

Commit

Permalink
fix wrong behavior with the invite token
Browse files Browse the repository at this point in the history
Validating email is wrong when the invite token is not set.
  • Loading branch information
outsideris committed Nov 16, 2015
1 parent 69d977e commit 14fc732
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 11 deletions.
4 changes: 2 additions & 2 deletions config.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,6 @@ module.exports = {
// --data 'email=EMAIL&token=TOKEN&set_active=true' \
// --compressed
slacktoken: process.env.SLACK_TOKEN || 'YOUR-ACCESS-TOKEN',

inviteToken: process.env.INVITE_TOKEN || ''
// an optional security measure - if it is set, then that token will be required to get invited.
inviteToken: process.env.INVITE_TOKEN || null
};
14 changes: 7 additions & 7 deletions routes/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@ var config = require('../config');

router.get('/', function(req, res) {
res.render('index', { community: config.community,
tokenRequired: config.inviteToken !== "" });
tokenRequired: !!config.inviteToken });
});

router.post('/invite', function(req, res) {
if (req.body.email && req.body.token && config.inviteToken !== "" && req.body.token === config.inviteToken) {
if (req.body.email && (!config.inviteToken || (!!config.inviteToken && req.body.token === config.inviteToken))) {
request.post({
url: 'https://'+ config.slackUrl + '/api/users.admin.invite',
form: {
Expand Down Expand Up @@ -46,22 +46,22 @@ router.post('/invite', function(req, res) {
} else {
var errMsg = [];
if (!req.body.email) {
errMsg.push('email is required.');
errMsg.push('email is required');
}

if (config.inviteToken !== "") {
if (!!config.inviteToken) {
if (!req.body.token) {
errMsg.push('token is required.');
errMsg.push('token is required');
}

if (req.body.token && req.body.token !== config.inviteToken) {
errMsg.push('token is wrong.');
errMsg.push('token is wrong');
}
}

res.render('result', {
community: config.community,
message: errMsg.join(" and ")
message: 'Failed! ' + errMsg.join(' and ') + '.'
});
}
});
Expand Down
8 changes: 6 additions & 2 deletions views/index.jade
Original file line number Diff line number Diff line change
Expand Up @@ -18,14 +18,18 @@ html
form(method="POST", action="/invite")#join-form.form
input(type="text", name="email", placeholder="Enter Your Email Address")#slack-email.field
if tokenRequired
input(type="text", name="token", placeholder="Enter the token you were given")#slack-token.field
input(type="text", name="token", placeholder="Enter the invite token you were given")#slack-token.field
input(type="submit", value="Join").submit
script.
var tokenRequired = #{tokenRequired};
var form = document.getElementById('join-form');
var email = document.getElementById('slack-email');
var token = document.getElementById('slack-token');
form.addEventListener('submit', function(evt) {
if (!email.value || (tokenRequired && !token.value)) {
if (!email.value) {
evt.preventDefault();
}
if (tokenRequired && !token.value) {
evt.preventDefault();
}
});

0 comments on commit 14fc732

Please sign in to comment.