waxx 0.1.2

data/skel/app/usr/email.rb

@@ -0,0 +1,66 @@
+module App::Usr::Email
+  extend Waxx::Html
+  extend self
+
+  def password_reset(x, u, k)
+    { 
+      to_email: u['usr_name'],
+      from_email: Conf['site']['support_email'],
+      from_name: Conf['site']['name'],
+      subject: "Password Reset",
+      body_text: password_reset_text(x, u, k),
+      body_html: password_reset_html(x, u, k)
+    }
+  end
+
+  def email_not_found(x, email)
+    { 
+      to_email: email,
+      from_email: Conf['site']['support_email'],
+      from_name: Conf['site']['name'],
+      subject: "Account Not Found",
+      body_text: email_not_found_text(x)
+    }
+  end
+  
+  def email_not_found_text(x)
+    App::Email::Email.text(x, title: "Email Address Not Found", content: %(
+We received a request to reset your password on #{h Conf['site']['name']}.
+      
+Unfortunately, we do not have an account with your email address. Please setup your account here:",
+      
+    #{Conf['site']['url']}
+      
+If you did not request a password reset, please disregard this email. Most likely someone else mistyped their email.
+      
+#{App::Email::Email.support_signature_text(x)}
+    ))
+
+  end
+
+  def password_reset_text(x, u, k)
+    App::Email::Email.text(x, title: "Password Reset", content: %(
+We received a request to reset your password on #{h Conf['site']['name']}.
+      
+Please click the link below to change your password. The link is valid for six hours.
+      
+    #{Conf['site']['url']}usr/password/#{u['usr_id']}/#{k}
+      
+If you did not request a password reset, please disregard this email. Most likely someone else mistyped their email.
+      
+#{App::Email::Email.support_signature_text(x)}
+    ))
+
+  end
+
+  def password_reset_html(x, u, k)
+    App::Email::Email.html(x, title: "Password Reset", content: %(
+      <p>We received a request to reset your password on #{h Conf['site']['name']}.</p>
+      <p>Please click the link below to change your password. The link is valid for six hours.</p>
+      <p><a href="#{Conf['site']['url']}usr/password/#{u['usr_id']}/#{k}">Reset Password</a></p>
+      <p>If you did not request a password reset, please disregard this email. Most likely someone else mistyped their email.</p>
+      #{App::Email::Email.support_signature_html(x)}
+    ))
+  end
+
+end

data/skel/app/usr/html.rb

@@ -0,0 +1,115 @@
+module App::Usr::Html
+  extend Waxx::Html
+  extend self
+
+  def home(x, usr:{}, person:{})
+    %(
+      <div class="row">
+        <div class="col-md-3 nav2">#{App::Person::Html.nav2(x)}</div>
+        <div class="col-md-8">
+          <h1>#{person['first_name'].h} #{person['last_name'].h}</h1>
+          <div>#{usr['usr_name'].h}</div>
+          <div>#{person['phone'].h}</div>
+        </div>
+      </div>
+    )
+  end
+
+  def login(x, return_to:"/")
+    %(
+      <div class="container">
+      <h1>Client Portal</h1>
+      <div class="row">
+        <div class="col-md-4">#{login_form(x, return_to:return_to)}</div>
+        <div class="col-md-8">#{App::WebsitePage.by_uri(x, uri:"/portal")['content']}</div>
+      </div>
+      </div>
+    )
+  end
+
+  def login_form(x, return_to: "/")
+    %(
+      <form action="/usr/login" method="post">
+        <!--#{Waxx::Csrf.ht(x)}-->
+        <input type="hidden" name="return_to" value="#{h return_to}">
+        <div class="form-group">
+          <label for="usr_name">Email</label>
+          <input type="email" class="form-control" id="usr_name" name="usr_name" placeholder="" value="#{x.ua['un'] if x.ua['rm']}">
+        </div>
+        <div class="form-group">
+          <label for="password">Password</label>
+          <input name="password" type="password" class="form-control" id="password" placeholder="">
+        </div>
+        <div class="checkbox">
+          <label><input name="remember_me" type="checkbox" #{"checked" if x.ua['rm']} value="1"> Remember me </label>
+        </div>
+        <button type="submit" class="btn btn-primary">Login</button>
+      </form>
+      <p style="margin-top: 2em;"><a href="#password_reset_form" onclick="$('#password_reset_form').toggle('blind')">Forgot password?</a></p>
+      <div id="password_reset_form" style="display:none;">
+        <form action="/usr/password_reset" method="post">
+          <!--#{Waxx::Csrf.ht(x)}-->
+          <div class="form-group">
+            <label for="email">Enter your email address</label>
+            <input type="email" class="form-control" id="email" name="email" placeholder="you@example.com" value="#{x.ua['un'] if x.ua['rm'] == 1}">
+          </div>
+          <button type="submit" class="btn btn-warning">Send Password Reset Link</button>
+        </form>                       
+      </div>
+    )
+  end
+
+  def change_password(x, u=nil, key=nil)
+    content = App::Content.by_slug(x, slug: "password-rules")
+    %(
+    <div class="row">
+      <div class="col-md-3 nav2">#{App::Person::Html.nav2(x) if x.usr?}</div>
+      <div class="col-md-5">
+        <h1>Change Password</h1>
+        <form action="" method="post">
+          #{Waxx::Csrf.ht(x)}
+          <div class="form-group">
+            <!-- <label for="usr_name">User Name</label> -->
+            #{h(u ? u['usr_name'] : x.ua['un'])}
+          </div>
+          #{new_password_field(x)}
+          <button type="submit" class="btn btn-primary" id="btn-submit" disabled="disabled">Change Password</button>
+        </form>
+      </div>
+    </div>
+    )
+  end
+
+  def new_password_field(x)
+    %(
+      <div class="form-group">
+        <label for="password">Password</label>
+        <input name="password1" type="password" class="form-control" id="pw1" onkeyup="app.passwordNew('#pw1', '#pw2', '#btn-submit');">
+        <div class="text-muted">Score 60+. Use upper &amp; lower case, numbers, and symbols.</div> 
+        <div class="text-muted">Score: <span id="pw1-status" style="color:#000; font-weight: normal;">0 Continue</span></div>
+        <div style="border: 1px solid #ccc; background-color:#eee;">
+          <div id="pw1-meter" style="height: 4px; width:0; background-color:red;color:white;overflow:visible;font-size:9px;"></div>
+        </div>
+      </div>
+      <div class="form-group">
+        <label for="password">Confirm Password <span id="pw2-icon" class="glyphicon glyphicon-unchecked"></span></label>
+        <input name="password2" type="password" class="form-control" id="pw2" onkeyup="app.passwordNew('#pw1', '#pw2', '#btn-submit');">
+      </div>
+    )
+  end
+
+  def list(x, usrs)
+    re = [%(<table class="table">
+    <tr><th>ID</th><th>User Name</th><th>Last Login</th><th>Failed Logins</th></tr>
+    )]
+    re << usrs.map{|u|
+      %(<tr><td>#{u/:id}</td>
+      <td>#{u/:usr_name}</td>
+      <td>#{u['last_login_date'].f("%d-%b-%Y @%H:%M")} from #{u/:last_login_host}</td>
+      <td>#{u/:failed_login_count}</td>
+      </tr>)
+    }
+    re << %(</table><a href="/usr/record/0" class="btn btn-success"><span class="glyphicon glyphicon-plus"></span> Add User</a>)
+    re.join
+  end
+end

data/skel/app/usr/list.rb

@@ -0,0 +1,51 @@
+module App::Usr::List
+  extend Waxx::View
+  extend self
+
+  has(
+    :id,
+    :usr_name,
+    :last_login_date,
+    :failed_login_count,
+    #"person_id: person.id",
+    #"person.first_name",
+    #"person.last_name",
+    #"company_name: company.company_name"
+  )
+
+  module Html
+    extend Waxx::Html
+    extend self
+
+    def get(x, d, message:{})
+      title = "People"
+      App::Html.admin(x,
+        title: title,
+        content: content(x, data: (d||{}), title: title),
+        js_ready: %(
+          $('#usrs tr').click(function(ev){
+            location=$(ev.target.parentElement).attr('href');
+          })
+        )
+      )
+    end
+
+    def content(x, data:{}, title:"Untitled")
+      re = [%(<table id="usrs" class="table table-hover">
+      <tr><th>ID</th><th>Name</th><th>Company</th><th>User Name</th><th>Last Login</th><th>Failed Logins</th></tr>
+      )]
+      re << data.map{|u|
+        %(<tr href="/usr/record/#{u/:id}" style="cursor:pointer;"><td>#{u/:id}</td>
+        <td>#{h u/:first_name} #{h u/:last_name}</td>
+        <td>#{h u/:company_name}</td>
+        <td>#{u/:usr_name}</td>
+        <td>#{u['last_login_date'].nil? ? "" : "#{u['last_login_date'].f("%d-%b-%Y @%H:%M")} from #{u/:last_login_host}"}</td>
+        <td>#{u/:failed_login_count}</td>
+        </tr>)
+      }
+      re << %(</table><a href="/usr/record/0" class="btn btn-success"><span class="glyphicon glyphicon-plus"></span> Add User</a>)
+      re.join
+    end
+
+  end
+end

data/skel/app/usr/password.rb

@@ -0,0 +1,54 @@
+module App::Usr::Password
+  extend self
+
+  def send_email(x)
+    App::Email.post(x,
+      to_email: x['usr_name'],
+      from_email: Conf['site']['support_email'],
+      from_name: Conf['site']['name'],
+      subject: "Password Reset",
+      body_text: ["You requested a password reset for #{Conf['site']['name']}.",
+        "If you did not request a password reset, please ignore this email.",
+        "\n\nThe link below is valid for 3 hours.",
+        "Please click this link to reset your password:\n\n",
+        "  #{Conf['site']['url']}/usr/password/#{u['usr_id']}/#{u['key']}",
+        "\n\nThank you,\n\nThe #{Conf['site']['name']} Team"
+        ].join
+    )
+  end
+
+  def text(x, usr, key, as)
+    %(
+    Hopefully it was you who requested a password reset for #{Conf['site']['name']}. 
+    If you did not request a password reset, please ignore this email.
+    
+    The link below is valid for 3 hours. 
+    Please click the link to reset your password: 
+    
+      #{Conf['site']['url']}/usr/password/#{usr['usr_id']}/#{key}
+    
+    Please reply to this email if you need any help or have any questions.
+
+    Thank you,
+    
+    The #{Conf['site']['name']} Team
+    )
+  end
+
+  def html
+
+  end
+
+  def post(x)
+    # See if the user exists
+    u = App::Usr.usr(x, usr_name: x['usr_name'])
+    if u['usr_id'].to_i > 0
+      k = App::Usr.key_for_reset(x, u['usr_id'])
+      App::Html.page(x, title:"Password Reset Sent", content:"A link to reset your password has been sent to #{x['email'].h}. Please check your email. (It may be in your SPAM folder.)")
+    else
+
+    end
+
+  end
+
+end

data/skel/app/usr/record.rb

@@ -0,0 +1,98 @@
+module App::Usr::Record
+  extend Waxx::View
+  extend self
+
+  @joins = {
+    person:"LEFT JOIN person ON usr.person_id = person.person_id"
+  }
+
+  has(
+    :id,
+    :usr_name,
+    #"person_id:person.id",
+    #"first_name:person.first_name",
+    #"last_name:person.last_name",
+    #"company_id:person.company_id"
+  )
+
+  def save(x, id:0, data:{})
+    if id.to_i == 0
+      person = App::Person.post(x, {
+        first_name: data['first_name'],
+        last_name: data['last_name'],
+        company_id: data['company_id']
+      })
+      App::Usr.create(x, {
+        usr_name: data['usr_name'], 
+        password: data['password'], 
+        person_id: person['id']
+      }, returning:"id")
+    else
+      App::Usr.set_password(x, id, data['password'])
+      App::Usr.put(x, id, {usr_name: data['usr_name']})
+      App::Person.put(x, id, {
+        first_name: data['first_name'],
+        last_name: data['last_name'],
+        company_id: data['company_id']
+      })
+    end
+    Html.post(x,{})
+  end
+
+  module Html
+    extend Waxx::Html
+    extend self
+
+    def get(x, d, message:{})
+      title = d.nil? ? "New User" : "#{d['first_name']} #{d['last_name']}"
+      App::Html.admin(x,
+        title: title,
+        content: content(x, data: (d||{}), title: title)
+      )
+    end
+
+    def post(x, data, message={})
+      #App::Usr::List.view(x, meth: "get", message: {type: "success", message:"The user was updated successfully."})
+      x.res.redirect "/usr"
+    end
+
+    def content(x, data:{}, title:"Untitled")
+      %(
+      <form action="" method="post">
+        <div class="form-group">
+          <label for="usr_name">First Name</label>
+          <input type="text" id="first_name" name="first_name" class="form-control" value="#{h data['first_name']}">
+        </div>
+        <div class="form-group">
+          <label for="usr_name">Last Name</label>
+          <input type="text" id="last_name" name="last_name" class="form-control" value="#{h data['last_name']}">
+        </div>
+        <div class="form-group">
+          <label for="company_id">Company</label>
+          <select id="company_id" name="company_id" class="form-control">
+          #{company_options(x, data)}
+          </select>
+        </div>
+        <div class="form-group">
+          <label for="usr_name">Email</label>
+          <input type="text" id="usr_name" name="usr_name" class="form-control" value="#{h data['usr_name']}">
+        </div>
+        <div class="form-group">
+          <label for="password">Password</label>
+          <input type="password" id="password" name="password" class="form-control" value="">
+        </div>
+        <br>
+        <button type="submit" class="btn btn-primary" name="btn" value="save">Save</button>
+      </form>
+      )
+    end
+
+    def company_options(x, data)
+      App::Company.get(x, select:"id, name", order:"name").map{|r|
+        selected = r['id'] == data['company_id'] ? "selected" : ""
+        "<option value='#{r['id']}' #{selected}>#{h r['name']}</option>"
+      }.join
+    end
+
+  end
+end

data/skel/app/usr/usr.js

@@ -0,0 +1,67 @@
+app.usr = {
+  humanClick: function(icon){
+    $('#bot_nav .btn-primary').removeClass('btn-primary').addClass('btn-link');
+    $('#'+icon).removeClass('btn-link').addClass('btn-primary');
+    $('#bot_check').val(icon);
+  },
+  passwordNew: function(pw1, pw2, btn){
+    var score = app.passwordScore($(pw1).val());
+    var match = $(pw1).val() == $(pw2).val();
+    app.passwordStrengthMeter(score, pw1+"-status", pw1+"-meter");
+    app.passwordMatchIcon(pw1, pw2);
+    $(btn).attr('disabled',!(match && score >= 60));
+  },
+  // Thanks to tm_lv on stackoverflow
+  passwordScore: function(pw){
+    var score = 0;
+    if (!pw){return score;}
+    // award every unique letter until 5 repetitions
+    var letters = new Object();
+    for (var i=0; i<pw.length; i++) {
+      letters[pw[i]] = (letters[pw[i]] || 0) + 1;
+      score += 5.0 / letters[pw[i]];
+    }
+    // bonus points for mixing it up
+    var variations = {
+      digits: /\d/.test(pw),
+      lower: /[a-z]/.test(pw),
+      upper: /[A-Z]/.test(pw),
+      nonWords: /\W/.test(pw),
+    }
+    variationCount = 0;
+    for (var check in variations) {
+      variationCount += (variations[check] == true) ? 1 : 0;
+    }
+    score += (variationCount - 1) * 10;
+    return parseInt(score);
+  },
+  passwordStrengthMeter: function(score, text, meter){
+    $(meter).css('width',Math.min(score, 100)+"%");
+    if (score >= 80){
+      $(text).html(score + " Strong");
+      $(meter).css('background-color','green');
+    }else if (score >= 60){
+      $(text).html(score + " Good");
+      $(meter).css('background-color','orange');
+    }else if (score >= 30){
+      $(text).html(score + " Weak");
+      $(meter).css('background-color','red');
+    }else{
+      $(text).html(score + " Continue");
+      $(meter).css('background-color','#aaa');
+    }
+  },
+  passwordMatchIcon: function(pw1, pw2){
+    if($(pw1).val() == $(pw2).val()){
+      $(pw2+"-icon")
+      .removeClass('glyphicon-unchecked')
+      .addClass('glyphicon-check')
+      .css('color','green');
+    }else{
+      $(pw2+"-icon")
+      .removeClass('glyphicon-check')
+      .addClass('glyphicon-unchecked')
+      .css('color','red');
+    }
+  }
+}