Bladeren bron

Readded recaptcha, added terms and privacy.

KrisVos130 9 jaren geleden
bovenliggende
commit
48e0bc6558

+ 15 - 14
backend/logic/actions/users.js

@@ -69,22 +69,23 @@ module.exports = {
 		async.waterfall([
 
 			// verify the request with google recaptcha
-			/*(next) => {
+			(next) => {
 				request({
 					url: 'https://www.google.com/recaptcha/api/siteverify',
 					method: 'POST',
 					form: {
-						//'secret': config.get("apis.recaptcha.secret"),
+						'secret': config.get("apis").recaptcha.secret,
 						'response': recaptcha
 					}
 				}, next);
-			},*/
+			},
 
 			// check if the response from Google recaptcha is successful
 			// if it is, we check if a user with the requested username already exists
-			(/*response, body, */next) => {
-				/*let json = JSON.parse(body);*/
-				//if (json.success !== true) return next('Response from recaptcha was not successful');
+			(response, body, next) => {
+				let json = JSON.parse(body);
+				console.log(response, body);
+				if (json.success !== true) return next('Response from recaptcha was not successful');
 				db.models.user.findOne({ username: new RegExp(`^${username}$`, 'i') }, next);
 			},
 
@@ -134,15 +135,15 @@ module.exports = {
 			if (err && err !== true) {
 				console.error(err);
 				return cb({ status: 'error', message: 'An error occurred while registering for an account' });
+			} else {
+				module.exports.login(session, email, password, (result) => {
+					let obj = {status: 'success', message: 'Successfully registered.'};
+					if (result.status === 'success') {
+						obj.SID = result.SID;
+					}
+					cb(obj);
+				});
 			}
-			// respond with the payload that was passed to us earlier
-			module.exports.login(session, email, password, (result) => {
-				let obj = { status: 'success', message: 'Successfully registered.' };
-				if (result.status === 'success') {
-					obj.SID = result.SID;
-				}
-				cb(obj);
-			});
 		});
 
 	},

+ 14 - 12
frontend/App.vue

@@ -73,18 +73,20 @@
 			'register': function () {
 				let { register: { email, username, password } } = this;
 				let _this = this;
-				this.socket.emit('users.register', username, email, password, /*grecaptcha.getResponse()*/null, result => {
-					Toast.methods.addToast(`You have successfully registered.`, 4000);
-					setTimeout(() => {
-						if (result.SID) {
-							let date = new Date();
-							date.setTime(new Date().getTime() + (2 * 365 * 24 * 60 * 60 * 1000));
-							document.cookie = `SID=${result.SID}; expires=${date.toGMTString()}; path=/`;
-							location.reload();
-						} else {
-							_this.$router.go('/login');
-						}
-					}, 4000);
+				this.socket.emit('users.register', username, email, password, grecaptcha.getResponse(), result => {
+					if (result.status === 'success') {
+						Toast.methods.addToast(`You have successfully registered.`, 4000);
+						setTimeout(() => {
+							if (result.SID) {
+								let date = new Date();
+								date.setTime(new Date().getTime() + (2 * 365 * 24 * 60 * 60 * 1000));
+								document.cookie = `SID=${result.SID}; expires=${date.toGMTString()}; path=/`;
+								location.reload();
+							} else {
+								_this.$router.go('/login');
+							}
+						}, 4000);
+					} else Toast.methods.addToast(result.message, 8000);
 				});
 			},
 			'login': function () {

+ 1 - 0
frontend/components/Modals/Login.vue

@@ -16,6 +16,7 @@
 				<p class='control'>
 					<input class='input' type='password' placeholder='Password...' v-model='$parent.login.password' v-on:keypress='$parent.submitOnEnter(submitModal, $event)'>
 				</p>
+				<p>By logging in you agree to our <a href="/terms" v-link="{ path: '/terms' }">Terms of Service</a> and <a href="/privacy" v-link="{ path: '/privacy' }">Privacy Policy</a>.</p>
 			</section>
 			<footer class='modal-card-foot'>
 				<a class='button is-primary' @click='submitModal("login")'>Submit</a>

+ 7 - 3
frontend/components/Modals/Register.vue

@@ -20,7 +20,8 @@
 				<p class='control'>
 					<input class='input' type='password' placeholder='Password...' v-model='$parent.register.password' v-on:keypress='$parent.submitOnEnter(submitModal, $event)'>
 				</p>
-				<div class='g-recaptcha' :data-sitekey='recaptcha.key'></div>
+				<div id="recaptcha"></div>
+				<p>By logging in you agree to our <a href="/terms" v-link="{ path: '/terms' }">Terms of Service</a> and <a href="/privacy" v-link="{ path: '/privacy' }">Privacy Policy</a>.</p>
 			</section>
 			<footer class='modal-card-foot'>
 				<a class='button is-primary' @click='submitModal()'>Submit</a>
@@ -44,8 +45,11 @@
 		},
 		ready: function () {
 			let _this = this;
-			lofig.get('recaptcha.key', function (key) {
-				_this.recaptcha.key = key;
+			lofig.get('recaptcha', function (obj) {
+				_this.recaptcha.key = obj.key;
+				grecaptcha.render('recaptcha', {
+					'sitekey' : _this.recaptcha.key
+				});
 			});
 		},
 		methods: {

+ 69 - 0
frontend/components/pages/Privacy.vue

@@ -0,0 +1,69 @@
+<template>
+	<div class='app'>
+		<main-header></main-header>
+		<div class='container'>
+			<h1>MUSARE PRIVACY POLICY</h1>
+			<h4>Last Updated: January 25, 2016</h4>
+
+			<h4>1. Introduction</h4>
+			Musare.com respects your privacy and the security of your personal information, and we want to do as much as we can to protect it. Because of this, we have created this Privacy Policy to govern how we deal with your personal information. Since our Site is built off of Content that you provide, including shared information from third party sites, it is important that you read and understand their information sharing policies as well. Please check back often, as we will update this Privacy Policy as we grow.
+
+			<h4>2. Personal Information We Collect</h4>
+			<p>In order for you to sign up for our service, we may ask for personal information from you including your name, e-mail address, mailing address, phone number, photo, username from other social media sites, gender, date of birth, or other relevant information. In addition, we utilize third party API’s like GitHub Authentication, and other API’s that allow you to transfer your profile information from those Sites to ours depending on your settings on those Sites. We are not responsible for any information that does not transfer or if any information is inaccurate.</p>
+
+			<p>Your use of any of the video or chat features may be recorded or logged by our servers. We may use this data to improve our Site or Platform, or to determine how best to provide marketing opportunities to you.</p>
+
+			<p>We use the above referenced information to contact you regarding your account, assist in customer service and support, and to improve our Site and the musare.com platform. We also use the information we collect to send periodic communications to you regarding updates to our Site, new features, and marketing opportunities that we think you may find interesting.</p>
+
+			<p>We may send you periodic emails that concern updates or features. We make sure to comply with CAN-SPAM Act of 2003, 15 U.S.C. 7701 whenever we send you these goodies. If you feel that you are receiving unwanted messages from us (which we hope isn’t the case!) then please use the unsubscribe button or email us at musaremusic@gmail.com to remove yourself from our list. Please allow for up to ten (10) business days to process the removal.</p>
+
+			<h4>3. Non-Personal Information</h4>
+			<p>We may collect information about you that we consider to be less sensitive. When you access our website, we may collect such things as your IP address, browser, operating system, and other information that helps us know about the general nature of our visitors. We use this information to improve our Site and the musare.com platform.</p>
+
+			<h4>4. Cookies</h4>
+			<p>We use tracking cookies to distinguish you from other users to help prevent one user from unwittingly logging into another user’s account on the same computer or network. In conjunction with third party API’s, we also allow you to login using your credentials on those third party sites. These Sites may use cookies to track your web browsing, and have separate privacy policies that you must read. In addition, any time you share Content with others those third party Sites may collect information about people who view or share that Content. You must also read their privacy policies.</p>
+
+			<p>We also may use tracking cookies to help ourselves or third party advertisers increase the effectiveness and quality of, and interest in, our marketing programs, or for other advertising or marketing purposes.</p>
+
+			<p>Any advertisements served by Google, Inc., and affiliated companies may be controlled using cookies. These cookies allow Google to display ads based on your visits to this site and other sites that use Google advertising services. Learn how to opt out of Google’s cookie usage. As mentioned above, any tracking done by Google through cookies and other mechanisms is subject to Google’s own privacy policies.</p>
+
+			<p>Your use of the Site may require that you have cookies turned on, depending on your login preferences.</p>
+
+			<h4>5. User Content</h4>
+			<p>We may allow you to post Content to our website, including videos and music. This content, once posted, is available for anyone to see and you are granting us the limited license for our use in accordance with our Terms of Service. As such, you must make sure you do not post anything that you do not have the rights to distribute. Please engage your brain when posting content.</p>
+
+			<h4>6. Third Party Sites</h4>
+			<p>Since our Site is built off of Content and sharing, you can be sure that you will encounter links to third party sites or Content that is being displayed from a third party site. Anytime you encounter a link to a website outside of musare.com, you should know that we have no control over that Site. We recommend that you consult those websites privacy policies, terms of service, and other similar documents when using them.</p>
+
+			<p>You may also have the ability to interface, through the use of APIs, with third party websites such as social websites like Facebook, GitHub and Twitter. Be advised that we cannot be responsible for any breaches of privacy that may arise from the use of these third party websites.</p>
+
+			<h4>7. Access to Information and Data Storage</h4>
+			<p>We may host data with third parties and allow third parties to access, maintain, or otherwise use your information for purposes that we deem conducive to improving our business and service. We will strive to always deal with reputable providers, but we cannot make any guarantees. As such, you hereby agree that we are not liable for any privacy breaches that may occur as a result of the actions of third parties. In addition, how you interact with our Site may be shared with the third party service that you used to login, which means you are also storing information on their servers, which is governed by their own agreements.</p>
+
+			<h4>8. Law Enforcement</h4>
+			<p>We may disclose your information to a third party where we believe, in good faith that we are required to for legal purposes. The disclosure may be due to a criminal investigation, or a civil subpoena. If we receive such a request we may, but are not required to, notify you of such request and give you an opportunity to respond.</p>
+
+			<h4>9. Children's Online Privacy Protection Act</h4>
+			<p>We do not allow users on our website who are under the age of thirteen years old. If you become aware of such a user, please notify us immediately. If you are reported as being in violation of our age policy, we may freeze your account and require that you submit satisfactory proof of age before you may continue using our service.</p>
+
+			<h4>10. Amendments</h4>
+			<p>We may amend this Privacy Policy under the same conditions as our Terms of Service. Your responsibility to keep yourself updated as to changes to this Privacy Policy is the same as in our “Amendments” section in our Terms of Service.</p>
+
+			<h4>11. Users from outside the United States</h4>
+			<p>We may have users who are from outside the United States. If you are, you are acknowledging that your information is being transferred from your country to ours. To the extent we are required, we maintain our Site and information collection practices in a way that conforms with most laws. If you are from a jurisdiction who's information collection practices differ from ours, please notify us so that we may take necessary action. This may include terminating your account and deleting your information. We are committed to resolving those issues, so if you have any questions about how we collect or use your information you may email us at musaremusic@gmail.com.</p>
+
+			<h4>12. Deactivating your account</h4>
+			<p>You may deactivate your account at any time by accessing your account settings, or send us a mail at musaremusic@gmail.com. When submitting your request, please let us know what led you to deactivate your account. Your feedback is greatly appreciated, and will help us to better accommodate members of the community.</p>
+		</div>
+		<main-footer></main-footer>
+	</div>
+</template>
+
+<script>
+	import MainHeader from '../MainHeader.vue';
+	import MainFooter from '../MainFooter.vue';
+
+	export default {
+		components: { MainHeader, MainFooter }
+	}
+</script>

File diff suppressed because it is too large
+ 32 - 0
frontend/components/pages/Terms.vue


+ 8 - 0
frontend/main.js

@@ -8,6 +8,8 @@ import Home from './components/pages/Home.vue';
 import Station from './components/Station/Station.vue';
 import Admin from './components/pages/Admin.vue';
 import News from './components/pages/News.vue';
+import Terms from './components/pages/Terms.vue';
+import Privacy from './components/pages/Privacy.vue';
 import User from './components/User/Show.vue';
 import Settings from './components/User/Settings.vue';
 import Login from './components/Modals/Login.vue';
@@ -66,6 +68,12 @@ router.map({
 	'*': {
 		component: NotFound
 	},
+	'/terms': {
+		component: Terms
+	},
+	'/privacy': {
+		component: Privacy
+	},
 	'/news': {
 		component: News
 	},

Some files were not shown because too many files changed in this diff