// handle google auth callback flow app.get('/api/auth/google/handleCB', passport.authenticate('google', { failureRedirect: '/login' }), (req, res) => { // check if user already exists in system admin.auth().getUserByEmail(req.user.profile.emails[0].value) .then(() => { // user already exists in app, login login(req.user.token, false, res); }) .catch(err => { // user doesn't exist yet, create it if (err.code === 'auth/user-not-found') { login(req.user.token, true, res); } }); } );
// send a forgot password email app.post('/api/auth/sendForgotPasswordEmail', (req, res) => { // check if email exists firebase.auth().getUserByEmail(req.body.email) .then(user => { // generate id const resetPasswordID = shortid.generate(); // update user ref releated to provided email ref.child(user.uid).update({ resetPasswordID }); // send email to user email.sendforgotPassword(req.body.email, resetPasswordID, user.uid); }) .catch(err => {}); // catch any error, however we dont notify user // send back success response // send back same response even if no email exists in system due to securtiy res.status(200).json({ success: true, message: 'An e-mail containing instruction on how to reset your password has been sent to the provided email!' }); });