robertjd · August 29, 2015 14:07
diff --git a/profile.js b/profile.js
 var express = require('express');
 var forms = require('forms');
 var csurf = require('csurf');
 var collectFormErrors = require('express-stormpath/lib/helpers').collectFormErrors;
 var stormpath = require('express-stormpath');
 var extend = require('xtend');

 // Declare the schema of our form:

 var profileForm = forms.create({
  givenName: forms.fields.string({
    required: true
  }),
  surname: forms.fields.string({ required: true }),
  streetAddress: forms.fields.string(),
  city: forms.fields.string(),
  state: forms.fields.string(),
  zip: forms.fields.string()
 });

 // A function that will render our form and
 // provide the values of the fields, as well
 // as any situation-specific locals

 function renderForm(req,res,locals){
  res.render('profile', extend({
    title: 'My Profile',
    csrfToken: req.csrfToken(),
    givenName: req.user.givenName,
    surname: req.user.surname,
    streetAddress: req.user.customData.streetAddress,
    city: req.user.customData.city,
    state: req.user.customData.state,
    zip: req.user.customData.zip
  },locals||{}));
 }

 module.exports = function profile(){
  var router = express.Router();

  router.use(csurf());

  router.all('/', stormpath.loginRequired, function(req, res) {
    profileForm.handle(req,{
      success: function(form){

        req.user.givenName = form.data.givenName;
        req.user.surname = form.data.surname;
        req.user.customData.streetAddress = form.data.streetAddress;
        req.user.customData.city = form.data.city;
        req.user.customData.state = form.data.state;
        req.user.customData.zip = form.data.zip;
        req.user.save(function(err){
          if(err){
            if(err.developerMessage){
              console.error(err);
            }
            renderForm(req,res,{
              errors: [{error: err.userMessage || err.message || String(err)}]
            });
          }else{
            renderForm(req,res,{
              saved:true
            });
          }
        });
      },
      error: function(form){
        renderForm(req,res,{
          errors: collectFormErrors(form)
        });
      },
      empty: function(){
        renderForm(req,res);
      }
    });
  });

  router.use(function (err, req, res, next) {
    // This handler catches errors for this router
    if (err.code === 'EBADCSRFTOKEN'){
      // The csurf library is telling us that it can't
      // find a valid token on the form
      if(req.user){
        // session token is invalid or expired.
        // render the form anyways, but tell them what happened
        renderForm(req,res,{
          errors:[{error:'Your form has expired.  Please try again.'}]
        });
      }else{
        // the user's cookies have been deleted, we dont know
        // their intention is - send them back to the home page
        res.redirect('/');
      }
    }else{
      // Let the parent app handle the error
      return next(err);
    }
  });

  return router;
 };
	var express = require('express');
	var forms = require('forms');
	var csurf = require('csurf');
	var collectFormErrors = require('express-stormpath/lib/helpers').collectFormErrors;
	var stormpath = require('express-stormpath');
	var extend = require('xtend');

	// Declare the schema of our form:

	var profileForm = forms.create({
	givenName: forms.fields.string({
	required: true
	}),
	surname: forms.fields.string({ required: true }),
	streetAddress: forms.fields.string(),
	city: forms.fields.string(),
	state: forms.fields.string(),
	zip: forms.fields.string()
	});

	// A function that will render our form and
	// provide the values of the fields, as well
	// as any situation-specific locals

	function renderForm(req,res,locals){
	res.render('profile', extend({
	title: 'My Profile',
	csrfToken: req.csrfToken(),
	givenName: req.user.givenName,
	surname: req.user.surname,
	streetAddress: req.user.customData.streetAddress,
	city: req.user.customData.city,
	state: req.user.customData.state,
	zip: req.user.customData.zip
	},locals\|\|{}));
	}

	module.exports = function profile(){
	var router = express.Router();

	router.use(csurf());

	router.all('/', stormpath.loginRequired, function(req, res) {
	profileForm.handle(req,{
	success: function(form){

	req.user.givenName = form.data.givenName;
	req.user.surname = form.data.surname;
	req.user.customData.streetAddress = form.data.streetAddress;
	req.user.customData.city = form.data.city;
	req.user.customData.state = form.data.state;
	req.user.customData.zip = form.data.zip;
	req.user.save(function(err){
	if(err){
	if(err.developerMessage){
	console.error(err);
	}
	renderForm(req,res,{
	errors: [{error: err.userMessage \|\| err.message \|\| String(err)}]
	});
	}else{
	renderForm(req,res,{
	saved:true
	});
	}
	});
	},
	error: function(form){
	renderForm(req,res,{
	errors: collectFormErrors(form)
	});
	},
	empty: function(){
	renderForm(req,res);
	}
	});
	});

	router.use(function (err, req, res, next) {
	// This handler catches errors for this router
	if (err.code === 'EBADCSRFTOKEN'){
	// The csurf library is telling us that it can't
	// find a valid token on the form
	if(req.user){
	// session token is invalid or expired.
	// render the form anyways, but tell them what happened
	renderForm(req,res,{
	errors:[{error:'Your form has expired. Please try again.'}]
	});
	}else{
	// the user's cookies have been deleted, we dont know
	// their intention is - send them back to the home page
	res.redirect('/');
	}
	}else{
	// Let the parent app handle the error
	return next(err);
	}
	});

	return router;
	};