- /////////
- // MODIFY
-
- setLoginToken: function(token, uid, cb)
- {
- db.serialize(function() {
- const query =
- "UPDATE Users " +
- "SET loginToken = '" + token + "', loginTime = " + Date.now() + " " +
- "WHERE id = " + uid;
- db.run(query, cb);
- });
- },
-
- // Set session token only if empty (first login)
- // TODO: weaker security (but avoid to re-login everywhere after each logout)
- trySetSessionToken: function(uid, cb)
- {
- // Also empty the login token to invalidate future attempts
- db.serialize(function() {
- const querySessionToken =
- "SELECT sessionToken " +
- "FROM Users " +
- "WHERE id = " + uid;
- db.get(querySessionToken, (err,ret) => {
- if (!!err)
- return cb(err);
- const token = ret.sessionToken || genToken(params.token.length);
- const queryUpdate =
- "UPDATE Users " +
- "SET loginToken = NULL" +
- (!ret.sessionToken ? (", sessionToken = '" + token + "'") : "") + " " +
- "WHERE id = " + uid;
- db.run(queryUpdate);
- cb(null, token);
- });
- });
- },
-
- updateSettings: function(user, cb)
- {
- db.serialize(function() {
- const query =
- "UPDATE Users " +
- "SET name = '" + user.name + "'" +
- ", email = '" + user.email + "'" +
- ", notify = " + user.notify + " " +
- "WHERE id = " + user.id;
- db.run(query, cb);
- });
- },
+ getBio: function(id, cb) {
+ db.serialize(function() {
+ const query =
+ "SELECT bio " +
+ "FROM Users " +
+ "WHERE id = " + id;
+ db.get(query, cb);
+ });
+ },
+
+ /////////
+ // MODIFY
+
+ setLoginToken: function(token, id) {
+ db.serialize(function() {
+ const query =
+ "UPDATE Users " +
+ "SET loginToken = '" + token + "',loginTime = " + Date.now() + " " +
+ "WHERE id = " + id;
+ db.run(query);
+ });
+ },
+
+ setBio: function(id, bio) {
+ db.serialize(function() {
+ const query =
+ "UPDATE Users " +
+ "SET bio = ? " +
+ "WHERE id = " + id;
+ db.run(query, bio);
+ });
+ },
+
+ // Set session token only if empty (first login)
+ // NOTE: weaker security (but avoid to re-login everywhere after each logout)
+ // TODO: option would be to reset all tokens periodically (every 3 months?)
+ trySetSessionToken: function(id, cb) {
+ db.serialize(function() {
+ let query =
+ "SELECT sessionToken " +
+ "FROM Users " +
+ "WHERE id = " + id;
+ db.get(query, (err, ret) => {
+ const token = ret.sessionToken || genToken(params.token.length);
+ const setSessionToken =
+ (!ret.sessionToken ? (", sessionToken = '" + token + "'") : "");
+ query =
+ "UPDATE Users " +
+ // Also empty the login token to invalidate future attempts
+ "SET loginToken = NULL" +
+ setSessionToken + " " +
+ "WHERE id = " + id;
+ db.run(query);
+ cb(token);
+ });
+ });
+ },
+
+ updateSettings: function(user) {
+ db.serialize(function() {
+ const query =
+ "UPDATE Users " +
+ "SET name = '" + user.name + "'" +
+ ", email = '" + user.email + "'" +
+ ", notify = " + user.notify + " " +
+ "WHERE id = " + user.id;
+ db.run(query);
+ });
+ },
+
+ /////////////////
+ // NOTIFICATIONS
+
+ notify: function(user, message) {
+ const subject = "vchess.club - notification";
+ const body = "Hello " + user.name + " !" + `
+` + message;
+ sendEmail(params.mail.noreply, user.email, subject, body);
+ },
+
+ tryNotify: function(id, message) {
+ UserModel.getOne("id", id, (err,user) => {
+ if (!err && user.notify) UserModel.notify(user, message);
+ });
+ },
+
+ ////////////
+ // CLEANING
+
+ cleanUsersDb: function() {
+ const tsNow = Date.now();
+ // 86400000 = 24 hours in milliseconds
+ const day = 86400000;
+ db.serialize(function() {
+ const query =
+ "SELECT id, sessionToken, created, name, email " +
+ "FROM Users";
+ db.all(query, (err, users) => {
+ let toRemove = [];
+ users.forEach(u => {
+ // Remove users unlogged for > 24h
+ if (!u.sessionToken && tsNow - u.created > day)
+ {
+ toRemove.push(u.id);
+ UserModel.notify(
+ u,
+ "Your account has been deleted because " +
+ "you didn't log in for 24h after registration"
+ );
+ }
+ });
+ if (toRemove.length > 0) {
+ db.run(
+ "DELETE FROM Users " +
+ "WHERE id IN (" + toRemove.join(",") + ")"
+ );
+ }
+ });
+ });
+ },