+ setLoginToken: function(token, uid, cb)
+ {
+ db.serialize(function() {
+ const query =
+ "UPDATE Users " +
+ "SET loginToken = '" + token + "', loginTime = " + Date.now() + " " +
+ "WHERE id = " + uid;
+ db.run(query, cb);
+ });
+ },
+
+ // Set session token only if empty (first login)
+ // NOTE: weaker security (but avoid to re-login everywhere after each logout)
+ // TODO: option would be to reset all tokens periodically, e.g. every 3 months
+ trySetSessionToken: function(uid, cb)
+ {
+ // Also empty the login token to invalidate future attempts
+ db.serialize(function() {
+ const querySessionToken =
+ "SELECT sessionToken " +
+ "FROM Users " +
+ "WHERE id = " + uid;
+ db.get(querySessionToken, (err,ret) => {
+ if (!!err)
+ return cb(err);
+ const token = ret.sessionToken || genToken(params.token.length);
+ const queryUpdate =
+ "UPDATE Users " +
+ "SET loginToken = NULL" +
+ (!ret.sessionToken ? (", sessionToken = '" + token + "'") : "") + " " +
+ "WHERE id = " + uid;
+ db.run(queryUpdate);
+ cb(null, token);
+ });
+ });
+ },
+
+ updateSettings: function(user, cb)
+ {
+ db.serialize(function() {
+ const query =
+ "UPDATE Users " +
+ "SET name = '" + user.name + "'" +
+ ", email = '" + user.email + "'" +
+ ", notify = " + user.notify + " " +
+ "WHERE id = " + user.id;
+ db.run(query, cb);
+ });
+ },
+
+ /////////////////
+ // NOTIFICATIONS
+
+ notify: function(user, message)
+ {
+ const subject = "vchess.club - notification";
+ const body = "Hello " + user.name + "!" + `
+` + message;
+ sendEmail(params.mail.noreply, user.email, subject, body);
+ },
+
+ tryNotify: function(id, message)
+ {
+ UserModel.getOne("id", id, (err,user) => {
+ if (!err || !user.notify)
+ return; //NOTE: error is ignored here
+ UserModel.notify(user, message);
+ });
+ },
+
+ ////////////
+ // CLEANING
+
+ cleanUsersDb: function()
+ {
+ const tsNow = Date.now();
+ // 86400000 = 24 hours in milliseconds
+ const day = 86400000;
+ db.serialize(function() {
+ const query =
+ "SELECT id, sessionToken, created " +
+ "FROM Users";
+ db.all(query, (err, users) => {
+ users.forEach(u => {
+ // Remove unlogged users for >1 day
+ if (!u.sessionToken && tsNow - u.created > day)
+ db.run("DELETE FROM Users WHERE id = " + u.id);
+ });
+ });
+ });
+ },