X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=models%2FUser.js;fp=models%2FUser.js;h=0000000000000000000000000000000000000000;hb=625022fdcf750f0aff8fcd699f7e9b89730e1d10;hp=a36ab683487fd7d9d6bc8761ee105536e0c9ca42;hpb=b955c65b942d09d24b5c3bed0d755d4f2f8f71f1;p=vchess.git

diff --git a/models/User.js b/models/User.js
deleted file mode 100644
index a36ab683..00000000
--- a/models/User.js
+++ /dev/null
@@ -1,101 +0,0 @@
-var db = require("../utils/database");
-var maild = require("../utils/mailer.js");
-var genToken = require("../utils/tokenGenerator");
-var params = require("../config/parameters");
-
-/*
- * Structure:
- *   _id: integer
- *   name: varchar
- *   email: varchar
- *   loginToken: token on server only
- *   loginTime: datetime (validity)
- *   sessionToken: token in cookies for authentication
- *   notify: boolean (send email notifications for corr games)
- */
-
-const UserModel =
-{
-	// NOTE: parameters are already cleaned (in controller), thus no sanitization here
-	create: function(name, email, notify, callback)
-	{
-		db.serialize(function() {
-			const insertQuery =
-				"INSERT INTO Users " +
-				"(name, email, notify) VALUES " +
-				"('" + name + "', '" + email + "', " + notify + ")";
-			db.run(insertQuery, err => {
-				if (!!err)
-					return callback(err);
-				db.get("SELECT last_insert_rowid() AS rowid", callback);
-			});
-		});
-	},
-
-	// Find one user (by id, name, email, or token)
-	getOne: function(by, value, cb)
-	{
-		const delimiter = (typeof value === "string" ? "'" : "");
-		db.serialize(function() {
-			const query =
-				"SELECT * " +
-				"FROM Users " +
-				"WHERE " + by + " = " + delimiter + value + delimiter;
-			db.get(query, cb);
-		});
-	},
-
-	/////////
-	// MODIFY
-
-	setLoginToken: function(token, uid, cb)
-	{
-		db.serialize(function() {
-			const query =
-				"UPDATE Users " +
-				"SET loginToken = '" + token + "', loginTime = " + Date.now() + " " +
-				"WHERE id = " + uid;
-			db.run(query, cb);
-		});
-	},
-
-	// Set session token only if empty (first login)
-	// TODO: weaker security (but avoid to re-login everywhere after each logout)
-	trySetSessionToken: function(uid, cb)
-	{
-		// Also empty the login token to invalidate future attempts
-		db.serialize(function() {
-			const querySessionToken =
-				"SELECT sessionToken " +
-				"FROM Users " +
-				"WHERE id = " + uid;
-			db.get(querySessionToken, (err,ret) => {
-				if (!!err)
-					return cb(err);
-				const token = ret.sessionToken || genToken(params.token.length);
-				const queryUpdate =
-					"UPDATE Users " +
-					"SET loginToken = NULL" +
-					(!ret.sessionToken ? (", sessionToken = '" + token + "'") : "") + " " +
-					"WHERE id = " + uid;
-				db.run(queryUpdate);
-				cb(null, token);
-			});
-		});
-	},
-
-	updateSettings: function(user, cb)
-	{
-		db.serialize(function() {
-			const query =
-				"UPDATE Users " +
-				"SET name = '" + user.name + "'" +
-				", email = '" + user.email + "'" +
-				", notify = " + user.notify + " " +
-				"WHERE id = " + user.id;
-			db.run(query, cb);
-		});
-	},
-}
-
-module.exports = UserModel;