X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=models%2FUser.js;h=a36ab683487fd7d9d6bc8761ee105536e0c9ca42;hb=ab4f4bf258ed68d8292b64d81babde03cddbae3c;hp=4b5c840a6730976a196b8b8f5c15edc5f370edc8;hpb=00f2759e16ec73fa1ecd0254a9c9018530d71892;p=vchess.git

diff --git a/models/User.js b/models/User.js
index 4b5c840a..a36ab683 100644
--- a/models/User.js
+++ b/models/User.js
@@ -14,83 +14,88 @@ var params = require("../config/parameters");
  *   notify: boolean (send email notifications for corr games)
  */
 
-// NOTE: parameters are already cleaned (in controller), thus no sanitization here
-exports.create = function(name, email, notify, callback)
+const UserModel =
 {
-	db.serialize(function() {
-		const insertQuery =
-			"INSERT INTO Users " +
-			"(name, email, notify) VALUES " +
-			"('" + name + "', '" + email + "', " + notify + ")";
-		db.run(insertQuery, err => {
-			if (!!err)
-				return callback(err);
-			db.get("SELECT last_insert_rowid() AS rowid", callback);
+	// NOTE: parameters are already cleaned (in controller), thus no sanitization here
+	create: function(name, email, notify, callback)
+	{
+		db.serialize(function() {
+			const insertQuery =
+				"INSERT INTO Users " +
+				"(name, email, notify) VALUES " +
+				"('" + name + "', '" + email + "', " + notify + ")";
+			db.run(insertQuery, err => {
+				if (!!err)
+					return callback(err);
+				db.get("SELECT last_insert_rowid() AS rowid", callback);
+			});
 		});
-	});
-}
-
-// Find one user (by id, name, email, or token)
-exports.getOne = function(by, value, cb)
-{
-	const delimiter = (typeof value === "string" ? "'" : "");
-	db.serialize(function() {
-		const query =
-			"SELECT * " +
-			"FROM Users " +
-			"WHERE " + by + " = " + delimiter + value + delimiter;
-		db.get(query, cb);
-	});
-}
+	},
 
-/////////
-// MODIFY
+	// Find one user (by id, name, email, or token)
+	getOne: function(by, value, cb)
+	{
+		const delimiter = (typeof value === "string" ? "'" : "");
+		db.serialize(function() {
+			const query =
+				"SELECT * " +
+				"FROM Users " +
+				"WHERE " + by + " = " + delimiter + value + delimiter;
+			db.get(query, cb);
+		});
+	},
 
-exports.setLoginToken = function(token, uid, cb)
-{
-	db.serialize(function() {
-		const query =
-			"UPDATE Users " +
-			"SET loginToken = '" + token + "', loginTime = " + Date.now() + " " +
-			"WHERE id = " + uid;
-		db.run(query, cb);
-	});
-}
+	/////////
+	// MODIFY
 
-// Set session token only if empty (first login)
-// TODO: weaker security (but avoid to re-login everywhere after each logout)
-exports.trySetSessionToken = function(uid, cb)
-{
-	// Also empty the login token to invalidate future attempts
-	db.serialize(function() {
-		const querySessionToken =
-			"SELECT sessionToken " +
-			"FROM Users " +
-			"WHERE id = " + uid;
-		db.get(querySessionToken, (err,ret) => {
-			if (!!err)
-				return cb(err);
-			const token = ret.sessionToken || genToken(params.token.length);
-			const queryUpdate =
+	setLoginToken: function(token, uid, cb)
+	{
+		db.serialize(function() {
+			const query =
 				"UPDATE Users " +
-				"SET loginToken = NULL" +
-				(!ret.sessionToken ? (", sessionToken = '" + token + "'") : "") + " " +
+				"SET loginToken = '" + token + "', loginTime = " + Date.now() + " " +
 				"WHERE id = " + uid;
-			db.run(queryUpdate);
-			cb(null, token);
+			db.run(query, cb);
 		});
-	});
-}
+	},
 
-exports.updateSettings = function(user, cb)
-{
-	db.serialize(function() {
-		const query =
-			"UPDATE Users " +
-			"SET name = '" + user.name + "'" +
-			", email = '" + user.email + "'" +
-			", notify = " + user.notify + " " +
-			"WHERE id = " + user.id;
-		db.run(query, cb);
-	});
+	// Set session token only if empty (first login)
+	// TODO: weaker security (but avoid to re-login everywhere after each logout)
+	trySetSessionToken: function(uid, cb)
+	{
+		// Also empty the login token to invalidate future attempts
+		db.serialize(function() {
+			const querySessionToken =
+				"SELECT sessionToken " +
+				"FROM Users " +
+				"WHERE id = " + uid;
+			db.get(querySessionToken, (err,ret) => {
+				if (!!err)
+					return cb(err);
+				const token = ret.sessionToken || genToken(params.token.length);
+				const queryUpdate =
+					"UPDATE Users " +
+					"SET loginToken = NULL" +
+					(!ret.sessionToken ? (", sessionToken = '" + token + "'") : "") + " " +
+					"WHERE id = " + uid;
+				db.run(queryUpdate);
+				cb(null, token);
+			});
+		});
+	},
+
+	updateSettings: function(user, cb)
+	{
+		db.serialize(function() {
+			const query =
+				"UPDATE Users " +
+				"SET name = '" + user.name + "'" +
+				", email = '" + user.email + "'" +
+				", notify = " + user.notify + " " +
+				"WHERE id = " + user.id;
+			db.run(query, cb);
+		});
+	},
 }
+
+module.exports = UserModel;