X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=server%2Fmodels%2FUser.js;h=c05161567b49b09492b647f9564b00a47d91e6ca;hb=25d183426e276870f57793f1f043c40a412d18c6;hp=60584275713dbdefe177a5064bdb7749c3de402d;hpb=ed9c9c3741ec8b03cf899eae529216a2520bba0d;p=vchess.git diff --git a/server/models/User.js b/server/models/User.js index 60584275..c0516156 100644 --- a/server/models/User.js +++ b/server/models/User.js @@ -1,7 +1,7 @@ var db = require("../utils/database"); -var maild = require("../utils/mailer.js"); var genToken = require("../utils/tokenGenerator"); var params = require("../config/parameters"); +var sendEmail = require('../utils/mailer'); /* * Structure: @@ -12,6 +12,7 @@ var params = require("../config/parameters"); * loginTime: datetime (validity) * sessionToken: token in cookies for authentication * notify: boolean (send email notifications for corr games) + * created: datetime */ const UserModel = @@ -32,6 +33,7 @@ const UserModel = if (!o.email.match(/^[\w.+-]+@[\w.+-]+$/)) return "Bad characters in email"; } + return ""; //NOTE: not required, but more consistent... (?!) }, // NOTE: parameters are already cleaned (in controller), thus no sanitization here @@ -40,8 +42,8 @@ const UserModel = db.serialize(function() { const insertQuery = "INSERT INTO Users " + - "(name, email, notify) VALUES " + - "('" + name + "', '" + email + "', " + notify + ")"; + "(name, email, notify, created) VALUES " + + "('" + name + "', '" + email + "', " + notify + "," + Date.now() + ")"; db.run(insertQuery, err => { if (!!err) return callback(err); @@ -88,8 +90,9 @@ const UserModel = }, // Set session token only if empty (first login) - // TODO: weaker security (but avoid to re-login everywhere after each logout) - trySetSessionToken: function(uid, cb) + // NOTE: weaker security (but avoid to re-login everywhere after each logout) + // TODO: option would be to reset all tokens periodically, e.g. every 3 months + trySetSessionToken: function(uid, cb) { // Also empty the login token to invalidate future attempts db.serialize(function() { @@ -128,11 +131,40 @@ const UserModel = ///////////////// // NOTIFICATIONS - tryNotify: function(oppId, gid, vname, message) + tryNotify: function(oppId, message) { - // TODO: send email to oppId (request...) with title - // "vchess.club - vname" and content "message" - } + UserModel.getOne("id", oppId, (err,opp) => { + if (!err || !opp.notify) + return; //error is ignored here (TODO: should be logged) + const subject = "vchess.club - notification"; + const body = "Hello " + opp.name + "!\n" + message; + sendEmail(params.mail.noreply, opp.email, subject, body, err => { + res.json(err || {}); + }); + }); + }, + + //////////// + // CLEANING + + cleanUsersDb: function() + { + const tsNow = Date.now(); + // 86400000 = 24 hours in milliseconds + const day = 86400000; + db.serialize(function() { + const query = + "SELECT id, sessionToken, created " + + "FROM Users"; + db.all(query, (err, users) => { + users.forEach(u => { + // Remove unlogged users for >1 day + if (!u.sessionToken && tsNow - u.created > day) + db.run("DELETE FROM Users WHERE id = " + u.id); + }); + }); + }); + }, } module.exports = UserModel;