X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=server%2Fmodels%2FUser.js;h=f3adb31d8b8401952c14323c3de5ea16b14d7de3;hb=866842c3c310524c034922870234120ed2a16cbf;hp=bd7e8edc24acd5f2f5000d06cfd74522f0a52707;hpb=37ac10c20f8ea067cff515719e4d50e7db511f15;p=vchess.git

diff --git a/server/models/User.js b/server/models/User.js
index bd7e8edc..f3adb31d 100644
--- a/server/models/User.js
+++ b/server/models/User.js
@@ -1,7 +1,7 @@
-var db = require("../utils/database");
-var genToken = require("../utils/tokenGenerator");
-var params = require("../config/parameters");
-var sendEmail = require('../utils/mailer');
+const db = require("../utils/database");
+const genToken = require("../utils/tokenGenerator");
+const params = require("../config/parameters");
+const sendEmail = require('../utils/mailer');
 
 /*
  * Structure:
@@ -19,40 +19,26 @@ const UserModel =
 {
   checkNameEmail: function(o)
   {
-    if (typeof o.name === "string")
-    {
-      if (o.name.length == 0)
-        return "Empty name";
-      if (!o.name.match(/^[\w]+$/))
-        return "Bad characters in name";
-    }
-    if (typeof o.email === "string")
-    {
-      if (o.email.length == 0)
-        return "Empty email";
-      if (!o.email.match(/^[\w.+-]+@[\w.+-]+$/))
-        return "Bad characters in email";
-    }
-    return ""; //NOTE: not required, but more consistent... (?!)
+    return (
+      (!o.name || o.name.match(/^[\w]+$/)) &&
+      (!o.email || o.email.match(/^[\w.+-]+@[\w.+-]+$/))
+    );
   },
 
-  // NOTE: parameters are already cleaned (in controller), thus no sanitization here
-  create: function(name, email, notify, callback)
+  create: function(name, email, notify, cb)
   {
     db.serialize(function() {
-      const insertQuery =
+      const query =
         "INSERT INTO Users " +
         "(name, email, notify, created) VALUES " +
-        "('" + name + "', '" + email + "', " + notify + "," + Date.now() + ")";
-      db.run(insertQuery, err => {
-        if (!!err)
-          return callback(err);
-        db.get("SELECT last_insert_rowid() AS rowid", callback);
+        "('" + name + "','" + email + "'," + notify + "," + Date.now() + ")";
+      db.run(query, function(err) {
+        cb(err, {uid: this.lastID});
       });
     });
   },
 
-  // Find one user (by id, name, email, or token)
+  // Find one user by id, name, email, or token
   getOne: function(by, value, cb)
   {
     const delimiter = (typeof value === "string" ? "'" : "");
@@ -78,14 +64,14 @@ const UserModel =
   /////////
   // MODIFY
 
-  setLoginToken: function(token, uid, cb)
+  setLoginToken: function(token, uid)
   {
     db.serialize(function() {
       const query =
         "UPDATE Users " +
-        "SET loginToken = '" + token + "', loginTime = " + Date.now() + " " +
+        "SET loginToken = '" + token + "',loginTime = " + Date.now() + " " +
         "WHERE id = " + uid;
-      db.run(query, cb);
+      db.run(query);
     });
   },
 
@@ -94,28 +80,26 @@ const UserModel =
   // TODO: option would be to reset all tokens periodically, e.g. every 3 months
   trySetSessionToken: function(uid, cb)
   {
-    // Also empty the login token to invalidate future attempts
     db.serialize(function() {
-      const querySessionToken =
+      let query =
         "SELECT sessionToken " +
         "FROM Users " +
         "WHERE id = " + uid;
-      db.get(querySessionToken, (err,ret) => {
-        if (!!err)
-          return cb(err);
+      db.get(query, (err,ret) => {
         const token = ret.sessionToken || genToken(params.token.length);
-        const queryUpdate =
+        query =
           "UPDATE Users " +
+          // Also empty the login token to invalidate future attempts
           "SET loginToken = NULL" +
           (!ret.sessionToken ? (", sessionToken = '" + token + "'") : "") + " " +
           "WHERE id = " + uid;
-        db.run(queryUpdate);
-        cb(null, token);
+        db.run(query);
+        cb(token);
       });
     });
   },
 
-  updateSettings: function(user, cb)
+  updateSettings: function(user)
   {
     db.serialize(function() {
       const query =
@@ -124,7 +108,7 @@ const UserModel =
         ", email = '" + user.email + "'" +
         ", notify = " + user.notify + " " +
         "WHERE id = " + user.id;
-      db.run(query, cb);
+      db.run(query);
     });
   },
 
@@ -135,16 +119,15 @@ const UserModel =
   {
     const subject = "vchess.club - notification";
     const body = "Hello " + user.name + "!" + `
-    ` + message;
+` + message;
     sendEmail(params.mail.noreply, user.email, subject, body);
   },
 
   tryNotify: function(id, message)
   {
     UserModel.getOne("id", id, (err,user) => {
-      if (!err || !user.notify)
-        return; //NOTE: error is ignored here
-      UserModel.notify(user, message);
+      if (!err && user.notify)
+        UserModel.notify(user, message);
     });
   },