[vchess.git] / models / User.js

var db = require("../utils/database");
var maild = require("../utils/mailer.js");
var TokenGen = require("../utils/tokenGenerator");

/*
 * Structure:
 *   _id: integer
 *   name: varchar
 *   email: varchar
 *   loginToken: token on server only
 *   loginTime: datetime (validity)
 *   sessionToken: token in cookies for authentication
 *   notify: boolean (send email notifications for corr games)
 */

// User creation
exports.create = function(name, email, notify, callback)
{
	if (!notify)
		notify = false; //default
	db.serialize(function() {
		db.run(
			"INSERT INTO Users " +
			"(name, email, notify) VALUES " +
			"(" + name + "," + email + "," + notify + ")");
	});
}

// Find one user (by id, name, email, or token)
exports.getOne = function(by, value, cb)
{
	const delimiter = (typeof value === "string" ? "'" : "");
	db.serialize(function() {
		db.get(
			"SELECT * FROM Users " +
			"WHERE " + by + " = " + delimiter + value + delimiter,
			callback);
	});
}

/////////
// MODIFY

exports.setLoginToken = function(token, uid, cb)
{
	db.serialize(function() {
		db.run(
			"UPDATE Users " +
			"SET loginToken = " + token + " AND loginTime = " + Date.now() + " " +
			"WHERE id = " + uid);
	});
}

// Set session token only if empty (first login)
// TODO: weaker security (but avoid to re-login everywhere after each logout)
exports.trySetSessionToken = function(uid, cb)
{
	// Also empty the login token to invalidate future attempts
	db.serialize(function() {
		db.get(
			"SELECT sessionToken " +
			"FROM Users " +
			"WHERE id = " + uid, (err,token) => {
				if (!!err)
					return cb(err);
				const newToken = token || TokenGen.generate(params.token.length);
				db.run(
					"UPDATE Users " +
					"SET loginToken = NULL " +
					(!token ? "AND sessionToken = " + newToken + " " : "") +
					"WHERE id = " + uid);
				cb(null, newToken);
		});
	});
}

exports.updateSettings = function(user, cb)
{
	db.serialize(function() {
		db.run(
			"UPDATE Users " +
			"SET name = " + user.name +
			" AND email = " + user.email +
			" AND notify = " + user.notify + " " +
			"WHERE id = " + user._id);
	});
}
Commit	Line	Data
8d7e2786 BA	1	var db = require("../utils/database");
8d7e2786 BA	2	var maild = require("../utils/mailer.js");
0bd5933d	3	var TokenGen = require("../utils/tokenGenerator");
8d7e2786 BA	4
	5	/*
	6	* Structure:
	7	* _id: integer
	8	* name: varchar
	9	* email: varchar
	10	* loginToken: token on server only
	11	* loginTime: datetime (validity)
	12	* sessionToken: token in cookies for authentication
	13	* notify: boolean (send email notifications for corr games)
	14	*/
	15
	16	// User creation
	17	exports.create = function(name, email, notify, callback)
	18	{
	19	if (!notify)
	20	notify = false; //default
	21	db.serialize(function() {
	22	db.run(
	23	"INSERT INTO Users " +
	24	"(name, email, notify) VALUES " +
	25	"(" + name + "," + email + "," + notify + ")");
	26	});
	27	}
	28
	29	// Find one user (by id, name, email, or token)
	30	exports.getOne = function(by, value, cb)
	31	{
	32	const delimiter = (typeof value === "string" ? "'" : "");
	33	db.serialize(function() {
	34	db.get(
	35	"SELECT * FROM Users " +
0bd5933d	36	"WHERE " + by + " = " + delimiter + value + delimiter,
8d7e2786 BA	37	callback);
	38	});
	39	}
	40
	41	/////////
	42	// MODIFY
	43
	44	exports.setLoginToken = function(token, uid, cb)
	45	{
	46	db.serialize(function() {
	47	db.run(
	48	"UPDATE Users " +
	49	"SET loginToken = " + token + " AND loginTime = " + Date.now() + " " +
	50	"WHERE id = " + uid);
	51	});
	52	}
	53
0bd5933d BA	54	// Set session token only if empty (first login)
	55	// TODO: weaker security (but avoid to re-login everywhere after each logout)
	56	exports.trySetSessionToken = function(uid, cb)
8d7e2786 BA	57	{
	58	// Also empty the login token to invalidate future attempts
	59	db.serialize(function() {
0bd5933d BA	60	db.get(
	61	"SELECT sessionToken " +
	62	"FROM Users " +
	63	"WHERE id = " + uid, (err,token) => {
	64	if (!!err)
	65	return cb(err);
	66	const newToken = token \|\| TokenGen.generate(params.token.length);
	67	db.run(
	68	"UPDATE Users " +
	69	"SET loginToken = NULL " +
	70	(!token ? "AND sessionToken = " + newToken + " " : "") +
	71	"WHERE id = " + uid);
	72	cb(null, newToken);
	73	});
8d7e2786 BA	74	});
	75	}
	76
0bd5933d	77	exports.updateSettings = function(user, cb)
8d7e2786 BA	78	{
	79	db.serialize(function() {
	80	db.run(
	81	"UPDATE Users " +
0bd5933d BA	82	"SET name = " + user.name +
	83	" AND email = " + user.email +
	84	" AND notify = " + user.notify + " " +
	85	"WHERE id = " + user._id);
8d7e2786 BA	86	});
8d7e2786 BA	87	}