Draft or user bio support (ready in Hall, TODO in Game)
[vchess.git] / server / models / User.js
CommitLineData
c5c47010
BA
1const db = require("../utils/database");
2const genToken = require("../utils/tokenGenerator");
3const params = require("../config/parameters");
4const sendEmail = require('../utils/mailer');
8d7e2786
BA
5
6/*
7 * Structure:
8 * _id: integer
9 * name: varchar
10 * email: varchar
11 * loginToken: token on server only
12 * loginTime: datetime (validity)
13 * sessionToken: token in cookies for authentication
14 * notify: boolean (send email notifications for corr games)
83494c7f 15 * created: datetime
dd10eb93 16 * bio: text
8d7e2786
BA
17 */
18
0234201f
BA
19const UserModel = {
20 checkNameEmail: function(o) {
866842c3 21 return (
188b4a8f
BA
22 (!o.name || !!(o.name.match(/^[\w-]+$/))) &&
23 (!o.email || !!(o.email.match(/^[\w.+-]+@[\w.+-]+$/)))
866842c3 24 );
dac39588 25 },
98db2082 26
0234201f 27 create: function(name, email, notify, cb) {
dac39588 28 db.serialize(function() {
866842c3 29 const query =
dac39588
BA
30 "INSERT INTO Users " +
31 "(name, email, notify, created) VALUES " +
866842c3
BA
32 "('" + name + "','" + email + "'," + notify + "," + Date.now() + ")";
33 db.run(query, function(err) {
0234201f 34 cb(err, { id: this.lastID });
dac39588
BA
35 });
36 });
37 },
8d7e2786 38
866842c3 39 // Find one user by id, name, email, or token
0234201f 40 getOne: function(by, value, cb) {
dac39588
BA
41 const delimiter = (typeof value === "string" ? "'" : "");
42 db.serialize(function() {
43 const query =
44 "SELECT * " +
45 "FROM Users " +
46 "WHERE " + by + " = " + delimiter + value + delimiter;
47 db.get(query, cb);
48 });
49 },
8d7e2786 50
ed9c9c37
BA
51 getByIds: function(ids, cb) {
52 db.serialize(function() {
53 const query =
54 "SELECT id, name " +
1f49533d 55 "FROM Users " +
ed9c9c37
BA
56 "WHERE id IN (" + ids + ")";
57 db.all(query, cb);
58 });
1f49533d
BA
59 },
60
dd10eb93
BA
61 getBio: function(id) {
62 db.serialize(function() {
63 const query =
64 "SELECT bio " +
65 "FROM Users " +
66 "WHERE id = " + id;
67 db.get(query, cb);
68 });
69 },
70
dac39588
BA
71 /////////
72 // MODIFY
8d7e2786 73
0234201f 74 setLoginToken: function(token, id) {
dac39588
BA
75 db.serialize(function() {
76 const query =
77 "UPDATE Users " +
866842c3 78 "SET loginToken = '" + token + "',loginTime = " + Date.now() + " " +
0234201f 79 "WHERE id = " + id;
866842c3 80 db.run(query);
dac39588
BA
81 });
82 },
8d7e2786 83
dd10eb93 84 setBio: function(id, bio) {
d9a7a1e4
BA
85 db.serialize(function() {
86 const query =
87 "UPDATE Users " +
dd10eb93 88 "SET bio = ? " +
0234201f 89 "WHERE id = " + id;
dd10eb93 90 db.run(query, bio);
d9a7a1e4
BA
91 });
92 },
93
dac39588
BA
94 // Set session token only if empty (first login)
95 // NOTE: weaker security (but avoid to re-login everywhere after each logout)
2c5d7b20 96 // TODO: option would be to reset all tokens periodically (every 3 months?)
0234201f 97 trySetSessionToken: function(id, cb) {
dac39588 98 db.serialize(function() {
866842c3 99 let query =
dac39588
BA
100 "SELECT sessionToken " +
101 "FROM Users " +
0234201f 102 "WHERE id = " + id;
2c5d7b20 103 db.get(query, (err, ret) => {
dac39588 104 const token = ret.sessionToken || genToken(params.token.length);
2c5d7b20
BA
105 const setSessionToken =
106 (!ret.sessionToken ? (", sessionToken = '" + token + "'") : "");
866842c3 107 query =
dac39588 108 "UPDATE Users " +
866842c3 109 // Also empty the login token to invalidate future attempts
dac39588 110 "SET loginToken = NULL" +
2c5d7b20 111 setSessionToken + " " +
0234201f 112 "WHERE id = " + id;
866842c3
BA
113 db.run(query);
114 cb(token);
dac39588
BA
115 });
116 });
117 },
ab4f4bf2 118
0234201f 119 updateSettings: function(user) {
dac39588
BA
120 db.serialize(function() {
121 const query =
122 "UPDATE Users " +
123 "SET name = '" + user.name + "'" +
124 ", email = '" + user.email + "'" +
125 ", notify = " + user.notify + " " +
126 "WHERE id = " + user.id;
866842c3 127 db.run(query);
dac39588
BA
128 });
129 },
5d04793e
BA
130
131 /////////////////
132 // NOTIFICATIONS
133
0234201f 134 notify: function(user, message) {
fe4c7e67 135 const subject = "vchess.club - notification";
f53871db 136 const body = "Hello " + user.name + " !" + `
a749972c 137` + message;
fe4c7e67
BA
138 sendEmail(params.mail.noreply, user.email, subject, body);
139 },
140
0234201f 141 tryNotify: function(id, message) {
fe4c7e67 142 UserModel.getOne("id", id, (err,user) => {
0234201f 143 if (!err && user.notify) UserModel.notify(user, message);
2be5d614 144 });
83494c7f
BA
145 },
146
147 ////////////
148 // CLEANING
ab4f4bf2 149
0234201f 150 cleanUsersDb: function() {
83494c7f
BA
151 const tsNow = Date.now();
152 // 86400000 = 24 hours in milliseconds
153 const day = 86400000;
154 db.serialize(function() {
155 const query =
a97bdbda 156 "SELECT id, sessionToken, created, name, email " +
83494c7f
BA
157 "FROM Users";
158 db.all(query, (err, users) => {
0234201f 159 let toRemove = [];
83494c7f 160 users.forEach(u => {
0234201f 161 // Remove users unlogged for > 24h
83494c7f 162 if (!u.sessionToken && tsNow - u.created > day)
a97bdbda 163 {
0d5335de 164 toRemove.push(u.id);
059228c9 165 UserModel.notify(
a97bdbda
BA
166 u,
167 "Your account has been deleted because " +
168 "you didn't log in for 24h after registration"
169 );
a97bdbda 170 }
83494c7f 171 });
0234201f
BA
172 if (toRemove.length > 0) {
173 db.run(
174 "DELETE FROM Users " +
175 "WHERE id IN (" + toRemove.join(",") + ")"
176 );
177 }
83494c7f
BA
178 });
179 });
180 },
181}
d431028c 182
ab4f4bf2 183module.exports = UserModel;