models/User.js

   1 var db = require("../utils/database");
   2 var maild = require("../utils/mailer.js");
   3 var TokenGen = require("../utils/tokenGenerator");
   4
   5 /*
   6  * Structure:
   7  *   _id: integer
   8  *   name: varchar
   9  *   email: varchar
  10  *   loginToken: token on server only
  11  *   loginTime: datetime (validity)
  12  *   sessionToken: token in cookies for authentication
  13  *   notify: boolean (send email notifications for corr games)
  14  */
  15
  16 // User creation
  17 exports.create = function(name, email, notify, callback)
  18 {
  19     if (!notify)
  20         notify = false; //default
  21     db.serialize(function() {
  22         db.run(
  23             "INSERT INTO Users " +
  24             "(name, email, notify) VALUES " +
  25             "(" + name + "," + email + "," + notify + ")");
  26     });
  27 }
  28
  29 // Find one user (by id, name, email, or token)
  30 exports.getOne = function(by, value, cb)
  31 {
  32     const delimiter = (typeof value === "string" ? "'" : "");
  33     db.serialize(function() {
  34         db.get(
  35             "SELECT * FROM Users " +
  36             "WHERE " + by + " = " + delimiter + value + delimiter,
  37             callback);
  38     });
  39 }
  40
  41 /////////
  42 // MODIFY
  43
  44 exports.setLoginToken = function(token, uid, cb)
  45 {
  46     db.serialize(function() {
  47         db.run(
  48             "UPDATE Users " +
  49             "SET loginToken = " + token + " AND loginTime = " + Date.now() + " " +
  50             "WHERE id = " + uid);
  51     });
  52 }
  53
  54 // Set session token only if empty (first login)
  55 // TODO: weaker security (but avoid to re-login everywhere after each logout)
  56 exports.trySetSessionToken = function(uid, cb)
  57 {
  58     // Also empty the login token to invalidate future attempts
  59     db.serialize(function() {
  60         db.get(
  61             "SELECT sessionToken " +
  62             "FROM Users " +
  63             "WHERE id = " + uid, (err,token) => {
  64                 if (!!err)
  65                     return cb(err);
  66                 const newToken = token || TokenGen.generate(params.token.length);
  67                 db.run(
  68                     "UPDATE Users " +
  69                     "SET loginToken = NULL " +
  70                     (!token ? "AND sessionToken = " + newToken + " " : "") +
  71                     "WHERE id = " + uid);
  72                 cb(null, newToken);
  73         });
  74     });
  75 }
  76
  77 exports.updateSettings = function(user, cb)
  78 {
  79     db.serialize(function() {
  80         db.run(
  81             "UPDATE Users " +
  82             "SET name = " + user.name +
  83             " AND email = " + user.email +
  84             " AND notify = " + user.notify + " " +
  85             "WHERE id = " + user._id);
  86     });
  87 }