User management logic half-debugged

[vchess.git] / models / User.js

diff --git a/models/User.js b/models/User.js
index 777eeaa..6e91458 100644 (file)
--- a/models/User.js
+++ b/models/User.js
@@ -16,13 +16,12 @@ var TokenGen = require("../utils/tokenGenerator");
 // User creation
 exports.create = function(name, email, notify, callback)
 {
-       if (!notify)
-               notify = false; //default
        db.serialize(function() {
-               db.run(
+               const query =
                        "INSERT INTO Users " +
                        "(name, email, notify) VALUES " +
-                       "(" + name + "," + email + "," + notify + ")");
+                       "('" + name + "', '" + email + "', " + notify + ")";
+               db.run(query, callback); //TODO: need to get the inserted user (how ?)
        });
 }
 
@@ -31,10 +30,10 @@ exports.getOne = function(by, value, cb)
 {
        const delimiter = (typeof value === "string" ? "'" : "");
        db.serialize(function() {
-               db.get(
+               const query =
                        "SELECT * FROM Users " +
-                       "WHERE " + by + " = " + delimiter + value + delimiter,
-                       callback);
+                       "WHERE " + by + " = " + delimiter + value + delimiter;
+               db.get(query, cb);
        });
 }
 
@@ -44,10 +43,11 @@ exports.getOne = function(by, value, cb)
 exports.setLoginToken = function(token, uid, cb)
 {
        db.serialize(function() {
-               db.run(
+               const query =
                        "UPDATE Users " +
                        "SET loginToken = " + token + " AND loginTime = " + Date.now() + " " +
-                       "WHERE id = " + uid);
+                       "WHERE id = " + uid;
+               db.run(query, cb);
        });
 }
 
@@ -57,18 +57,20 @@ exports.trySetSessionToken = function(uid, cb)
 {
        // Also empty the login token to invalidate future attempts
        db.serialize(function() {
-               db.get(
+               const querySessionTOken =
                        "SELECT sessionToken " +
                        "FROM Users " +
-                       "WHERE id = " + uid, (err,token) => {
-                               if (!!err)
-                                       return cb(err);
-                               const newToken = token || TokenGen.generate(params.token.length);
-                               db.run(
-                                       "UPDATE Users " +
-                                       "SET loginToken = NULL " +
-                                       (!token ? "AND sessionToken = " + newToken + " " : "") +
-                                       "WHERE id = " + uid);
+                       "WHERE id = " + uid;
+               db.get(querySessionToken, (err,token) => {
+                       if (!!err)
+                               return cb(err);
+                       const newToken = token || TokenGen.generate(params.token.length);
+                       const queryUpdate =
+                               "UPDATE Users " +
+                               "SET loginToken = NULL " +
+                               (!token ? "AND sessionToken = " + newToken + " " : "") +
+                               "WHERE id = " + uid;
+                       db.run(queryUpdate);
                                cb(null, newToken);
                });
        });
@@ -77,11 +79,12 @@ exports.trySetSessionToken = function(uid, cb)
 exports.updateSettings = function(user, cb)
 {
        db.serialize(function() {
-               db.run(
+               const query =
                        "UPDATE Users " +
                        "SET name = " + user.name +
                        " AND email = " + user.email +
                        " AND notify = " + user.notify + " " +
-                       "WHERE id = " + user._id);
+                       "WHERE id = " + user._id;
+               db.run(query, cb);
        });
 }