const genToken = require("../utils/tokenGenerator");
const params = require("../config/parameters");
const sendEmail = require('../utils/mailer');
+const { exec } = require("child_process");
/*
* Structure:
- * _id: integer
+ * id: integer
* name: varchar
* email: varchar
* loginToken: token on server only
* sessionToken: token in cookies for authentication
* notify: boolean (send email notifications for corr games)
* created: datetime
- * newsRead: datetime
+ * bio: text
*/
const UserModel = {
+
checkNameEmail: function(o) {
return (
(!o.name || !!(o.name.match(/^[\w-]+$/))) &&
},
// Find one user by id, name, email, or token
- getOne: function(by, value, cb) {
+ getOne: function(by, value, fields, cb) {
const delimiter = (typeof value === "string" ? "'" : "");
db.serialize(function() {
const query =
- "SELECT * " +
+ "SELECT " + fields + " " +
"FROM Users " +
"WHERE " + by + " = " + delimiter + value + delimiter;
db.get(query, cb);
});
},
+ getBio: function(id, cb) {
+ db.serialize(function() {
+ const query =
+ "SELECT bio " +
+ "FROM Users " +
+ "WHERE id = " + id;
+ db.get(query, cb);
+ });
+ },
+
/////////
// MODIFY
});
},
- setNewsRead: function(id) {
+ setBio: function(id, bio) {
db.serialize(function() {
const query =
"UPDATE Users " +
- "SET newsRead = " + Date.now() + " " +
+ "SET bio = ? " +
"WHERE id = " + id;
- db.run(query);
+ db.run(query, bio);
});
},
// Set session token only if empty (first login)
// NOTE: weaker security (but avoid to re-login everywhere after each logout)
- // TODO: option would be to reset all tokens periodically, e.g. every 3 months
+ // TODO: option would be to reset all tokens periodically (every 3 months?)
trySetSessionToken: function(id, cb) {
db.serialize(function() {
let query =
"SELECT sessionToken " +
"FROM Users " +
"WHERE id = " + id;
- db.get(query, (err,ret) => {
+ db.get(query, (err, ret) => {
const token = ret.sessionToken || genToken(params.token.length);
+ const setSessionToken =
+ (!ret.sessionToken ? (", sessionToken = '" + token + "'") : "");
query =
"UPDATE Users " +
// Also empty the login token to invalidate future attempts
- "SET loginToken = NULL" +
- (!ret.sessionToken ? (", sessionToken = '" + token + "'") : "") + " " +
+ "SET loginToken = NULL, loginTime = NULL " +
+ setSessionToken + " " +
"WHERE id = " + id;
db.run(query);
cb(token);
},
tryNotify: function(id, message) {
- UserModel.getOne("id", id, (err,user) => {
+ UserModel.getOne("id", id, "name, email, notify", (err, user) => {
if (!err && user.notify) UserModel.notify(user, message);
});
},
// Remove users unlogged for > 24h
if (!u.sessionToken && tsNow - u.created > day)
{
- notify(
+ toRemove.push(u.id);
+ UserModel.notify(
u,
"Your account has been deleted because " +
"you didn't log in for 24h after registration"
}
});
if (toRemove.length > 0) {
+ const remArg = toRemove.join(",");
db.run(
"DELETE FROM Users " +
- "WHERE id IN (" + toRemove.join(",") + ")"
+ "WHERE id IN (" + remArg + ")"
);
}
});
});
- },
-}
+ }
+
+};
module.exports = UserModel;
projects / vchess.git / blobdiff