Commit | Line | Data |
---|---|---|
8d7e2786 BA |
1 | var db = require("../utils/database"); |
2 | var maild = require("../utils/mailer.js"); | |
0bd5933d | 3 | var TokenGen = require("../utils/tokenGenerator"); |
8d7e2786 BA |
4 | |
5 | /* | |
6 | * Structure: | |
7 | * _id: integer | |
8 | * name: varchar | |
9 | * email: varchar | |
10 | * loginToken: token on server only | |
11 | * loginTime: datetime (validity) | |
12 | * sessionToken: token in cookies for authentication | |
13 | * notify: boolean (send email notifications for corr games) | |
14 | */ | |
15 | ||
16 | // User creation | |
17 | exports.create = function(name, email, notify, callback) | |
18 | { | |
8d7e2786 | 19 | db.serialize(function() { |
8a477a7e | 20 | const query = |
8d7e2786 BA |
21 | "INSERT INTO Users " + |
22 | "(name, email, notify) VALUES " + | |
8a477a7e BA |
23 | "('" + name + "', '" + email + "', " + notify + ")"; |
24 | db.run(query, callback); //TODO: need to get the inserted user (how ?) | |
8d7e2786 BA |
25 | }); |
26 | } | |
27 | ||
28 | // Find one user (by id, name, email, or token) | |
29 | exports.getOne = function(by, value, cb) | |
30 | { | |
31 | const delimiter = (typeof value === "string" ? "'" : ""); | |
32 | db.serialize(function() { | |
8a477a7e | 33 | const query = |
8d7e2786 | 34 | "SELECT * FROM Users " + |
8a477a7e BA |
35 | "WHERE " + by + " = " + delimiter + value + delimiter; |
36 | db.get(query, cb); | |
8d7e2786 BA |
37 | }); |
38 | } | |
39 | ||
40 | ///////// | |
41 | // MODIFY | |
42 | ||
43 | exports.setLoginToken = function(token, uid, cb) | |
44 | { | |
45 | db.serialize(function() { | |
8a477a7e | 46 | const query = |
8d7e2786 BA |
47 | "UPDATE Users " + |
48 | "SET loginToken = " + token + " AND loginTime = " + Date.now() + " " + | |
8a477a7e BA |
49 | "WHERE id = " + uid; |
50 | db.run(query, cb); | |
8d7e2786 BA |
51 | }); |
52 | } | |
53 | ||
0bd5933d BA |
54 | // Set session token only if empty (first login) |
55 | // TODO: weaker security (but avoid to re-login everywhere after each logout) | |
56 | exports.trySetSessionToken = function(uid, cb) | |
8d7e2786 BA |
57 | { |
58 | // Also empty the login token to invalidate future attempts | |
59 | db.serialize(function() { | |
8a477a7e | 60 | const querySessionTOken = |
0bd5933d BA |
61 | "SELECT sessionToken " + |
62 | "FROM Users " + | |
8a477a7e BA |
63 | "WHERE id = " + uid; |
64 | db.get(querySessionToken, (err,token) => { | |
65 | if (!!err) | |
66 | return cb(err); | |
67 | const newToken = token || TokenGen.generate(params.token.length); | |
68 | const queryUpdate = | |
69 | "UPDATE Users " + | |
70 | "SET loginToken = NULL " + | |
71 | (!token ? "AND sessionToken = " + newToken + " " : "") + | |
72 | "WHERE id = " + uid; | |
73 | db.run(queryUpdate); | |
0bd5933d BA |
74 | cb(null, newToken); |
75 | }); | |
8d7e2786 BA |
76 | }); |
77 | } | |
78 | ||
0bd5933d | 79 | exports.updateSettings = function(user, cb) |
8d7e2786 BA |
80 | { |
81 | db.serialize(function() { | |
8a477a7e | 82 | const query = |
8d7e2786 | 83 | "UPDATE Users " + |
0bd5933d BA |
84 | "SET name = " + user.name + |
85 | " AND email = " + user.email + | |
86 | " AND notify = " + user.notify + " " + | |
8a477a7e BA |
87 | "WHERE id = " + user._id; |
88 | db.run(query, cb); | |
8d7e2786 BA |
89 | }); |
90 | } |