1 const db
= require("../utils/database");
2 const genToken
= require("../utils/tokenGenerator");
3 const params
= require("../config/parameters");
4 const sendEmail
= require('../utils/mailer');
11 * loginToken: token on server only
12 * loginTime: datetime (validity)
13 * sessionToken: token in cookies for authentication
14 * notify: boolean (send email notifications for corr games)
20 checkNameEmail: function(o
)
23 (!o
.name
|| !!(o
.name
.match(/^[\w-]+$/))) &&
24 (!o
.email
|| !!(o
.email
.match(/^[\w.+-]+@[\w.+-]+$/)))
28 create: function(name
, email
, notify
, cb
)
30 db
.serialize(function() {
32 "INSERT INTO Users " +
33 "(name, email, notify, created) VALUES " +
34 "('" + name
+ "','" + email
+ "'," + notify
+ "," + Date
.now() + ")";
35 db
.run(query
, function(err
) {
36 cb(err
, {uid: this.lastID
});
41 // Find one user by id, name, email, or token
42 getOne: function(by
, value
, cb
)
44 const delimiter
= (typeof value
=== "string" ? "'" : "");
45 db
.serialize(function() {
49 "WHERE " + by
+ " = " + delimiter
+ value
+ delimiter
;
54 getByIds: function(ids
, cb
) {
55 db
.serialize(function() {
59 "WHERE id IN (" + ids
+ ")";
67 setLoginToken: function(token
, uid
)
69 db
.serialize(function() {
72 "SET loginToken = '" + token
+ "',loginTime = " + Date
.now() + " " +
78 setNewsRead: function(uid
)
80 db
.serialize(function() {
83 "SET newsRead = " + Date
.now() + " " +
89 // Set session token only if empty (first login)
90 // NOTE: weaker security (but avoid to re-login everywhere after each logout)
91 // TODO: option would be to reset all tokens periodically, e.g. every 3 months
92 trySetSessionToken: function(uid
, cb
)
94 db
.serialize(function() {
96 "SELECT sessionToken " +
99 db
.get(query
, (err
,ret
) => {
100 const token
= ret
.sessionToken
|| genToken(params
.token
.length
);
103 // Also empty the login token to invalidate future attempts
104 "SET loginToken = NULL" +
105 (!ret
.sessionToken
? (", sessionToken = '" + token
+ "'") : "") + " " +
113 updateSettings: function(user
)
115 db
.serialize(function() {
118 "SET name = '" + user
.name
+ "'" +
119 ", email = '" + user
.email
+ "'" +
120 ", notify = " + user
.notify
+ " " +
121 "WHERE id = " + user
.id
;
129 notify: function(user
, message
)
131 const subject
= "vchess.club - notification";
132 const body
= "Hello " + user
.name
+ " !" + `
134 sendEmail(params
.mail
.noreply
, user
.email
, subject
, body
);
137 tryNotify: function(id
, message
)
139 UserModel
.getOne("id", id
, (err
,user
) => {
140 if (!err
&& user
.notify
)
141 UserModel
.notify(user
, message
);
148 cleanUsersDb: function()
150 const tsNow
= Date
.now();
151 // 86400000 = 24 hours in milliseconds
152 const day
= 86400000;
153 db
.serialize(function() {
155 "SELECT id, sessionToken, created, name, email " +
157 db
.all(query
, (err
, users
) => {
159 // Remove unlogged users for > 24h
160 if (!u
.sessionToken
&& tsNow
- u
.created
> day
)
164 "Your account has been deleted because " +
165 "you didn't log in for 24h after registration"
167 db
.run("DELETE FROM Users WHERE id = " + u
.id
);
175 module
.exports
= UserModel
;