1 const db
= require("../utils/database");
2 const genToken
= require("../utils/tokenGenerator");
3 const params
= require("../config/parameters");
4 const sendEmail
= require('../utils/mailer');
11 * loginToken: token on server only
12 * loginTime: datetime (validity)
13 * sessionToken: token in cookies for authentication
14 * notify: boolean (send email notifications for corr games)
21 checkNameEmail: function(o
) {
23 (!o
.name
|| !!(o
.name
.match(/^[\w-]+$/))) &&
24 (!o
.email
|| !!(o
.email
.match(/^[\w.+-]+@[\w.+-]+$/)))
28 create: function(name
, email
, notify
, cb
) {
29 db
.serialize(function() {
31 "INSERT INTO Users " +
32 "(name, email, notify, created) VALUES " +
33 "('" + name
+ "','" + email
+ "'," + notify
+ "," + Date
.now() + ")";
34 db
.run(query
, function(err
) {
35 cb(err
, { id: this.lastID
});
40 // Find one user by id, name, email, or token
41 getOne: function(by
, value
, fields
, cb
) {
42 const delimiter
= (typeof value
=== "string" ? "'" : "");
43 db
.serialize(function() {
45 "SELECT " + fields
+ " " +
47 "WHERE " + by
+ " = " + delimiter
+ value
+ delimiter
;
52 getByIds: function(ids
, cb
) {
53 db
.serialize(function() {
57 "WHERE id IN (" + ids
+ ")";
62 getBio: function(id
, cb
) {
63 db
.serialize(function() {
75 setLoginToken: function(token
, id
) {
76 db
.serialize(function() {
79 "SET loginToken = '" + token
+ "',loginTime = " + Date
.now() + " " +
85 setBio: function(id
, bio
) {
86 db
.serialize(function() {
95 // Set session token only if empty (first login)
96 // NOTE: weaker security (but avoid to re-login everywhere after each logout)
97 // TODO: option would be to reset all tokens periodically (every 3 months?)
98 trySetSessionToken: function(id
, cb
) {
99 db
.serialize(function() {
101 "SELECT sessionToken " +
104 db
.get(query
, (err
, ret
) => {
105 const token
= ret
.sessionToken
|| genToken(params
.token
.length
);
106 const setSessionToken
=
107 (!ret
.sessionToken
? (", sessionToken = '" + token
+ "'") : "");
110 // Also empty the login token to invalidate future attempts
111 "SET loginToken = NULL, loginTime = NULL " +
112 setSessionToken
+ " " +
120 updateSettings: function(user
) {
121 db
.serialize(function() {
124 "SET name = '" + user
.name
+ "'" +
125 ", email = '" + user
.email
+ "'" +
126 ", notify = " + user
.notify
+ " " +
127 "WHERE id = " + user
.id
;
135 notify: function(user
, message
) {
136 const subject
= "vchess.club - notification";
137 const body
= "Hello " + user
.name
+ " !" + `
139 sendEmail(params
.mail
.noreply
, user
.email
, subject
, body
);
142 tryNotify: function(id
, message
) {
143 UserModel
.getOne("id", id
, "name, email, notify", (err
, user
) => {
144 if (!err
&& user
.notify
) UserModel
.notify(user
, message
);
151 cleanUsersDb: function() {
152 const tsNow
= Date
.now();
153 // 86400000 = 24 hours in milliseconds
154 const day
= 86400000;
155 db
.serialize(function() {
157 "SELECT id, sessionToken, created, name, email " +
159 db
.all(query
, (err
, users
) => {
162 // Remove users unlogged for > 24h
163 if (!u
.sessionToken
&& tsNow
- u
.created
> day
)
168 "Your account has been deleted because " +
169 "you didn't log in for 24h after registration"
173 if (toRemove
.length
> 0) {
175 "DELETE FROM Users " +
176 "WHERE id IN (" + toRemove
.join(",") + ")"
185 module
.exports
= UserModel
;