fyindr
/
siimee
Obserwuj 4
Gwiazdka 3
Forkuj 1
Kod Pull Requests 1 Wydania 4 Wiki Aktywność
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
445 Commity
17 Gałęzie
Drzewo: c6b060a8ad
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z 'c6b060a8ad'
${ noResults }
siimee/backend/lib/services/user.js

user.js 5.4KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198 
  1. 'use strict'

  2. require('dotenv').config()

  3. const Util = require('util')

  4. const JWT = require('jsonwebtoken')

  5. const Schmervice = require('@hapipal/schmervice')

  6. const SecurePassword = require('secure-password')

  7. 

  8. /** Class for methods used in the User plugin */

  9. module.exports = class UserService extends Schmervice.Service {

  10.     /**

  11.      * Unsure of what our constructor does

  12.      * @param  {...any} args

  13.      */

  14.     constructor(...args) {

  15.         super(...args)

  16.         const pwd = new SecurePassword()

  17.         this.pwd = {

  18.             hash: Util.promisify(pwd.hash.bind(pwd)),

  19.             verify: Util.promisify(pwd.verify.bind(pwd)),

  20.         }

  21.     }

  22. 

  23.     /**

  24.      * Use knex to find users with email column

  25.      * @param {string} email

  26.      * @param {*} txn

  27.      * @returns

  28.      */

  29.     async findByEmail(email) {

  30.         const { User } = this.server.models()

  31. 

  32.         return await User.query()

  33.             .throwIfNotFound()

  34.             .first()

  35.             .where({ user_email: email })

  36.     }

  37. 

  38.     /**

  39.      * Use knex to find users with id column

  40.      * @param {number} id

  41.      * @param {*} txn

  42.      * @returns

  43.      */

  44.     async findById(id, txn) {

  45.         const { User } = this.server.models()

  46. 

  47.         return await User.query(txn)

  48.             .throwIfNotFound()

  49.             .first()

  50.             .where({ user_id: id })

  51.     }

  52. 

  53.     /**

  54.      * Use knew to find first user with username

  55.      * @param {*} username

  56.      * @param {*} txn

  57.      * @returns

  58.      */

  59.     async findByUsername(username, txn) {

  60.         const { User } = this.server.models()

  61. 

  62.         return await User.query(txn)

  63.             .throwIfNotFound()

  64.             .first()

  65.             .where({ user_name: username })

  66.     }

  67. 

  68.     /**

  69.      * Signup function

  70.      * @param {*} param0

  71.      * @param {*} txn

  72.      * @returns

  73.      */

  74.     async signup({ password, userInfo, created_at }, txn) {

  75.         const { User, Auth } = this.server.models()

  76.         const matchingEmails = await User.query().where(

  77.             'user_email',

  78.             userInfo.user_email,

  79.         )

  80.         if (matchingEmails.length > 0) {

  81.             throw `User ${userInfo.user_email} already exists: Cannot create a user without a unique email`

  82.         }

  83.         // Insert User Info to User table

  84.         const insertUser = await User.query().insert(userInfo)

  85.         // insert a row with blank password to be updated by changePassword()

  86.         await Auth.query().insert({

  87.             user_email: insertUser.user_email,

  88.             created_at: created_at,

  89.             token: null,

  90.         })

  91.         // update null token with hashed password

  92.         await this.changePassword(insertUser.user_email, password, txn)

  93.         return {

  94.             user_id: insertUser.id,

  95.             user_name: insertUser.user_name,

  96.             user_email: insertUser.user_email,

  97.             is_poster: insertUser.is_poster,

  98.             is_admin: insertUser.is_admin,

  99.             is_verified: insertUser.is_verified,

  100.         }

  101.     }

  102. 

  103.     /**

  104.      * Updates user's info

  105.      * @param {number} id

  106.      * @param {*} param1

  107.      * @param {*} txn

  108.      * @returns

  109.      */

  110.     async update(id, { password, ...userInfo }, txn) {

  111.         const { User } = this.server.models()

  112. 

  113.         if (Object.keys(userInfo).length > 0) {

  114.             await User.query(txn)

  115.                 .throwIfNotFound()

  116.                 .where({ id })

  117.                 .patch(userInfo)

  118.         }

  119. 

  120.         if (password) {

  121.             await this.changePassword(id, password, txn)

  122.         }

  123. 

  124.         return id

  125.     }

  126. 

  127.     /**

  128.      * Self explanatory

  129.      * @param {*} param0

  130.      * @param {*} txn

  131.      * @returns

  132.      */

  133.     async login({ email, password }, txn) {

  134.         const { User, Auth } = this.server.models()

  135.         const user = await Auth.query(txn)

  136.             .throwIfNotFound()

  137.             .first()

  138.             .where({ user_email: email })

  139. 

  140.         const bufferPepper = Buffer.from(process.env.PEPPER + password)

  141. 

  142.         /** Uncomment to run password check using SecurePassword */

  143.         const passwordCheck = await this.pwd.verify(bufferPepper, user.token)

  144.         if (passwordCheck === SecurePassword.VALID_NEEDS_REHASH) {

  145.             await this.changePassword(user.user_email, password, txn)

  146.         } else if (passwordCheck !== SecurePassword.VALID) {

  147.             throw User.createNotFoundError()

  148.         }

  149. 

  150.         return user

  151.     }

  152. 

  153.     /**

  154.      * Create a token to be sent in request headers

  155.      * @param {User} user

  156.      * @returns {Token}

  157.      */

  158.     createToken(user) {

  159.         const key = this.server.registrations['main-app-plugin'].options.jwtKey

  160.         const obj = {}

  161.         Object.assign(obj, { ...user })

  162.         return JWT.sign(obj, key)

  163.     }

  164. 

  165.     /**

  166.      * Use knex to try to change password entry

  167.      * @param {number} id

  168.      * @param {string} password

  169.      * @param {*} txn

  170.      * @returns {number}

  171.      */

  172.     async changePassword(email, password, txn) {

  173.         const { Auth } = this.server.models()

  174. 

  175.         const hashed = await this.pwd.hash(

  176.             Buffer.from(process.env.PEPPER + password),

  177.         )

  178. 

  179.         await Auth.query(txn)

  180.             .throwIfNotFound()

  181.             .where({ user_email: email })

  182.             .patch({

  183.                 // user_email: email,

  184.                 token: hashed,

  185.             })

  186.         return email

  187.     }

  188. 

  189.     async getPassword(email, txn) {

  190.         const { Auth } = this.server.models()

  191. 

  192.         const passwordRow = await Auth.query(txn)

  193.             .where('user_email', email)

  194.             .first()

  195. 

  196.         return passwordRow ? passwordRow.token : null

  197.     }

  198. }