2016-05-13 20:04:16 +00:00
|
|
|
import mongoose from 'mongoose';
|
2017-02-22 19:29:35 +00:00
|
|
|
|
2016-06-09 20:28:21 +00:00
|
|
|
const bcrypt = require('bcrypt-nodejs');
|
2016-05-13 20:04:16 +00:00
|
|
|
|
2017-06-26 16:48:28 +00:00
|
|
|
const EmailConfirmationStates = {
|
|
|
|
Verified: 'verified',
|
|
|
|
Sent: 'sent',
|
|
|
|
Resent: 'resent',
|
|
|
|
};
|
|
|
|
|
2018-05-05 00:59:43 +00:00
|
|
|
const { Schema } = mongoose;
|
2017-02-22 19:29:35 +00:00
|
|
|
|
2018-10-14 19:08:36 +00:00
|
|
|
const apiKeySchema = new Schema({
|
|
|
|
label: { type: String, default: 'API Key' },
|
2019-05-15 10:28:18 +00:00
|
|
|
lastUsedAt: { type: Date },
|
2018-10-14 19:08:36 +00:00
|
|
|
hashedKey: { type: String, required: true },
|
|
|
|
}, { timestamps: true, _id: true });
|
|
|
|
|
2019-05-15 11:07:20 +00:00
|
|
|
apiKeySchema.virtual('id').get(function getApiKeyId() {
|
|
|
|
return this._id.toHexString();
|
|
|
|
});
|
|
|
|
|
|
|
|
/**
|
|
|
|
* When serialising an APIKey instance, the `hashedKey` field
|
|
|
|
* should never be exposed to the client. So we only return
|
|
|
|
* a safe list of fields when toObject and toJSON are called.
|
|
|
|
*/
|
|
|
|
function apiKeyMetadata(doc, ret, options) {
|
2019-05-14 17:50:33 +00:00
|
|
|
return {
|
2019-05-15 11:07:20 +00:00
|
|
|
id: doc.id, label: doc.label, lastUsedAt: doc.lastUsedAt, createdAt: doc.createdAt
|
2019-05-14 17:50:33 +00:00
|
|
|
};
|
2019-05-15 11:07:20 +00:00
|
|
|
}
|
2019-05-14 10:26:25 +00:00
|
|
|
|
2019-05-15 11:07:20 +00:00
|
|
|
apiKeySchema.set('toObject', {
|
|
|
|
transform: apiKeyMetadata
|
2018-10-14 19:08:36 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
apiKeySchema.set('toJSON', {
|
2019-05-15 11:07:20 +00:00
|
|
|
virtuals: true,
|
|
|
|
transform: apiKeyMetadata
|
2018-10-14 19:08:36 +00:00
|
|
|
});
|
|
|
|
|
2016-05-13 20:04:16 +00:00
|
|
|
const userSchema = new Schema({
|
2016-06-23 22:29:55 +00:00
|
|
|
name: { type: String, default: '' },
|
2016-06-27 17:09:18 +00:00
|
|
|
username: { type: String, required: true, unique: true },
|
2016-06-23 22:29:55 +00:00
|
|
|
password: { type: String },
|
2016-10-12 16:02:46 +00:00
|
|
|
resetPasswordToken: String,
|
|
|
|
resetPasswordExpires: Date,
|
2017-06-26 16:48:28 +00:00
|
|
|
verified: { type: String },
|
|
|
|
verifiedToken: String,
|
|
|
|
verifiedTokenExpires: Date,
|
2016-06-23 22:29:55 +00:00
|
|
|
github: { type: String },
|
|
|
|
email: { type: String, unique: true },
|
|
|
|
tokens: Array,
|
2018-10-14 19:08:36 +00:00
|
|
|
apiKeys: { type: [apiKeySchema] },
|
2016-08-04 03:45:49 +00:00
|
|
|
preferences: {
|
2016-08-09 22:45:59 +00:00
|
|
|
fontSize: { type: Number, default: 18 },
|
2019-08-30 16:36:34 +00:00
|
|
|
lineNumbers: { type: Boolean, default: true },
|
2016-08-04 03:45:49 +00:00
|
|
|
indentationAmount: { type: Number, default: 2 },
|
|
|
|
isTabIndent: { type: Boolean, default: false },
|
2016-08-12 19:50:33 +00:00
|
|
|
autosave: { type: Boolean, default: true },
|
2019-03-26 19:37:44 +00:00
|
|
|
linewrap: { type: Boolean, default: true },
|
2016-08-12 19:50:33 +00:00
|
|
|
lintWarning: { type: Boolean, default: false },
|
2017-05-31 19:23:30 +00:00
|
|
|
textOutput: { type: Boolean, default: false },
|
|
|
|
gridOutput: { type: Boolean, default: false },
|
|
|
|
soundOutput: { type: Boolean, default: false },
|
2016-09-28 18:12:01 +00:00
|
|
|
theme: { type: String, default: 'light' },
|
2016-10-04 19:35:23 +00:00
|
|
|
autorefresh: { type: Boolean, default: false }
|
2016-08-04 03:45:49 +00:00
|
|
|
}
|
2019-05-02 23:10:14 +00:00
|
|
|
}, { timestamps: true, usePushEach: true });
|
2016-05-17 19:50:37 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Password hash middleware.
|
|
|
|
*/
|
2016-06-27 17:09:18 +00:00
|
|
|
userSchema.pre('save', function checkPassword(next) { // eslint-disable-line consistent-return
|
2016-05-17 19:50:37 +00:00
|
|
|
const user = this;
|
|
|
|
if (!user.isModified('password')) { return next(); }
|
2016-06-27 17:09:18 +00:00
|
|
|
bcrypt.genSalt(10, (err, salt) => { // eslint-disable-line consistent-return
|
2016-05-17 19:50:37 +00:00
|
|
|
if (err) { return next(err); }
|
2016-06-27 17:09:18 +00:00
|
|
|
bcrypt.hash(user.password, salt, null, (innerErr, hash) => {
|
|
|
|
if (innerErr) { return next(innerErr); }
|
2016-05-17 19:50:37 +00:00
|
|
|
user.password = hash;
|
2016-06-27 17:09:18 +00:00
|
|
|
return next();
|
2016-05-17 19:50:37 +00:00
|
|
|
});
|
|
|
|
});
|
2016-05-13 20:04:16 +00:00
|
|
|
});
|
|
|
|
|
2018-11-06 12:36:19 +00:00
|
|
|
/**
|
|
|
|
* API keys hash middleware
|
|
|
|
*/
|
2018-11-06 16:28:17 +00:00
|
|
|
userSchema.pre('save', function checkApiKey(next) { // eslint-disable-line consistent-return
|
2018-11-06 12:36:19 +00:00
|
|
|
const user = this;
|
|
|
|
if (!user.isModified('apiKeys')) { return next(); }
|
|
|
|
let hasNew = false;
|
|
|
|
user.apiKeys.forEach((k) => {
|
|
|
|
if (k.isNew) {
|
|
|
|
hasNew = true;
|
2018-11-06 16:28:17 +00:00
|
|
|
bcrypt.genSalt(10, (err, salt) => { // eslint-disable-line consistent-return
|
2018-11-06 12:36:19 +00:00
|
|
|
if (err) { return next(err); }
|
|
|
|
bcrypt.hash(k.hashedKey, salt, null, (innerErr, hash) => {
|
|
|
|
if (innerErr) { return next(innerErr); }
|
|
|
|
k.hashedKey = hash;
|
|
|
|
return next();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
if (!hasNew) return next();
|
|
|
|
});
|
|
|
|
|
2017-02-22 19:29:35 +00:00
|
|
|
userSchema.virtual('id').get(function idToString() {
|
2016-11-17 16:15:35 +00:00
|
|
|
return this._id.toHexString();
|
2016-08-09 22:45:59 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
userSchema.set('toJSON', {
|
2016-11-17 16:15:35 +00:00
|
|
|
virtuals: true
|
2016-08-09 22:45:59 +00:00
|
|
|
});
|
|
|
|
|
2016-05-17 19:50:37 +00:00
|
|
|
/**
|
|
|
|
* Helper method for validating user's password.
|
|
|
|
*/
|
2016-06-27 17:09:18 +00:00
|
|
|
userSchema.methods.comparePassword = function comparePassword(candidatePassword, cb) {
|
2016-06-24 22:18:22 +00:00
|
|
|
// userSchema.methods.comparePassword = (candidatePassword, cb) => {
|
2016-05-17 19:50:37 +00:00
|
|
|
bcrypt.compare(candidatePassword, this.password, (err, isMatch) => {
|
|
|
|
cb(err, isMatch);
|
|
|
|
});
|
|
|
|
};
|
|
|
|
|
2018-11-06 16:28:17 +00:00
|
|
|
/**
|
|
|
|
* Helper method for validating a user's api key
|
|
|
|
*/
|
|
|
|
userSchema.methods.findMatchingKey = function findMatchingKey(candidateKey, cb) {
|
|
|
|
let foundOne = false;
|
|
|
|
this.apiKeys.forEach((k) => {
|
|
|
|
if (bcrypt.compareSync(candidateKey, k.hashedKey)) {
|
|
|
|
foundOne = true;
|
2019-05-15 12:07:46 +00:00
|
|
|
cb(null, true, k);
|
2018-11-06 16:28:17 +00:00
|
|
|
}
|
|
|
|
});
|
|
|
|
if (!foundOne) cb('Matching API key not found !', false, null);
|
|
|
|
};
|
|
|
|
|
2017-01-06 23:14:42 +00:00
|
|
|
userSchema.statics.findByMailOrName = function findByMailOrName(email) {
|
|
|
|
const query = {
|
|
|
|
$or: [{
|
|
|
|
email,
|
|
|
|
}, {
|
|
|
|
username: email,
|
|
|
|
}],
|
|
|
|
};
|
|
|
|
return this.findOne(query).exec();
|
|
|
|
};
|
|
|
|
|
2017-06-26 16:48:28 +00:00
|
|
|
userSchema.statics.EmailConfirmation = EmailConfirmationStates;
|
|
|
|
|
2016-06-24 22:18:22 +00:00
|
|
|
export default mongoose.model('User', userSchema);
|