freeCodeCamp/common/models/user.js

var debug = require('debug')('freecc:user:remote');
var blacklistedUsernames =
  require('../../server/utils/constants').blacklistedUsernames;

module.exports = function(User) {
  // NOTE(berks): user email validation currently not needed but build in. This
  // work around should let us sneak by
  // see:
  // https://github.com/strongloop/loopback/issues/1137#issuecomment-109200135
  delete User.validations.email;
  // set salt factor for passwords
  User.settings.saltWorkFactor = 5;

  // username should not be in blacklist
  User.validatesExclusionOf('username', {
    'in': blacklistedUsernames,
    message: 'is taken'
  });

  // username should be unique
  User.validatesUniquenessOf('username');

  debug('setting up user hooks');
  User.afterRemote('confirm', function(ctx) {
    ctx.req.flash('success', {
      msg: [
        'You\'re email has been confirmed!'
      ]
    });
    ctx.res.redirect('/email-signin');
  });

  User.afterRemote('login', function(ctx, user, next) {
    var res = ctx.res;
    var req = ctx.req;
    // var args = ctx.args;

    var accessToken = {};
    var config = {
      signed: !!req.signedCookies,
      maxAge: accessToken.ttl
    };
    if (accessToken && accessToken.id) {
      res.cookie('access_token', accessToken.id, config);
      res.cookie('userId', accessToken.userId, config);
    }
    debug('before pass login');
    return req.logIn(user, function(err) {
      if (err) {
        return next(err);
      }
      req.flash('success', { msg: 'Success! You are logged in.' });
      return res.redirect('/');
    });
  });

  User.afterRemoteError('login', function(ctx) {
    var res = ctx.res;
    var req = ctx.req;

    req.flash('errors', {
      msg: 'Invalid username or password.'
    });
    return res.redirect('/');
  });

  User.afterRemote('logout', function(ctx, result, next) {
    var res = ctx.result;
    res.clearCookie('access_token');
    res.clearCookie('userId');
    next();
  });

  User.doesExist = function doesExist(username, email, cb) {
    if (!username && !email) {
      return process.nextTick(function() {
        cb(null, false);
      });
    }
    debug('checking existence');

    // check to see if username is on blacklist
    if (username && blacklistedUsernames.indexOf(username) !== -1) {
      return cb(null, true);
    }

    var where = {};
    if (username) {
      where.username = username.toLowerCase();
    } else {
      where.email = email ? email.toLowerCase() : email;
    }
    debug('where', where);
    User.count(
      where,
      function(err, count) {
        if (err) {
          debug('err checking existance: ', err);
          return cb(err);
        }
        if (count > 0) {
          return cb(null, true);
        }
        return cb(null, false);
      }
    );
  };

  User.remoteMethod(
    'doesExist',
    {
      description: 'checks whether a user exists using email or username',
      accepts: [
        {
          arg: 'username',
          type: 'string'
        },
        {
          arg: 'email',
          type: 'string'
        }
      ],
      returns: [
        {
          arg: 'exists',
          type: 'boolean'
        }
      ],
      http: {
        path: '/exists',
        verb: 'get'
      }
    }
  );

  User.about = function about(username, cb) {
    if (!username) {
      // Zalgo!!
      return process.nextTick(() => {
        cb(
          new TypeError('FCC: username should be a string but got %s', username)
        );
      });
    }
    User.findOne({ where: { username } }, (err, user) => {
      if (err) {
        cb(err);
      }
      if (!user || user.username !== username) {
        cb(new Error('FCC: no user found for %s', username));
      }
      const aboutUser = {
        username: user.username,
        bio: user.bio,
        github: user.githubProfile
      };
      cb(null, aboutUser);
    });
  };

  User.remoteMethod(
    'about',
    {
      description: 'get public info about user',
      accepts: [
        {
          arg: 'username',
          type: 'string'
        }
      ],
      returns: [
        {
          arg: 'about',
          type: 'object'
        }
      ],
      http: {
        path: '/about',
        verb: 'get'
      }
    }
  );
};
Move api hooks to user.js 2015-06-11 23:11:07 +00:00			`var debug = require('debug')('freecc:user:remote');`
add blacklist to usernames 2015-06-11 23:46:31 +00:00			`var blacklistedUsernames =`
			`require('../../server/utils/constants').blacklistedUsernames;`
Move api hooks to user.js 2015-06-11 23:11:07 +00:00
			`module.exports = function(User) {`
			`// NOTE(berks): user email validation currently not needed but build in. This`
			`// work around should let us sneak by`
			`// see:`
			`// https://github.com/strongloop/loopback/issues/1137#issuecomment-109200135`
			`delete User.validations.email;`
set saltfactor for Passwords 2015-06-12 18:38:00 +00:00			`// set salt factor for passwords`
			`User.settings.saltWorkFactor = 5;`
add blacklisted usernames to loopback user validations 2015-06-12 20:54:38 +00:00
make username unique and make username required 2015-06-12 23:23:20 +00:00			`// username should not be in blacklist`
			`User.validatesExclusionOf('username', {`
			`'in': blacklistedUsernames,`
			`message: 'is taken'`
			`});`

			`// username should be unique`
			`User.validatesUniquenessOf('username');`
add blacklisted usernames to loopback user validations 2015-06-12 20:54:38 +00:00
Move api hooks to user.js 2015-06-11 23:11:07 +00:00			`debug('setting up user hooks');`
Merge conflicts and clean up lint errors. 2015-06-12 01:08:40 +00:00			`User.afterRemote('confirm', function(ctx) {`
Finished local user login flow 2015-06-12 01:03:01 +00:00			`ctx.req.flash('success', {`
			`msg: [`
			`'You\'re email has been confirmed!'`
			`]`
			`});`
			`ctx.res.redirect('/email-signin');`
			`});`

remove email verification step. users are marked for future uses 2015-06-15 22:43:12 +00:00			`User.afterRemote('login', function(ctx, user, next) {`
Move api hooks to user.js 2015-06-11 23:11:07 +00:00			`var res = ctx.res;`
			`var req = ctx.req;`
remove email verification step. users are marked for future uses 2015-06-15 22:43:12 +00:00			`// var args = ctx.args;`
Move api hooks to user.js 2015-06-11 23:11:07 +00:00
remove email verification step. users are marked for future uses 2015-06-15 22:43:12 +00:00			`var accessToken = {};`
			`var config = {`
			`signed: !!req.signedCookies,`
			`maxAge: accessToken.ttl`
			`};`
			`if (accessToken && accessToken.id) {`
			`res.cookie('access_token', accessToken.id, config);`
			`res.cookie('userId', accessToken.userId, config);`
			`}`
Handle invalid login 2015-06-16 04:27:32 +00:00			`debug('before pass login');`
remove email verification step. users are marked for future uses 2015-06-15 22:43:12 +00:00			`return req.logIn(user, function(err) {`
			`if (err) {`
			`return next(err);`
			`}`
			`req.flash('success', { msg: 'Success! You are logged in.' });`
			`return res.redirect('/');`
			`});`
Move api hooks to user.js 2015-06-11 23:11:07 +00:00			`});`

Handle invalid login 2015-06-16 04:29:32 +00:00			`User.afterRemoteError('login', function(ctx) {`
Handle invalid login 2015-06-16 04:27:32 +00:00			`var res = ctx.res;`
			`var req = ctx.req;`

			`req.flash('errors', {`
			`msg: 'Invalid username or password.'`
			`});`
			`return res.redirect('/');`
			`});`

Move api hooks to user.js 2015-06-11 23:11:07 +00:00			`User.afterRemote('logout', function(ctx, result, next) {`
			`var res = ctx.result;`
			`res.clearCookie('access_token');`
			`res.clearCookie('userId');`
			`next();`
			`});`

			`User.doesExist = function doesExist(username, email, cb) {`
			`if (!username && !email) {`
			`return process.nextTick(function() {`
			`cb(null, false);`
			`});`
			`}`
			`debug('checking existence');`
add blacklist to usernames 2015-06-11 23:46:31 +00:00
			`// check to see if username is on blacklist`
			`if (username && blacklistedUsernames.indexOf(username) !== -1) {`
			`return cb(null, true);`
			`}`

Move api hooks to user.js 2015-06-11 23:11:07 +00:00			`var where = {};`
			`if (username) {`
			`where.username = username.toLowerCase();`
			`} else {`
			`where.email = email ? email.toLowerCase() : email;`
			`}`
			`debug('where', where);`
			`User.count(`
			`where,`
adds user/about 2015-07-29 18:32:16 +00:00			`function(err, count) {`
Move api hooks to user.js 2015-06-11 23:11:07 +00:00			`if (err) {`
			`debug('err checking existance: ', err);`
			`return cb(err);`
			`}`
			`if (count > 0) {`
			`return cb(null, true);`
			`}`
			`return cb(null, false);`
			`}`
			`);`
			`};`

			`User.remoteMethod(`
			`'doesExist',`
			`{`
			`description: 'checks whether a user exists using email or username',`
			`accepts: [`
			`{`
			`arg: 'username',`
			`type: 'string'`
			`},`
			`{`
			`arg: 'email',`
			`type: 'string'`
			`}`
			`],`
			`returns: [`
			`{`
			`arg: 'exists',`
			`type: 'boolean'`
			`}`
			`],`
			`http: {`
			`path: '/exists',`
			`verb: 'get'`
			`}`
			`}`
			`);`
adds user/about 2015-07-29 18:32:16 +00:00
			`User.about = function about(username, cb) {`
			`if (!username) {`
			`// Zalgo!!`
			`return process.nextTick(() => {`
			`cb(`
			`new TypeError('FCC: username should be a string but got %s', username)`
			`);`
			`});`
			`}`
			`User.findOne({ where: { username } }, (err, user) => {`
			`if (err) {`
			`cb(err);`
			`}`
			`if (!user \|\| user.username !== username) {`
			`cb(new Error('FCC: no user found for %s', username));`
			`}`
			`const aboutUser = {`
			`username: user.username,`
			`bio: user.bio,`
			`github: user.githubProfile`
			`};`
			`cb(null, aboutUser);`
			`});`
			`};`

			`User.remoteMethod(`
			`'about',`
			`{`
			`description: 'get public info about user',`
			`accepts: [`
			`{`
			`arg: 'username',`
			`type: 'string'`
			`}`
			`],`
			`returns: [`
			`{`
			`arg: 'about',`
			`type: 'object'`
			`}`
			`],`
			`http: {`
			`path: '/about',`
			`verb: 'get'`
			`}`
			`}`
			`);`
Move api hooks to user.js 2015-06-11 23:11:07 +00:00			`};`