SolidScribe/server/models/User.js

var crypto = require('crypto')

let db = require('@config/database')
let Auth = require('@helpers/Auth')

let User = module.exports = {}

//Login a user, if that user does not exist create them
//Issues login token
User.login = (username, password) => {
	return new Promise((resolve, reject) => {

		const lowerName = username.toLowerCase();

		db.promise()
		.query('SELECT * FROM user WHERE username = ? LIMIT 1', [lowerName])
		.then((rows, fields) => {

			//Pull out user data from database results
			const lookedUpUser = rows[0][0];

			//User not found, create a new account with set data
			if(rows[0].length == 0){
				User.create(lowerName, password)
				.then(loginToken => {
					resolve(loginToken)
				})
				return
			}

			//hash the password and check for a match
			const salt = new Buffer(lookedUpUser.salt, 'binary')
			crypto.pbkdf2(password, salt, lookedUpUser.iterations, 512, 'sha512', function(err, delivered_key){
				if(delivered_key.toString('hex') === lookedUpUser.password){

					//Passback a json web token
					const token = Auth.createToken(lookedUpUser.id)
					resolve(token)

				} else {

					reject('Password does not match database')
				}
			})
		})
		.catch(console.log)

	})
}

//Create user account
//Issues login token
User.create = (username, password) => {

	//For some reason, username won't get into the promise. But password will @TODO figure this out
	const lowerName = username.toLowerCase().trim()

	return new Promise((resolve, reject) => {

		db.promise()
		.query('SELECT * FROM user WHERE username = ? LIMIT 1', [lowerName])
		.then((rows, fields) => {

			if(rows[0].length === 0){ //No users returned, create new one. Start with hashing password

				//Params for hash function
				let shasum = crypto.createHash('sha512') //Prepare Hash
				const ran = parseInt(Date.now()) //Get current time in miliseconds
				const semiRandomInt = Math.floor(Math.random()*11) //Grab a random number
				const otherRandomInt = (ran*semiRandomInt+ran)*semiRandomInt-ran //Mix things up a bit
				shasum.update(''+otherRandomInt) //Update Hasd

				const saltString = shasum.digest('hex')
				const salt = new Buffer(saltString, 'binary') //Generate Salt hash
				const iterations = 25000

				crypto.pbkdf2(password, salt, iterations, 512, 'sha512', function(err, delivered_key) {

					//Create new user object with freshly salted password
					var currentDate = new Date().toISOString().slice(0, 19).replace('T', ' ');
					var new_user = {
						username: lowerName,
						password: delivered_key.toString('hex'),
						salt: salt,
						iterations: iterations,
						last_login: currentDate,
						created: currentDate
					};

					db.promise()
					.query('INSERT INTO user SET ?', new_user)
					.then((rows, fields) => {

						if(rows[0].affectedRows == 1){

							const newUserId = rows[0].insertId
							const loginToken = Auth.createToken(newUserId)
							resolve(loginToken)

						} else {
							//Emit Error to user
							reject('New user could not be created')
						}
					})
					.catch(console.log)
				})
			} else {
				reject('Username already in use.')
			}//END user create
		})
		.catch(console.log)

		
	})
}

//Counts notes, pinned notes, archived notes, shared notes, unread notes, total files and types
User.getCounts = (userId) => {
	return new Promise((resolve, reject) => {

		let countTotals = {}

		db.promise().query(
			`SELECT
				SUM(pinned = 1 && archived = 0 && share_user_id IS NULL) AS pinnedNotes,
				SUM(archived = 1 && share_user_id IS NULL) AS archivedNotes,
				SUM(encrypted = 1) AS encryptedNotes,
				SUM(share_user_id IS NULL) AS totalNotes,
				SUM(share_user_id != ?) AS sharedToNotes,
				SUM( (share_user_id != ? && opened IS null) || (share_user_id != ? && note_raw_text.updated > opened) ) AS unreadNotes
			FROM note 
			LEFT JOIN note_raw_text ON (note_raw_text.id = note.note_raw_text_id)
			WHERE user_id = ?`, [userId, userId, userId, userId])
		.then( (rows, fields) => {

			Object.assign(countTotals, rows[0][0]) //combine results

			return db.promise().query(
				`SELECT count(id) AS sharedFromNotes 
				FROM note WHERE share_user_id = ?`, [userId]
			)
		})
		.then( (rows, fields) => {

			Object.assign(countTotals, rows[0][0]) //combine results

			return db.promise().query(
				`SELECT
					SUM(attachment_type = 1) as linkFiles,
					SUM(attachment_type != 1) as otherFiles,
					COUNT(id) as totalFiles
				FROM attachment WHERE visible = 1
				AND user_id = ?
				`, [userId]
			)
		}).then( (rows, fields) => {

			Object.assign(countTotals, rows[0][0]) //combine results

			//Convert everything to an int or 0
			Object.keys(countTotals).forEach( key => {
				const count = parseInt(countTotals[key])
				countTotals[key] = count ? count : 0
			})

			resolve(countTotals)
		})

	})
}
Started to build out the app. Its got a basic set of features and it should really be in VC 2019-07-19 13:51:57 -07:00			`var crypto = require('crypto')`

			`let db = require('@config/database')`
			`let Auth = require('@helpers/Auth')`

			`let User = module.exports = {}`

			`//Login a user, if that user does not exist create them`
			`//Issues login token`
			`User.login = (username, password) => {`
			`return new Promise((resolve, reject) => {`

			`const lowerName = username.toLowerCase();`

			`db.promise()`
Big Refactor of all SQL calls to comply with database changes Added tag suggestions when entering tag field Cleaned up animations to make them REAL smooth 2019-07-30 13:27:26 -07:00			`.query('SELECT * FROM user WHERE username = ? LIMIT 1', [lowerName])`
Started to build out the app. Its got a basic set of features and it should really be in VC 2019-07-19 13:51:57 -07:00			`.then((rows, fields) => {`

			`//Pull out user data from database results`
			`const lookedUpUser = rows[0][0];`

			`//User not found, create a new account with set data`
			`if(rows[0].length == 0){`
			`User.create(lowerName, password)`
Searching, url indexing * Added a help page * Cleaned up home and login pages * Menu is hidden when on notes section of app * Added username to login data * Notes now change to the color selected for the note * Note save function has a 500ms debounce to prevent spamming * Solr results now displays content from notes, tags and attachments * All note data is now indexed in solr * Notes containing URLs are now scraped and put into tag solr index * Attachments that are removed from note are deleted when url is removed * Minor little tweaks and fixes all over the place 2019-07-24 11:06:50 -07:00			`.then(loginToken => {`
			`resolve(loginToken)`
Started to build out the app. Its got a basic set of features and it should really be in VC 2019-07-19 13:51:57 -07:00			`})`
			`return`
			`}`

			`//hash the password and check for a match`
			`const salt = new Buffer(lookedUpUser.salt, 'binary')`
			`crypto.pbkdf2(password, salt, lookedUpUser.iterations, 512, 'sha512', function(err, delivered_key){`
			`if(delivered_key.toString('hex') === lookedUpUser.password){`

			`//Passback a json web token`
			`const token = Auth.createToken(lookedUpUser.id)`
			`resolve(token)`

			`} else {`

			`reject('Password does not match database')`
			`}`
			`})`
			`})`
			`.catch(console.log)`

			`})`
			`}`

			`//Create user account`
			`//Issues login token`
			`User.create = (username, password) => {`

			`//For some reason, username won't get into the promise. But password will @TODO figure this out`
			`const lowerName = username.toLowerCase().trim()`

			`return new Promise((resolve, reject) => {`

			`db.promise()`
Big Refactor of all SQL calls to comply with database changes Added tag suggestions when entering tag field Cleaned up animations to make them REAL smooth 2019-07-30 13:27:26 -07:00			`.query('SELECT * FROM user WHERE username = ? LIMIT 1', [lowerName])`
Started to build out the app. Its got a basic set of features and it should really be in VC 2019-07-19 13:51:57 -07:00			`.then((rows, fields) => {`

			`if(rows[0].length === 0){ //No users returned, create new one. Start with hashing password`

			`//Params for hash function`
			`let shasum = crypto.createHash('sha512') //Prepare Hash`
			`const ran = parseInt(Date.now()) //Get current time in miliseconds`
			`const semiRandomInt = Math.floor(Math.random()*11) //Grab a random number`
			`const otherRandomInt = (ransemiRandomInt+ran)semiRandomInt-ran //Mix things up a bit`
			`shasum.update(''+otherRandomInt) //Update Hasd`

			`const saltString = shasum.digest('hex')`
			`const salt = new Buffer(saltString, 'binary') //Generate Salt hash`
			`const iterations = 25000`

			`crypto.pbkdf2(password, salt, iterations, 512, 'sha512', function(err, delivered_key) {`

			`//Create new user object with freshly salted password`
			`var currentDate = new Date().toISOString().slice(0, 19).replace('T', ' ');`
			`var new_user = {`
			`username: lowerName,`
			`password: delivered_key.toString('hex'),`
			`salt: salt,`
			`iterations: iterations,`
			`last_login: currentDate,`
			`created: currentDate`
			`};`

			`db.promise()`
Big Refactor of all SQL calls to comply with database changes Added tag suggestions when entering tag field Cleaned up animations to make them REAL smooth 2019-07-30 13:27:26 -07:00			`.query('INSERT INTO user SET ?', new_user)`
Started to build out the app. Its got a basic set of features and it should really be in VC 2019-07-19 13:51:57 -07:00			`.then((rows, fields) => {`

			`if(rows[0].affectedRows == 1){`

			`const newUserId = rows[0].insertId`
			`const loginToken = Auth.createToken(newUserId)`
			`resolve(loginToken)`

			`} else {`
			`//Emit Error to user`
			`reject('New user could not be created')`
			`}`
			`})`
			`.catch(console.log)`
			`})`
			`} else {`
			`reject('Username already in use.')`
			`}//END user create`
			`})`
			`.catch(console.log)`


Added counts to each category Counts update on certain events and show or hide various elements Fixed various little ui element issues fixes #6 2020-02-11 13:11:14 -08:00			`})`
			`}`

			`//Counts notes, pinned notes, archived notes, shared notes, unread notes, total files and types`
			`User.getCounts = (userId) => {`
			`return new Promise((resolve, reject) => {`

			`let countTotals = {}`

			`db.promise().query(`
			`SELECT
			`SUM(pinned = 1 && archived = 0 && share_user_id IS NULL) AS pinnedNotes,`
Added some realtime events to the app * When a user gets a new shared message, it will popup instantly * When a new website is scraped, it will update in real time * Various other little bug fixes and improvements * Sharing displays correct notes and handles shared notes correctly * Tags were not displaying on notes, they do now. They better. 2020-02-13 17:08:46 -08:00			`SUM(archived = 1 && share_user_id IS NULL) AS archivedNotes,`
Encrypted Notes Alpha! fixes #28 2020-03-13 16:34:32 -07:00			`SUM(encrypted = 1) AS encryptedNotes,`
Added counts to each category Counts update on certain events and show or hide various elements Fixed various little ui element issues fixes #6 2020-02-11 13:11:14 -08:00			`SUM(share_user_id IS NULL) AS totalNotes,`
			`SUM(share_user_id != ?) AS sharedToNotes,`
Shared notes now share updated times * Updating a shared note, updates the information for other shared users * Unread shared notes now have a badge * Updated shared notes now have a badge * Shared notes can not be reshared, sharer username appears in interface to stop sharing fixes #15 2020-02-23 21:59:13 -08:00			`SUM( (share_user_id != ? && opened IS null) \|\| (share_user_id != ? && note_raw_text.updated > opened) ) AS unreadNotes`
Added counts to each category Counts update on certain events and show or hide various elements Fixed various little ui element issues fixes #6 2020-02-11 13:11:14 -08:00			`FROM note`
Encrypted Notes Alpha! fixes #28 2020-03-13 16:34:32 -07:00			`LEFT JOIN note_raw_text ON (note_raw_text.id = note.note_raw_text_id)`
Added counts to each category Counts update on certain events and show or hide various elements Fixed various little ui element issues fixes #6 2020-02-11 13:11:14 -08:00			WHERE user_id = ?`, [userId, userId, userId, userId])
			`.then( (rows, fields) => {`

			`Object.assign(countTotals, rows[0][0]) //combine results`

			`return db.promise().query(`
			`SELECT count(id) AS sharedFromNotes
			FROM note WHERE share_user_id = ?`, [userId]
			`)`
			`})`
			`.then( (rows, fields) => {`

			`Object.assign(countTotals, rows[0][0]) //combine results`

			`return db.promise().query(`
			`SELECT
			`SUM(attachment_type = 1) as linkFiles,`
			`SUM(attachment_type != 1) as otherFiles,`
			`COUNT(id) as totalFiles`
			`FROM attachment WHERE visible = 1`
			`AND user_id = ?`
			`, [userId]
			`)`
			`}).then( (rows, fields) => {`

			`Object.assign(countTotals, rows[0][0]) //combine results`

			`//Convert everything to an int or 0`
			`Object.keys(countTotals).forEach( key => {`
			`const count = parseInt(countTotals[key])`
			`countTotals[key] = count ? count : 0`
			`})`

			`resolve(countTotals)`
			`})`

Started to build out the app. Its got a basic set of features and it should really be in VC 2019-07-19 13:51:57 -07:00			`})`
			`}`