mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-10-31 19:15:58 +01:00
hash changes to user data
This commit is contained in:
Baris Soner Usakli
@@ -43,8 +43,11 @@
|
|||||||
socket.on('api:user.active.get_record', function(data) {
|
socket.on('api:user.active.get_record', function(data) {
|
||||||
active_record.innerHTML = "most users ever online was <strong>" + data.record + "</strong> on <strong>" + (new Date(parseInt(data.timestamp,10))).toUTCString() + "</strong>";
|
active_record.innerHTML = "most users ever online was <strong>" + data.record + "</strong> on <strong>" + (new Date(parseInt(data.timestamp,10))).toUTCString() + "</strong>";
|
||||||
});
|
});
|
||||||
socket.emit('api:user.get', { fields: ['username', 'picture'] });
|
|
||||||
socket.once('api:user.get', function(data) {
|
socket.emit('api:updateHeader', { fields: ['username', 'picture'] });
|
||||||
|
|
||||||
|
socket.once('api:updateHeader', function(data) {
|
||||||
|
|
||||||
if (data.uid > 0) {
|
if (data.uid > 0) {
|
||||||
var gravatar = document.createElement('img'),
|
var gravatar = document.createElement('img'),
|
||||||
name = document.createElement('span')
|
name = document.createElement('span')
|
||||||
|
|||||||
@@ -6,6 +6,8 @@
|
|||||||
config = require('../config.js'),
|
config = require('../config.js'),
|
||||||
db = redis.createClient(config.redis.port, config.redis.host, config.redis.options);
|
db = redis.createClient(config.redis.port, config.redis.host, config.redis.options);
|
||||||
|
|
||||||
|
RedisDB.db = db;
|
||||||
|
|
||||||
// todo (holy cow): append,auth,bgrewriteaof,bgsave,bitcount,bitop,blpop,brpop,brpoplpush,client kill,client list,client getname,client setname,config get,config set,config resetstat,dbsize,debug object,debug segfault,decrby,discard,dump,echo,eval,evalsha,exec,exists,expireat,flushall,flushdb,getbit,getrange,getset,hdel,hexists,hget,hgetall,hincrby,hincrbyfloat,hkeys,hlen,hmget,hmset,hset,hsetnx,hvals,incrby,incrbyfloat,info,lastsave,lindex,linsert,llen,lpop,lpushx,lrem,lset,ltrim,migrate,monitor,move,mset,msetnx,object,persist,pexpire,pexpireat,ping,psetex,psubscribe,pttl,publish,punsubscribe,quit,randomkey,rename,renamenx,restore,rpop,rpoplpush,rpush,rpushx,sadd,save,scard,script exists,script flush,script kill,script load,sdiff,sdiffstore,select,setbit,setex,setnx,setrange,shutdown,sinter,sinterstore,sismember,slaveof,slowlog,smembers,smove,sort,spop,srandmember,srem,strlen,subscribe,sunion,sunionstore,sync,time,ttl,type,unsubscribe,unwatch,watch,zadd,zcard,zcount,zincrby,zinterstore,zrange,zrangebyscore,zrank,zrem,zremrangebyrank,zremrangebyscore,zrevrange,zrevrangebyscore,zrevrank,zscore,zunionstore
|
// todo (holy cow): append,auth,bgrewriteaof,bgsave,bitcount,bitop,blpop,brpop,brpoplpush,client kill,client list,client getname,client setname,config get,config set,config resetstat,dbsize,debug object,debug segfault,decrby,discard,dump,echo,eval,evalsha,exec,exists,expireat,flushall,flushdb,getbit,getrange,getset,hdel,hexists,hget,hgetall,hincrby,hincrbyfloat,hkeys,hlen,hmget,hmset,hset,hsetnx,hvals,incrby,incrbyfloat,info,lastsave,lindex,linsert,llen,lpop,lpushx,lrem,lset,ltrim,migrate,monitor,move,mset,msetnx,object,persist,pexpire,pexpireat,ping,psetex,psubscribe,pttl,publish,punsubscribe,quit,randomkey,rename,renamenx,restore,rpop,rpoplpush,rpush,rpushx,sadd,save,scard,script exists,script flush,script kill,script load,sdiff,sdiffstore,select,setbit,setex,setnx,setrange,shutdown,sinter,sinterstore,sismember,slaveof,slowlog,smembers,smove,sort,spop,srandmember,srem,strlen,subscribe,sunion,sunionstore,sync,time,ttl,type,unsubscribe,unwatch,watch,zadd,zcard,zcount,zincrby,zinterstore,zrange,zrangebyscore,zrank,zrem,zremrangebyrank,zremrangebyscore,zrevrange,zrevrangebyscore,zrevrank,zscore,zunionstore
|
||||||
// done: get, set, incr, decr, del, mget, multi, expire, lpush, lrange, keys
|
// done: get, set, incr, decr, del, mget, multi, expire, lpush, lrange, keys
|
||||||
|
|
||||||
|
|||||||
238
src/user.js
238
src/user.js
@@ -8,76 +8,40 @@ var config = require('../config.js'),
|
|||||||
|
|
||||||
(function(User) {
|
(function(User) {
|
||||||
|
|
||||||
User.get = function(socket, uid, fields) {
|
|
||||||
if (uid > 0) {
|
|
||||||
var keys = [],
|
|
||||||
returnData = {
|
|
||||||
uid: uid
|
|
||||||
},
|
|
||||||
removeEmail = false;
|
|
||||||
|
|
||||||
if (!(fields instanceof Array))
|
User.getUserField = function(uid, field, callback) {
|
||||||
fields = ['username', 'email', 'joindate'];
|
RDB.db.hget(String(uid), field, function(err, data){
|
||||||
|
if(err === null)
|
||||||
if (fields.indexOf('picture') !== -1 && fields.indexOf('email') === -1) {
|
callback(data);
|
||||||
fields.push('email');
|
else
|
||||||
removeEmail = true;
|
console.log(err);
|
||||||
}
|
});
|
||||||
|
}
|
||||||
for(var f = 0, numFields = fields.length; f<numFields; f++) {
|
|
||||||
keys.push('uid:' + uid + ':' + fields[f]);
|
User.getUserFields = function(uid, fields, callback) {
|
||||||
}
|
RDB.db.hmget(String(uid), fields, function(err, data){
|
||||||
|
if(err === null) {
|
||||||
RDB.mget(keys, function(data) {
|
var returnData = {};
|
||||||
for(var x=0,numData=data.length;x<numData;x++) {
|
|
||||||
returnData[fields[x]] = data[x];
|
|
||||||
}
|
|
||||||
|
|
||||||
if (returnData.picture !== undefined) {
|
for(var i=0, ii=fields.length; i<ii; ++i) {
|
||||||
var md5sum = crypto.createHash('md5');
|
returnData[fields[i]] = data[i];
|
||||||
if (!returnData.email) returnData.email = '';
|
|
||||||
md5sum.update(returnData.email.toLowerCase());
|
|
||||||
returnData.picture = 'http://www.gravatar.com/avatar/' + md5sum.digest('hex') + '?s=24';
|
|
||||||
if (removeEmail) delete returnData.email;
|
|
||||||
}
|
}
|
||||||
socket.emit('api:user.get', returnData);
|
|
||||||
});
|
callback(returnData);
|
||||||
} else {
|
}
|
||||||
socket.emit('api:user.get', {
|
else
|
||||||
username: "Anonymous User",
|
console.log(err);
|
||||||
email: '',
|
});
|
||||||
picture: 'http://www.gravatar.com/avatar/d41d8cd98f00b204e9800998ecf8427e?s=24'
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
User.getUserData = function(uid, callback) {
|
User.getUserData = function(uid, callback) {
|
||||||
var fields = ['username', 'email', 'joindate', 'picture'];
|
|
||||||
var keys = [];
|
|
||||||
|
|
||||||
for(var i = 0, numFields = fields.length; i<numFields; i++) {
|
|
||||||
keys.push('uid:' + uid + ':' + fields[i]);
|
|
||||||
}
|
|
||||||
|
|
||||||
RDB.mget(keys, function(data) {
|
|
||||||
|
|
||||||
var returnData = {
|
|
||||||
uid: uid
|
|
||||||
};
|
|
||||||
|
|
||||||
for(var i=0, numData=data.length; i<numData; i++) {
|
|
||||||
returnData[fields[i]] = data[i];
|
|
||||||
}
|
|
||||||
|
|
||||||
var md5sum = crypto.createHash('md5');
|
|
||||||
|
|
||||||
md5sum.update(returnData.email.toLowerCase());
|
|
||||||
returnData.picture = 'http://www.gravatar.com/avatar/' + md5sum.digest('hex') + '?s=24';
|
|
||||||
|
|
||||||
callback(returnData);
|
RDB.db.hgetall(String(uid), function(err, data){
|
||||||
|
if(err === null)
|
||||||
|
callback(data);
|
||||||
|
else
|
||||||
|
console.log(err);
|
||||||
});
|
});
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@@ -108,6 +72,9 @@ var config = require('../config.js'),
|
|||||||
};
|
};
|
||||||
|
|
||||||
User.login = function(socket, user) {
|
User.login = function(socket, user) {
|
||||||
|
console.log("THIS IS USED");
|
||||||
|
|
||||||
|
|
||||||
if (user.username == null || user.password == null) {
|
if (user.username == null || user.password == null) {
|
||||||
return socket.emit('user.login', {'status': 0, 'message': 'Missing fields'});
|
return socket.emit('user.login', {'status': 0, 'message': 'Missing fields'});
|
||||||
}
|
}
|
||||||
@@ -139,6 +106,7 @@ var config = require('../config.js'),
|
|||||||
};
|
};
|
||||||
|
|
||||||
User.loginViaLocal = function(username, password, next) {
|
User.loginViaLocal = function(username, password, next) {
|
||||||
|
|
||||||
if (!username || !password) {
|
if (!username || !password) {
|
||||||
return next({
|
return next({
|
||||||
status: 'error',
|
status: 'error',
|
||||||
@@ -152,8 +120,9 @@ var config = require('../config.js'),
|
|||||||
message: 'invalid-user'
|
message: 'invalid-user'
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
RDB.get('uid:' + uid + ':password', function(user_password) {
|
User.getUserField(uid, 'password', function(user_password) {
|
||||||
|
|
||||||
bcrypt.compare(password, user_password, function(err, res) {
|
bcrypt.compare(password, user_password, function(err, res) {
|
||||||
if (res === true) {
|
if (res === true) {
|
||||||
next({
|
next({
|
||||||
@@ -260,56 +229,35 @@ var config = require('../config.js'),
|
|||||||
}
|
}
|
||||||
|
|
||||||
User.create = function(username, password, email, callback) {
|
User.create = function(username, password, email, callback) {
|
||||||
User.exists(null, username, function(exists) {
|
|
||||||
if (exists) {
|
|
||||||
return callback('user-exists', 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
RDB.incr('global:next_user_id', function(uid) {
|
if(!username) {
|
||||||
|
console.log("invalid registration data! username ["+username+"], password ["+password+"], email ["+email+"]");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// TODO : check if username email is unique!! -baris
|
||||||
|
|
||||||
|
|
||||||
|
RDB.incr('global:next_user_id', function(uid) {
|
||||||
|
|
||||||
|
console.log("Registering uid : " + uid);
|
||||||
|
|
||||||
|
User.hashPassword(password, function(hash) {
|
||||||
|
|
||||||
|
RDB.db.hmset(String(uid), {
|
||||||
|
'username' : username,
|
||||||
|
'email' : email,
|
||||||
|
'joindate' : new Date().getTime(),
|
||||||
|
'password' : hash,
|
||||||
|
'picture' : User.createGravatarURLFromEmail(email)
|
||||||
|
});
|
||||||
|
|
||||||
RDB.set('username:' + username + ':uid', uid);
|
RDB.set('username:' + username + ':uid', uid);
|
||||||
RDB.set('uid:' + uid + ':username', username);
|
RDB.set('email:' + email +':uid', uid);
|
||||||
if (password) {
|
|
||||||
bcrypt.genSalt(10, function(err, salt) {
|
|
||||||
bcrypt.hash(password, salt, function(err, hash) {
|
|
||||||
RDB.set('uid:' + uid + ':password', hash);
|
|
||||||
});
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
if (email) {
|
|
||||||
var confirm_code = utils.generateUUID(),
|
|
||||||
confirm_link = config.url + 'confirm/' + confirm_code,
|
|
||||||
confirm_email = global.templates['emails/header'] + global.templates['emails/email_confirm'].parse({'CONFIRM_LINK': confirm_link}) + global.templates['emails/footer'],
|
|
||||||
confirm_email_plaintext = global.templates['emails/email_confirm_plaintext'].parse({ 'CONFIRM_LINK': confirm_link });
|
|
||||||
|
|
||||||
RDB.set('uid:' + uid + ':email', email);
|
|
||||||
RDB.set('email:' + email, uid);
|
|
||||||
|
|
||||||
// Email confirmation code
|
|
||||||
RDB.set('email:' + email + ':confirm', confirm_code, 60*60*2);
|
|
||||||
RDB.set('confirm:' + confirm_code + ':email', email, 60*60*2); // Expire after 2 hours
|
|
||||||
|
|
||||||
// Send intro email w/ confirm code
|
|
||||||
var message = emailjs.message.create({
|
|
||||||
text: confirm_email_plaintext,
|
|
||||||
from: config.mailer.from,
|
|
||||||
to: email,
|
|
||||||
subject: '[NodeBB] Registration Email Verification',
|
|
||||||
attachment: [
|
|
||||||
{
|
|
||||||
data: confirm_email,
|
|
||||||
alternative: true
|
|
||||||
}
|
|
||||||
]
|
|
||||||
});
|
|
||||||
|
|
||||||
emailjsServer.send(message, function(err, success) {
|
|
||||||
if (err) console.log(err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
RDB.set('uid:' + uid + ':joindate', new Date().getTime());
|
|
||||||
|
|
||||||
|
if(email)
|
||||||
|
User.sendConfirmationEmail(email);
|
||||||
|
|
||||||
RDB.incr('user:count', function(count) {
|
RDB.incr('user:count', function(count) {
|
||||||
io.sockets.emit('user.count', {count: count});
|
io.sockets.emit('user.count', {count: count});
|
||||||
});
|
});
|
||||||
@@ -318,17 +266,77 @@ var config = require('../config.js'),
|
|||||||
io.sockets.emit('user.latest', {username: username});
|
io.sockets.emit('user.latest', {username: username});
|
||||||
|
|
||||||
callback(null, uid);
|
callback(null, uid);
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
User.createGravatarURLFromEmail = function(email) {
|
||||||
|
if(email) {
|
||||||
|
var md5sum = crypto.createHash('md5');
|
||||||
|
md5sum.update(email.toLowerCase());
|
||||||
|
var gravatarURL = 'http://www.gravatar.com/avatar/' + md5sum.digest('hex') + '?s=24';
|
||||||
|
return gravatarURL;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return "http://www.gravatar.com/avatar/d41d8cd98f00b204e9800998ecf8427e?s=24";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
User.hashPassword = function(password, callback) {
|
||||||
|
if(!password) {
|
||||||
|
callback(password);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
bcrypt.genSalt(10, function(err, salt) {
|
||||||
|
bcrypt.hash(password, salt, function(err, hash) {
|
||||||
|
callback(hash);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
};
|
}
|
||||||
|
|
||||||
|
User.sendConfirmationEmail = function (email) {
|
||||||
|
var confirm_code = utils.generateUUID(),
|
||||||
|
confirm_link = config.url + 'confirm/' + confirm_code,
|
||||||
|
confirm_email = global.templates['emails/header'] + global.templates['emails/email_confirm'].parse({'CONFIRM_LINK': confirm_link}) + global.templates['emails/footer'],
|
||||||
|
confirm_email_plaintext = global.templates['emails/email_confirm_plaintext'].parse({ 'CONFIRM_LINK': confirm_link });
|
||||||
|
|
||||||
|
// Email confirmation code
|
||||||
|
RDB.set('email:' + email + ':confirm', confirm_code, 60*60*2);
|
||||||
|
RDB.set('confirm:' + confirm_code + ':email', email, 60*60*2); // Expire after 2 hours
|
||||||
|
|
||||||
|
// Send intro email w/ confirm code
|
||||||
|
var message = emailjs.message.create({
|
||||||
|
text: confirm_email_plaintext,
|
||||||
|
from: config.mailer.from,
|
||||||
|
to: email,
|
||||||
|
subject: '[NodeBB] Registration Email Verification',
|
||||||
|
attachment: [
|
||||||
|
{
|
||||||
|
data: confirm_email,
|
||||||
|
alternative: true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
});
|
||||||
|
|
||||||
|
emailjsServer.send(message, function(err, success) {
|
||||||
|
if (err)
|
||||||
|
console.log(err);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
User.exists = function(socket, username, callback) {
|
User.exists = function(socket, username, callback) {
|
||||||
User.get_uid_by_username(username, function(exists) {
|
User.get_uid_by_username(username, function(exists) {
|
||||||
exists = !!exists;
|
exists = !!exists;
|
||||||
|
|
||||||
if (callback) callback(exists);
|
if (callback)
|
||||||
else socket.emit('user.exists', {exists: exists});
|
callback(exists);
|
||||||
|
else
|
||||||
|
socket.emit('user.exists', {exists: exists});
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -384,7 +392,7 @@ var config = require('../config.js'),
|
|||||||
}
|
}
|
||||||
|
|
||||||
User.get_uid_by_email = function(email, callback) {
|
User.get_uid_by_email = function(email, callback) {
|
||||||
RDB.get('email:' + email, callback)
|
RDB.get('email:' + email+':uid', callback)
|
||||||
};
|
};
|
||||||
|
|
||||||
User.get_uid_by_session = function(session, callback) {
|
User.get_uid_by_session = function(session, callback) {
|
||||||
|
|||||||
@@ -270,14 +270,32 @@ passport.deserializeUser(function(uid, done) {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
app.get('/baristest', function(req, res) {
|
||||||
|
/*user.getUserField(req.user.uid, 'email', function(data) {
|
||||||
|
console.log(" I GOT FIELD " +data);
|
||||||
|
});*/
|
||||||
|
/* user.getUserData(req.user.uid, function(data) {
|
||||||
|
console.log(" USER DATA : " + JSON.stringify(data));
|
||||||
|
});*/
|
||||||
|
// user.getUserFields(req.user.uid, ['email','username'], function(data) {
|
||||||
|
user.getUserFields(req.user.uid, ['username','email'], function(data) {
|
||||||
|
console.log(" I GOT FIELDS " +JSON.stringify(data));
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
app.get('/account', function(req, res) {
|
app.get('/account', function(req, res) {
|
||||||
|
|
||||||
|
console.log("GOING TO ACCOUNT");
|
||||||
|
|
||||||
if (req.user === undefined)
|
if (req.user === undefined)
|
||||||
return res.redirect('/403');
|
return res.redirect('/403');
|
||||||
|
|
||||||
user.getUserData(req.user.uid, function(data) {
|
user.getUserData(req.user.uid, function(data) {
|
||||||
|
|
||||||
data.joindate = utils.relativeTime(data.joindate);
|
data.joindate = utils.relativeTime(data.joindate);
|
||||||
|
|
||||||
|
console.log("user data" + JSON.stringify(data));
|
||||||
|
|
||||||
var account = templates['account'];
|
var account = templates['account'];
|
||||||
var userData = {user:data};
|
var userData = {user:data};
|
||||||
account = account.parse(userData);
|
account = account.parse(userData);
|
||||||
|
|||||||
@@ -73,8 +73,23 @@ var SocketIO = require('socket.io').listen(global.server,{log:false}),
|
|||||||
socket.join(room);
|
socket.join(room);
|
||||||
});
|
});
|
||||||
|
|
||||||
socket.on('api:user.get', function(data) {
|
socket.on('api:updateHeader', function(data) {
|
||||||
modules.user.get(socket, uid, data.fields);
|
if(uid) {
|
||||||
|
|
||||||
|
modules.user.getUserFields(uid, data.fields, function(fields) {
|
||||||
|
fields.uid = uid;
|
||||||
|
socket.emit('api:updateHeader', fields);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
socket.emit('api:updateHeader', {
|
||||||
|
uid:0,
|
||||||
|
username: "Anonymous User",
|
||||||
|
email: '',
|
||||||
|
picture: 'http://www.gravatar.com/avatar/d41d8cd98f00b204e9800998ecf8427e?s=24'
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
socket.on('api:user.getNameByUid', function(data) {
|
socket.on('api:user.getNameByUid', function(data) {
|
||||||
|
|||||||
Reference in New Issue
Block a user