summaryrefslogtreecommitdiffstats
path: root/model/User.js
blob: ce34cbec8c4426242203f5e1875dd23d01b0c908 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100

const mongoose = require('mongoose')
const bcrypt = require('bcryptjs')
const { randomBytes } = require('crypto')

const userSchema = new mongoose.Schema({
  email: {
    type: String,
    trim: true,
    lowercase: true,
    unique: true,
    required: true,
    min: 4,
    max: 255,
    validate: {
      validator: v => /^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/.test(v),
      message: "Please enter a valid email"
    },
  },
  password: {
    type: String,
    required: true,
    max: 1024,
    min: 6,
  },
  refresh: {
    type: String,
    required: true,
    max: 1024,
    min: 6,
  },
  verify: {
    type: String,
    default: randomBytes(3).toString('hex'),
  },
  role: {
    type: String,
    max: 16,
    min: 3,
    default: 'user',
  },
  date: {
    type: Date,
    default: Date.now,
  },
})

userSchema.statics.checkRefreshToken = async (email, refresh) => {
  const user = await User.findOne({ email })

  if (!user) throw new Error('User not found')

  const isMatch = await bcrypt.compare(refresh, user.refresh)

  if (!isMatch) throw new Error('Wrong refresh token')

  return user
}

userSchema.statics.findByCredentials = async (email, password) => {
  const user = await User.findOne({ email })

  if (!user) throw new Error('Unable to login')

  const isMatch = await bcrypt.compare(password, user.password)

  if (!isMatch) throw new Error('Unable to login')

  return user
}

userSchema.statics.newRefreshToken = async (user) => {
  const newRefreshToken = randomBytes(32).toString('hex')

  user.refresh = newRefreshToken
  await user.save()

  return newRefreshToken
}

userSchema.statics.removeRefreshToken = async (email) => (
  await User.findOneAndUpdate({ email }, { refresh: '' })
)

userSchema.pre('save', async function(next){
  const user = this

  if (user.isModified('password')) {
    user.password = await bcrypt.hash(user.password, 8)
  }

  if (user.isModified('refresh')) {
    user.refresh = await bcrypt.hash(user.refresh, 8)
  }

  next()
})

const User = mongoose.model('User', userSchema)

module.exports = User
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-22 13:46:22 +0000