chore: undo $ prepend on queries
This commit is contained in:
Taranto
Josh Harvey
parent
f3f2bb01b0
commit
ba4117173e
50 changed files with 215 additions and 227 deletions
50
lib/users.js
50
lib/users.js
|
|
@ -19,7 +19,7 @@ const db = require('./db')
|
|||
*/
|
||||
function get (token) {
|
||||
const sql = 'SELECT * FROM user_tokens WHERE token=$1'
|
||||
return db.$oneOrNone(sql, [token])
|
||||
return db.oneOrNone(sql, [token])
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -35,45 +35,45 @@ function get (token) {
|
|||
function getByIds (ids) {
|
||||
const sql = `SELECT * FROM users WHERE id IN ($1^)`
|
||||
const idList = _.map(pgp.as.text, ids).join(',')
|
||||
return db.$any(sql, [idList])
|
||||
return db.any(sql, [idList])
|
||||
}
|
||||
|
||||
function getUserById (id) {
|
||||
const sql = `SELECT * FROM users WHERE id=$1`
|
||||
return db.$oneOrNone(sql, [id])
|
||||
return db.oneOrNone(sql, [id])
|
||||
}
|
||||
|
||||
function getUserByUsername (username) {
|
||||
const sql = `SELECT * FROM users WHERE username=$1`
|
||||
return db.$oneOrNone(sql, [username])
|
||||
return db.oneOrNone(sql, [username])
|
||||
}
|
||||
|
||||
function getUsers () {
|
||||
const sql = `SELECT id, username, role, enabled, last_accessed, last_accessed_from, last_accessed_address FROM users ORDER BY username`
|
||||
return db.$any(sql)
|
||||
return db.any(sql)
|
||||
}
|
||||
|
||||
function verifyAndUpdateUser (id, ua, ip) {
|
||||
const sql = `SELECT id, username, role, enabled FROM users WHERE id=$1 limit 1`
|
||||
return db.$oneOrNone(sql, [id])
|
||||
return db.oneOrNone(sql, [id])
|
||||
.then(user => {
|
||||
if (!user) return null
|
||||
|
||||
const sql2 = `UPDATE users SET last_accessed=now(), last_accessed_from=$1, last_accessed_address=$2 WHERE id=$3 RETURNING id, role, enabled`
|
||||
return db.$one(sql2, [ua, ip, id])
|
||||
return db.one(sql2, [ua, ip, id])
|
||||
})
|
||||
.then(user => user)
|
||||
}
|
||||
|
||||
function saveTemp2FASecret (id, secret) {
|
||||
const sql = 'UPDATE users SET temp_twofa_code=$1 WHERE id=$2'
|
||||
return db.$none(sql, [secret, id])
|
||||
return db.none(sql, [secret, id])
|
||||
}
|
||||
|
||||
function save2FASecret (id, secret) {
|
||||
return db.tx(t => {
|
||||
const q1 = t.$none('UPDATE users SET twofa_code=$1, temp_twofa_code=NULL WHERE id=$2', [secret, id])
|
||||
const q2 = t.$none(`DELETE FROM user_sessions WHERE sess -> 'user' ->> 'id'=$1`, [id])
|
||||
const q1 = t.none('UPDATE users SET twofa_code=$1, temp_twofa_code=NULL WHERE id=$2', [secret, id])
|
||||
const q2 = t.none(`DELETE FROM user_sessions WHERE sess -> 'user' ->> 'id'=$1`, [id])
|
||||
return t.batch([q1, q2])
|
||||
})
|
||||
}
|
||||
|
|
@ -82,7 +82,7 @@ function validateAuthToken (token, type) {
|
|||
const sql = `SELECT user_id, now() < expire AS success FROM auth_tokens
|
||||
WHERE token=$1 AND type=$2`
|
||||
|
||||
return db.$one(sql, [token, type])
|
||||
return db.one(sql, [token, type])
|
||||
.then(res => ({ userID: res.user_id, success: res.success }))
|
||||
}
|
||||
|
||||
|
|
@ -90,9 +90,9 @@ function reset2FASecret (token, id, secret) {
|
|||
return validateAuthToken(token, 'reset_twofa').then(res => {
|
||||
if (!res.success) throw new Error('Failed to verify 2FA reset token')
|
||||
return db.tx(t => {
|
||||
const q1 = t.$none('UPDATE users SET twofa_code=$1, temp_twofa_code=NULL WHERE id=$2', [secret, id])
|
||||
const q2 = t.$none(`DELETE FROM user_sessions WHERE sess -> 'user' ->> 'id'=$1`, [id])
|
||||
const q3 = t.$none(`DELETE FROM auth_tokens WHERE token=$1 and type='reset_twofa'`, [token])
|
||||
const q1 = t.none('UPDATE users SET twofa_code=$1, temp_twofa_code=NULL WHERE id=$2', [secret, id])
|
||||
const q2 = t.none(`DELETE FROM user_sessions WHERE sess -> 'user' ->> 'id'=$1`, [id])
|
||||
const q3 = t.none(`DELETE FROM auth_tokens WHERE token=$1 and type='reset_twofa'`, [token])
|
||||
return t.batch([q1, q2, q3])
|
||||
})
|
||||
})
|
||||
|
|
@ -103,9 +103,9 @@ function updatePassword (token, id, password) {
|
|||
if (!res.success) throw new Error('Failed to verify password reset token')
|
||||
return argon2.hash(password).then(function (hash) {
|
||||
return db.tx(t => {
|
||||
const q1 = t.$none(`UPDATE users SET password=$1 WHERE id=$2`, [hash, id])
|
||||
const q2 = t.$none(`DELETE FROM user_sessions WHERE sess -> 'user' ->> 'id'=$1`, [id])
|
||||
const q3 = t.$none(`DELETE FROM auth_tokens WHERE token=$1 and type='reset_password'`, [token])
|
||||
const q1 = t.none(`UPDATE users SET password=$1 WHERE id=$2`, [hash, id])
|
||||
const q2 = t.none(`DELETE FROM user_sessions WHERE sess -> 'user' ->> 'id'=$1`, [id])
|
||||
const q3 = t.none(`DELETE FROM auth_tokens WHERE token=$1 and type='reset_password'`, [token])
|
||||
return t.batch([q1, q2, q3])
|
||||
})
|
||||
})
|
||||
|
|
@ -117,13 +117,13 @@ function createUserRegistrationToken (username, role) {
|
|||
const sql = `INSERT INTO user_register_tokens (token, username, role) VALUES ($1, $2, $3) ON CONFLICT (username)
|
||||
DO UPDATE SET token=$1, expire=now() + interval '${constants.REGISTRATION_TOKEN_EXPIRATION_TIME}' RETURNING *`
|
||||
|
||||
return db.$one(sql, [token, username, role])
|
||||
return db.one(sql, [token, username, role])
|
||||
}
|
||||
|
||||
function validateUserRegistrationToken (token) {
|
||||
const sql = `SELECT username, role, now() < expire AS success FROM user_register_tokens WHERE token=$1`
|
||||
|
||||
return db.$one(sql, [token])
|
||||
return db.one(sql, [token])
|
||||
.then(res => ({ username: res.username, role: res.role, success: res.success }))
|
||||
}
|
||||
|
||||
|
|
@ -132,8 +132,8 @@ function register (token, username, password, role) {
|
|||
if (!res.success) throw new Error('Failed to verify registration token')
|
||||
return argon2.hash(password).then(hash => {
|
||||
return db.tx(t => {
|
||||
const q1 = t.$none(`INSERT INTO users (id, username, password, role) VALUES ($1, $2, $3, $4)`, [uuid.v4(), username, hash, role])
|
||||
const q2 = t.$none(`DELETE FROM user_register_tokens WHERE token=$1`, [token])
|
||||
const q1 = t.none(`INSERT INTO users (id, username, password, role) VALUES ($1, $2, $3, $4)`, [uuid.v4(), username, hash, role])
|
||||
const q2 = t.none(`DELETE FROM user_register_tokens WHERE token=$1`, [token])
|
||||
return t.batch([q1, q2])
|
||||
})
|
||||
})
|
||||
|
|
@ -142,18 +142,18 @@ function register (token, username, password, role) {
|
|||
|
||||
function changeUserRole (id, newRole) {
|
||||
const sql = `UPDATE users SET role=$1 WHERE id=$2`
|
||||
return db.$none(sql, [newRole, id])
|
||||
return db.none(sql, [newRole, id])
|
||||
}
|
||||
|
||||
function enableUser (id) {
|
||||
const sql = `UPDATE users SET enabled=true WHERE id=$1`
|
||||
return db.$none(sql, [id])
|
||||
return db.none(sql, [id])
|
||||
}
|
||||
|
||||
function disableUser (id) {
|
||||
return db.tx(t => {
|
||||
const q1 = t.$none(`UPDATE users SET enabled=false WHERE id=$1`, [id])
|
||||
const q2 = t.$none(`DELETE FROM user_sessions WHERE sess -> 'user' ->> 'id'=$1`, [id])
|
||||
const q1 = t.none(`UPDATE users SET enabled=false WHERE id=$1`, [id])
|
||||
const q2 = t.none(`DELETE FROM user_sessions WHERE sess -> 'user' ->> 'id'=$1`, [id])
|
||||
return t.batch([q1, q2])
|
||||
})
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue