-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuserModel.js
115 lines (98 loc) · 2.78 KB
/
userModel.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
const crypto = require("crypto");
const mongoose = require("mongoose");
const validator = require("validator");
const bcrypt = require("bcryptjs");
const userSchema = new mongoose.Schema({
name: {
type: String,
required: [true, "Please tell us your name!"],
},
email: {
type: String,
required: [true, "Please provide your email"],
unique: true,
lowercase: true,
validate: [validator.isEmail, "Please provide a valid email"],
},
photo: {
type: String,
default: "default.jpg",
},
role: {
type: String,
enum: ["user", "guide", "lead-guide", "admin"],
default: "user",
},
password: {
type: String,
required: [true, "Please provide a password"],
minlength: 8,
select: false,
},
passwordConfirm: {
type: String,
required: [true, "Please confirm your password"],
validate: {
// This only works on CREATE and SAVE!!!
validator: function (el) {
return el === this.password;
},
message: "Passwords do not match!",
},
},
passwordChangedAt: Date,
passwordResetToken: String,
passwordResetExpires: Date,
active: {
type: Boolean,
default: true,
select: false,
},
});
userSchema.pre("save", async function (next) {
// Only run this function if password was actually modified
if (!this.isModified("password")) return next();
// Hash the password with the cost of 12 (salt rounds)
this.password = await bcrypt.hash(this.password, 12);
// Delete passwordConfirm field
this.passwordConfirm = undefined;
next();
});
userSchema.pre("save", function (next) {
if (!this.isModified("password") || this.isNew) return next();
this.passwordChangedAt = Date.now() - 1000; // -1 sekund för att säkerställa att password är bytt före uppdaterad is databas
next();
});
userSchema.pre(/^find/, function (next) {
// This points to the current query
this.find({ active: { $ne: false } });
next();
});
userSchema.methods.correctPassword = async function (
candidatePassword,
userPassword
) {
return await bcrypt.compare(candidatePassword, userPassword);
};
userSchema.methods.changedPasswordAfter = function (JWTTimestamp) {
if (this.passwordChangedAt) {
const changedTimestamp = parseInt(
this.passwordChangedAt.getTime() / 1000,
10
);
return JWTTimestamp < changedTimestamp;
}
return false;
};
userSchema.methods.createPasswordResetToken = function () {
const resetToken = crypto.randomBytes(32).toString("hex");
this.passwordResetToken = crypto
.createHash("sha256")
.update(resetToken)
.digest("hex");
// console.log({ resetToken }, this.passwordResetToken);
this.passwordResetExpires = Date.now() + 10 * 60 * 1000;
return resetToken;
};
const User = mongoose.model("User", userSchema);
module.exports = User;