hostr/api/routes/user.js

import uuid from 'node-uuid';
import redis from 'redis';
import co from 'co';
import passwords from 'passwords';
import debugname from 'debug';

import models from '../../models';

const debug = debugname('hostr-api:user');

const redisUrl = process.env.REDIS_URL;

export async function get(ctx) {
  ctx.body = ctx.user;
}

export async function token(ctx) {
  const token = uuid.v4(); // eslint-disable-line no-shadow
  await ctx.redis.set(token, ctx.user.id, 'EX', 86400);
  ctx.body = { token };
}

export async function transaction(ctx) {
  const transactions = await models.transaction.findAll({
    where: {
      userId: ctx.user.id,
    },
  });

  ctx.body = transactions.map(item => ({
    id: item.id,
    amount: item.amount / 100,
    date: item.date,
    description: item.description,
    type: 'direct',
  }));
}

export async function settings(ctx) {
  ctx.assert(
    ctx.request.body, 400,
    '{"error": {"message": "Current Password required to update account.", "code": 612}}',
  );
  ctx.assert(
    ctx.request.body.current_password, 400,
    '{"error": {"message": "Current Password required to update account.", "code": 612}}',
  );
  const user = await models.user.findByPk(ctx.user.id);
  ctx.assert(
    await passwords.match(ctx.request.body.current_password, user.password), 400,
    '{"error": {"message": "Incorrect password", "code": 606}}',
  );
  if (ctx.request.body.email && ctx.request.body.email !== user.email) {
    user.email = ctx.request.body.email;
  }
  if (ctx.request.body.new_password) {
    ctx.assert(
      ctx.request.body.new_password.length >= 7, 400,
      '{"error": {"message": "Password must be 7 or more characters long.", "code": 606}}',
    );
    user.password = await passwords.hash(ctx.request.body.new_password);
  }
  await user.save();
  ctx.body = {};
}

export async function deleteUser(ctx) {
  ctx.assert(
    ctx.request.body, 400,
    '{"error": {"message": "Current Password required to update account.", "code": 612}}',
  );
  ctx.assert(
    ctx.request.body.current_password, 400,
    '{"error": {"message": "Current Password required to update account.", "code": 612}}',
  );
  const user = await models.user.findByPk(ctx.user.id);
  ctx.assert(
    await passwords.match(ctx.request.body.current_password, user.password), 400,
    '{"error": {"message": "Incorrect password", "code": 606}}',
  );
  await user.destroy();
  ctx.body = '{"action":"logout", "message": "Account deleted"}';
}

export async function events(ctx) {
  const pubsub = redis.createClient(redisUrl);
  pubsub.on('message', (channel, message) => {
    ctx.websocket.send(message);
  });
  pubsub.on('ready', () => {
    ctx.websocket.on('message', co.wrap(async (message) => {
      let json;
      try {
        json = JSON.parse(message);
      } catch (err) {
        debug('Invalid JSON for socket auth');
        ctx.websocket.send('Invalid authentication message. Bad JSON?');
        ctx.Sentry.captureException(err);
      }
      try {
        const reply = await ctx.redis.get(json.authorization);
        if (reply) {
          pubsub.subscribe(`/user/${reply}`);
          ctx.websocket.send('{"status":"active"}');
          debug('Subscribed to: /user/%s', reply);
        } else {
          ctx.websocket.send('Invalid authentication token.');
        }
      } catch (err) {
        debug(err);
        ctx.Sentry.captureException(err);
      }
    }));
  });
  ctx.websocket.on('close', () => {
    debug('Socket closed');
    pubsub.quit();
  });
}
Initial commit. 2015-07-09 23:01:43 +01:00			`import uuid from 'node-uuid';`
Update redis 2015-09-01 14:09:52 +02:00			`import redis from 'redis';`
Initial commit. 2015-07-09 23:01:43 +01:00			`import co from 'co';`
			`import passwords from 'passwords';`
Fix linting 2018-06-02 18:07:00 +00:00			`import debugname from 'debug';`

Postgres. 2016-06-19 10:14:47 -07:00			`import models from '../../models';`
Initial commit. 2015-07-09 23:01:43 +01:00
Fix events stuff with awful hacks 2015-08-08 20:37:49 +01:00			`const debug = debugname('hostr-api:user');`
Initial commit. 2015-07-09 23:01:43 +01:00
Improve environment variable stuff 2015-08-30 18:35:05 +02:00			`const redisUrl = process.env.REDIS_URL;`
Initial commit. 2015-07-09 23:01:43 +01:00
Update stuff 2018-06-02 15:50:39 +00:00			`export async function get(ctx) {`
			`ctx.body = ctx.user;`
Initial commit. 2015-07-09 23:01:43 +01:00			`}`

Update stuff 2018-06-02 15:50:39 +00:00			`export async function token(ctx) {`
Initial commit. 2015-07-09 23:01:43 +01:00			`const token = uuid.v4(); // eslint-disable-line no-shadow`
Update stuff 2018-06-02 15:50:39 +00:00			`await ctx.redis.set(token, ctx.user.id, 'EX', 86400);`
			`ctx.body = { token };`
Initial commit. 2015-07-09 23:01:43 +01:00			`}`

Update stuff 2018-06-02 15:50:39 +00:00			`export async function transaction(ctx) {`
			`const transactions = await models.transaction.findAll({`
More changes for db migration 2016-08-07 14:38:05 +01:00			`where: {`
Update stuff 2018-06-02 15:50:39 +00:00			`userId: ctx.user.id,`
More changes for db migration 2016-08-07 14:38:05 +01:00			`},`
			`});`
Initial commit. 2015-07-09 23:01:43 +01:00
Fix linting 2018-06-02 18:07:00 +00:00			`ctx.body = transactions.map(item => ({`
			`id: item.id,`
			`amount: item.amount / 100,`
			`date: item.date,`
			`description: item.description,`
			`type: 'direct',`
			`}));`
Initial commit. 2015-07-09 23:01:43 +01:00			`}`

Update stuff 2018-06-02 15:50:39 +00:00			`export async function settings(ctx) {`
Fix linting 2018-06-02 18:07:00 +00:00			`ctx.assert(`
			`ctx.request.body, 400,`
			`'{"error": {"message": "Current Password required to update account.", "code": 612}}',`
			`);`
			`ctx.assert(`
			`ctx.request.body.current_password, 400,`
			`'{"error": {"message": "Current Password required to update account.", "code": 612}}',`
			`);`
Update dependencies 2019-06-08 07:52:57 -07:00			`const user = await models.user.findByPk(ctx.user.id);`
Fix linting 2018-06-02 18:07:00 +00:00			`ctx.assert(`
			`await passwords.match(ctx.request.body.current_password, user.password), 400,`
			`'{"error": {"message": "Incorrect password", "code": 606}}',`
			`);`
Update stuff 2018-06-02 15:50:39 +00:00			`if (ctx.request.body.email && ctx.request.body.email !== user.email) {`
			`user.email = ctx.request.body.email;`
Initial commit. 2015-07-09 23:01:43 +01:00			`}`
Update stuff 2018-06-02 15:50:39 +00:00			`if (ctx.request.body.new_password) {`
Fix linting 2018-06-02 18:07:00 +00:00			`ctx.assert(`
			`ctx.request.body.new_password.length >= 7, 400,`
			`'{"error": {"message": "Password must be 7 or more characters long.", "code": 606}}',`
			`);`
Update stuff 2018-06-02 15:50:39 +00:00			`user.password = await passwords.hash(ctx.request.body.new_password);`
Initial commit. 2015-07-09 23:01:43 +01:00			`}`
Update stuff 2018-06-02 15:50:39 +00:00			`await user.save();`
			`ctx.body = {};`
Initial commit. 2015-07-09 23:01:43 +01:00			`}`

Fix account deletion. 2019-07-21 19:37:20 +00:00			`export async function deleteUser(ctx) {`
			`ctx.assert(`
			`ctx.request.body, 400,`
			`'{"error": {"message": "Current Password required to update account.", "code": 612}}',`
			`);`
			`ctx.assert(`
			`ctx.request.body.current_password, 400,`
			`'{"error": {"message": "Current Password required to update account.", "code": 612}}',`
			`);`
			`const user = await models.user.findByPk(ctx.user.id);`
			`ctx.assert(`
			`await passwords.match(ctx.request.body.current_password, user.password), 400,`
			`'{"error": {"message": "Incorrect password", "code": 606}}',`
			`);`
			`await user.destroy();`
			`ctx.body = '{"action":"logout", "message": "Account deleted"}';`
			`}`

Update stuff 2018-06-02 15:50:39 +00:00			`export async function events(ctx) {`
Update redis 2015-09-01 14:09:52 +02:00			`const pubsub = redis.createClient(redisUrl);`
Fix events stuff with awful hacks 2015-08-08 20:37:49 +01:00			`pubsub.on('message', (channel, message) => {`
Update stuff 2018-06-02 15:50:39 +00:00			`ctx.websocket.send(message);`
Fix events stuff with awful hacks 2015-08-08 20:37:49 +01:00			`});`
			`pubsub.on('ready', () => {`
Update stuff 2018-06-02 15:50:39 +00:00			`ctx.websocket.on('message', co.wrap(async (message) => {`
Initial commit. 2015-07-09 23:01:43 +01:00			`let json;`
Apply Javascript styleguide 2015-08-23 22:12:32 +01:00			`try {`
Initial commit. 2015-07-09 23:01:43 +01:00			`json = JSON.parse(message);`
Get linting passing again 2016-06-06 15:37:00 +01:00			`} catch (err) {`
Initial commit. 2015-07-09 23:01:43 +01:00			`debug('Invalid JSON for socket auth');`
Update stuff 2018-06-02 15:50:39 +00:00			`ctx.websocket.send('Invalid authentication message. Bad JSON?');`
Upgrade deps 2019-01-14 21:37:03 +00:00			`ctx.Sentry.captureException(err);`
Initial commit. 2015-07-09 23:01:43 +01:00			`}`
Fix events stuff, improve errors 2015-08-23 01:05:20 +01:00			`try {`
Update stuff 2018-06-02 15:50:39 +00:00			`const reply = await ctx.redis.get(json.authorization);`
Fix events stuff, improve errors 2015-08-23 01:05:20 +01:00			`if (reply) {`
Get linting passing again 2016-06-06 15:37:00 +01:00			pubsub.subscribe(`/user/${reply}`);
Update stuff 2018-06-02 15:50:39 +00:00			`ctx.websocket.send('{"status":"active"}');`
Fix events stuff, improve errors 2015-08-23 01:05:20 +01:00			`debug('Subscribed to: /user/%s', reply);`
			`} else {`
Update stuff 2018-06-02 15:50:39 +00:00			`ctx.websocket.send('Invalid authentication token.');`
Fix events stuff, improve errors 2015-08-23 01:05:20 +01:00			`}`
Get linting passing again 2016-06-06 15:37:00 +01:00			`} catch (err) {`
Fix events stuff, improve errors 2015-08-23 01:05:20 +01:00			`debug(err);`
Upgrade deps 2019-01-14 21:37:03 +00:00			`ctx.Sentry.captureException(err);`
Initial commit. 2015-07-09 23:01:43 +01:00			`}`
Update stuff 2018-06-02 15:50:39 +00:00			`}));`
Fix events stuff with awful hacks 2015-08-08 20:37:49 +01:00			`});`
Update stuff 2018-06-02 15:50:39 +00:00			`ctx.websocket.on('close', () => {`
Initial commit. 2015-07-09 23:01:43 +01:00			`debug('Socket closed');`
			`pubsub.quit();`
			`});`
			`}`