outline/server/models/User.js

// @flow
import crypto from 'crypto';
import bcrypt from 'bcrypt';
import uuid from 'uuid';
import JWT from 'jsonwebtoken';
import { DataTypes, sequelize, encryptedFields } from '../sequelize';
import { publicS3Endpoint, uploadToS3FromUrl } from '../utils/s3';
import { sendEmail } from '../mailer';

const BCRYPT_COST = process.env.NODE_ENV !== 'production' ? 4 : 12;

const User = sequelize.define(
  'user',
  {
    id: {
      type: DataTypes.UUID,
      defaultValue: DataTypes.UUIDV4,
      primaryKey: true,
    },
    email: { type: DataTypes.STRING },
    username: { type: DataTypes.STRING },
    name: DataTypes.STRING,
    avatarUrl: { type: DataTypes.STRING, allowNull: true },
    password: DataTypes.VIRTUAL,
    passwordDigest: DataTypes.STRING,
    isAdmin: DataTypes.BOOLEAN,
    slackAccessToken: encryptedFields.vault('slackAccessToken'),
    service: { type: DataTypes.STRING, allowNull: true, unique: true },
    serviceId: { type: DataTypes.STRING, allowNull: true, unique: true },
    slackData: DataTypes.JSONB,
    jwtSecret: encryptedFields.vault('jwtSecret'),
    suspendedAt: DataTypes.DATE,
    suspendedById: DataTypes.UUID,
  },
  {
    getterMethods: {
      isSuspended() {
        return !!this.suspendedAt;
      },
    },
    indexes: [
      {
        fields: ['email'],
      },
    ],
  }
);

// Class methods
User.associate = models => {
  User.hasMany(models.ApiKey, { as: 'apiKeys' });
  User.hasMany(models.Document, { as: 'documents' });
  User.hasMany(models.View, { as: 'views' });
};

// Instance methods
User.prototype.getJwtToken = function() {
  return JWT.sign({ id: this.id }, this.jwtSecret);
};

User.prototype.verifyPassword = function(password) {
  return new Promise((resolve, reject) => {
    if (!this.passwordDigest) {
      resolve(false);
      return;
    }

    bcrypt.compare(password, this.passwordDigest, (err, ok) => {
      if (err) {
        reject(err);
        return;
      }

      resolve(ok);
    });
  });
};

const uploadAvatar = async model => {
  const endpoint = publicS3Endpoint();

  if (model.avatarUrl && !model.avatarUrl.startsWith(endpoint)) {
    const newUrl = await uploadToS3FromUrl(
      model.avatarUrl,
      `avatars/${model.id}/${uuid.v4()}`
    );
    if (newUrl) model.avatarUrl = newUrl;
  }
};

const setRandomJwtSecret = model => {
  model.jwtSecret = crypto.randomBytes(64).toString('hex');
};
const hashPassword = model => {
  if (!model.password) {
    return null;
  }

  return new Promise((resolve, reject) => {
    bcrypt.hash(model.password, BCRYPT_COST, (err, digest) => {
      if (err) {
        reject(err);
        return;
      }

      model.passwordDigest = digest;
      resolve();
    });
  });
};
User.beforeCreate(hashPassword);
User.beforeUpdate(hashPassword);
User.beforeSave(uploadAvatar);
User.beforeCreate(setRandomJwtSecret);
User.afterCreate(user => sendEmail('welcome', user.email));

export default User;
Upgrade sequelize and remove unique email constraints 2017-07-12 07:28:18 +00:00			`// @flow`
Refactor 2016-04-29 05:25:37 +00:00			`import crypto from 'crypto';`
Added user passwords 2016-09-12 00:47:22 +00:00			`import bcrypt from 'bcrypt';`
review comments 2017-10-20 06:30:31 +00:00			`import uuid from 'uuid';`
Unfurling of Slack links (#487) * First pass: Unfurling of Slack links * Add authentication in db * Call associate on Event correctly * Add SLACK_APP_ID, remove SLACK_REDIRECT_URI, tidy env sample * PR feedback * Comment clarify 2017-12-19 03:59:29 +00:00			`import JWT from 'jsonwebtoken';`
[chore] added prettier 2017-04-27 04:47:03 +00:00			`import { DataTypes, sequelize, encryptedFields } from '../sequelize';`
Save avatars to le cloud in beforeSave hooks Added encryption to uploads Updated icon for team settings 2018-06-01 22:00:48 +00:00			`import { publicS3Endpoint, uploadToS3FromUrl } from '../utils/s3';`
Added task queue for emails 2017-12-19 04:47:48 +00:00			`import { sendEmail } from '../mailer';`
Refactor 2016-04-29 05:25:37 +00:00
Added user passwords 2016-09-12 00:47:22 +00:00			`const BCRYPT_COST = process.env.NODE_ENV !== 'production' ? 4 : 12;`

[chore] added prettier 2017-04-27 04:47:03 +00:00			`const User = sequelize.define(`
			`'user',`
			`{`
			`id: {`
			`type: DataTypes.UUID,`
			`defaultValue: DataTypes.UUIDV4,`
			`primaryKey: true,`
Refactor 2016-04-29 05:25:37 +00:00			`},`
Upgrade sequelize and remove unique email constraints 2017-07-12 07:28:18 +00:00			`email: { type: DataTypes.STRING },`
			`username: { type: DataTypes.STRING },`
[chore] added prettier 2017-04-27 04:47:03 +00:00			`name: DataTypes.STRING,`
Upload avatar to s3 on login 2017-10-19 07:49:22 +00:00			`avatarUrl: { type: DataTypes.STRING, allowNull: true },`
[chore] added prettier 2017-04-27 04:47:03 +00:00			`password: DataTypes.VIRTUAL,`
			`passwordDigest: DataTypes.STRING,`
			`isAdmin: DataTypes.BOOLEAN,`
			`slackAccessToken: encryptedFields.vault('slackAccessToken'),`
DB migrations Google button 2018-05-29 03:31:53 +00:00			`service: { type: DataTypes.STRING, allowNull: true, unique: true },`
			`serviceId: { type: DataTypes.STRING, allowNull: true, unique: true },`
[chore] added prettier 2017-04-27 04:47:03 +00:00			`slackData: DataTypes.JSONB,`
			`jwtSecret: encryptedFields.vault('jwtSecret'),`
Backend support 2018-03-04 23:38:51 +00:00			`suspendedAt: DataTypes.DATE,`
added suspending admin email to error screen 2018-03-07 07:38:52 +00:00			`suspendedById: DataTypes.UUID,`
[chore] added prettier 2017-04-27 04:47:03 +00:00			`},`
			`{`
Backend support 2018-03-04 23:38:51 +00:00			`getterMethods: {`
			`isSuspended() {`
			`return !!this.suspendedAt;`
			`},`
			`},`
[chore] added prettier 2017-04-27 04:47:03 +00:00			`indexes: [`
			`{`
			`fields: ['email'],`
			`},`
			`],`
			`}`
			`);`
Refactor 2016-04-29 05:25:37 +00:00
Upgrade sequelize and remove unique email constraints 2017-07-12 07:28:18 +00:00			`// Class methods`
			`User.associate = models => {`
			`User.hasMany(models.ApiKey, { as: 'apiKeys' });`
			`User.hasMany(models.Document, { as: 'documents' });`
			`User.hasMany(models.View, { as: 'views' });`
			`};`

			`// Instance methods`
			`User.prototype.getJwtToken = function() {`
			`return JWT.sign({ id: this.id }, this.jwtSecret);`
			`};`
Save avatars to le cloud in beforeSave hooks Added encryption to uploads Updated icon for team settings 2018-06-01 22:00:48 +00:00
Upgrade sequelize and remove unique email constraints 2017-07-12 07:28:18 +00:00			`User.prototype.verifyPassword = function(password) {`
			`return new Promise((resolve, reject) => {`
			`if (!this.passwordDigest) {`
			`resolve(false);`
			`return;`
			`}`

			`bcrypt.compare(password, this.passwordDigest, (err, ok) => {`
			`if (err) {`
			`reject(err);`
			`return;`
			`}`

			`resolve(ok);`
			`});`
			`});`
			`};`
Save avatars to le cloud in beforeSave hooks Added encryption to uploads Updated icon for team settings 2018-06-01 22:00:48 +00:00
			`const uploadAvatar = async model => {`
			`const endpoint = publicS3Endpoint();`

			`if (model.avatarUrl && !model.avatarUrl.startsWith(endpoint)) {`
			`const newUrl = await uploadToS3FromUrl(`
			`model.avatarUrl,`
			`avatars/${model.id}/${uuid.v4()}`
			`);`
			`if (newUrl) model.avatarUrl = newUrl;`
			`}`
Upload avatar to s3 on login 2017-10-19 07:49:22 +00:00			`};`
Upgrade sequelize and remove unique email constraints 2017-07-12 07:28:18 +00:00
[chore] added prettier 2017-04-27 04:47:03 +00:00			`const setRandomJwtSecret = model => {`
Refactor 2016-04-29 05:25:37 +00:00			`model.jwtSecret = crypto.randomBytes(64).toString('hex');`
			`};`
Save avatars to le cloud in beforeSave hooks Added encryption to uploads Updated icon for team settings 2018-06-01 22:00:48 +00:00			`const hashPassword = model => {`
Added user passwords 2016-09-12 00:47:22 +00:00			`if (!model.password) {`
			`return null;`
			`}`

			`return new Promise((resolve, reject) => {`
			`bcrypt.hash(model.password, BCRYPT_COST, (err, digest) => {`
			`if (err) {`
			`reject(err);`
			`return;`
			`}`
Refactor 2016-04-29 05:25:37 +00:00
Added user passwords 2016-09-12 00:47:22 +00:00			`model.passwordDigest = digest;`
			`resolve();`
			`});`
			`});`
			`};`
			`User.beforeCreate(hashPassword);`
			`User.beforeUpdate(hashPassword);`
Save avatars to le cloud in beforeSave hooks Added encryption to uploads Updated icon for team settings 2018-06-01 22:00:48 +00:00			`User.beforeSave(uploadAvatar);`
Refactor 2016-04-29 05:25:37 +00:00			`User.beforeCreate(setRandomJwtSecret);`
Added task queue for emails 2017-12-19 04:47:48 +00:00			`User.afterCreate(user => sendEmail('welcome', user.email));`
Refactor 2016-04-29 05:25:37 +00:00
			`export default User;`