javascript 这是Sequelize用户模型,具有令牌授权。通用盐与密码一起存储。

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了javascript 这是Sequelize用户模型,具有令牌授权。通用盐与密码一起存储。相关的知识,希望对你有一定的参考价值。

module.exports = function(sequelize, DataTypes) {
  var
    User;

  User = sequelize.define('User', {
      name: {
        type: DataTypes.STRING,
        unique: false,
        allowNull: true
      },
      avatar: {
        type: DataTypes.STRING
      },
      email: {
        type: DataTypes.STRING,
        unique: true,
        allowNull: false
      },
      company: {
        type: DataTypes.STRING
      },
      password: {
        type: DataTypes.STRING,
        allowNull: false,
        set: function (plain_password) {
          this.setDataValue('salt', crypto.randomBytes(saltLength).toString('hex'));
          this.setDataValue('password', this.encryptPassword(plain_password));
          this.token = User.generateToken();
        }
      },
      tempPassword: {
        type: DataTypes.STRING
      },
      status: {
        type: DataTypes.ENUM('new', 'confirmed', 'active', 'disabled'),
        defaultValue: 'new'
      },
      isAdmin: {
        type: DataTypes.BOOLEAN,
        defaultValue: false
      },
      salt: {
        type: DataTypes.STRING
      },
      token: {
        type: DataTypes.STRING,
        set: function (newToken) {
          this.setDataValue('token', newToken);
          this.tokenCreatedAt = Date.now();
        }
      },
      tokenCreatedAt: {
        type: DataTypes.DATE
      }
    },
    {
      instanceMethods: {
        encryptPassword: function (plain) {
          return crypto.createHmac('sha1', this.salt).update(plain).digest('hex');
        },
        isTokenOutdated: function() {
          var
            currentDate = new Date(),
            tokenAge = (currentDate - this.tokenCreatedAt) / 1000;

          return tokenAge > config.authorization.token_out_of_date;
        },
        createToken: function () {

          if (!this.token || this.isTokenOutdated()) {
            this.token = User.generateToken();
            this.save();
          }

          return this.token;
        },
        removeAvatar: function() {
          if (this.avatar) {
            fs.unlink(pathService.absFile(user.avatar), function(err) {
              // doing nothing
            });
          }
        }
      },
      classMethods: {
        createNewUser: function(user) {
          return User.create({
            name: user.name,
            company: user.company,
            email: user.email,
            password: this.generatePassword(),
            tempPassword: this.generatePassword()
          });
        },
        generatePassword: function() {
          return crypto.randomBytes(tempPasswordLength).toString('hex');
        },
        generateToken: function() {
          return crypto.randomBytes(tokenLength).toString('hex');
        },
        authorization: function(email, password, done) {
          User.findOne({
            where: {
              email: email
            }
          }).then(function(foundUser) {
            if (!foundUser) {
              done('User not found')
            } else if (foundUser.status === 'confirmed' && foundUser.tempPassword === password) {
              done(null, {
                confirmed: true,
                token: foundUser.createToken()
              });
            } else if (foundUser.password !== foundUser.encryptPassword(password)) {
              done('Incorrect password');
            } else if (foundUser.status !== 'active') {
              done('This user isn\'t confirmed by admin or account has been locked');
            } else {
              done(null, {
                name: foundUser.name,
                email: foundUser.email,
                isAdmin: foundUser.isAdmin,
                token: foundUser.createToken()
              });
            }
          }, done);
        },
        authByToken: function(token, done) {
          User.findOne({
            where: {
              token: token
            }
          }).then(function(foundUser) {
            return done(null, (!foundUser || foundUser.isTokenOutdated()) ? false : foundUser);
          }, done);
        },
        findByToken: function(token) {
          return User.findOne({
            where: {
              token: token
            }
          });
        },
        associate: function (models) {
          User.hasMany(models.Client);
        }
      },
      hooks: {
        beforeDestroy: function(user) {
          user.removeAvatar();
        }
      }
    });

  return User;
};

以上是关于javascript 这是Sequelize用户模型,具有令牌授权。通用盐与密码一起存储。的主要内容,如果未能解决你的问题,请参考以下文章

[usedIf在数据库中时,sequelize findOne找不到用户标识

Sequelize 错误处理和代码优化

用户如何使用 sequelize postgres nodejs 互相喜欢和不同?

javascript Sequelize命令db

javascript Sequelize嵌套包含

javascript Sequelize嵌套包含