UNPKG

@kapvm/create-express-app

Version:

A CLI tool to scaffold an Express.js boilerplate project

133 lines (112 loc) 3.25 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
const crypto = require('crypto'); const mongoose = require('mongoose'); const validator = require('validator'); const bcrypt = require('bcryptjs'); //modeling the database collection const userSchema = new mongoose.Schema({ name: { type: String, require: [true, 'User must enter name'], }, email: { type: String, required: [true, 'User must enter email'], unique: [true, 'Email already in use'], lowercase: true, validate: [validator.isEmail, 'Please enter a valid email'], }, photo: { type: String, default: 'default.jpg', }, password: { type: String, required: [true, 'User must enter password'], minlength: 8, maxlength: 64, select: false, }, passwordConfirm: { type: String, required: [true, 'User must enter password'], minlength: 8, maxlength: 64, validate: { validator: function (val) { return this.password === val; }, message: 'Password and Password Confirm must be same', }, }, passwordChangedAt: { type: Date, }, passwordResetToken: String, passwordResetExpires: Date, active: { type: Boolean, default: true, select: false, }, deletedAt: { type: Date, }, createdAt: { type: Date, default: Date.now(), }, }); //LABEL // HOOKS //=> Password Encryption logic userSchema.pre('save', async function (next) { if (!this.isModified('password')) return next(); this.password = await bcrypt.hash(this.password, 12); this.passwordConfirm = undefined; }); //=> set password changed at property dynamically userSchema.pre('save', function (next) { if (!this.isModified('password') || this.isNew) return next(); this.passwordChangedAt = Date.now() - 1000; next(); }); //=> filter to get only active users userSchema.pre(/^find/g, function (next) { this.find({ active: { $ne: false } }); next(); }); //LABEL // Methods //=> check if user entered password is correct or not (return false if not same) userSchema.methods.checkPassword = async function ( candidatePassword, userPassword, ) { //candidatePassword = password that is entered by user in forms (from req) //userPassword = password that is stored in db (actual password) //Use the 'bcrypt' package's compare method, which compares both strings even if either is encrypted return await bcrypt.compare(candidatePassword, userPassword); }; //=> method to check if password is changed after the token generated or not userSchema.methods.isPasswordChangedAfter = function (JWTTokenTime) { if (this.passwordChangedAt) { const passwordChangedTime = parseInt( this.passwordChangedAt.getTime() / 1000, ); return JWTTokenTime < passwordChangedTime; } return false; }; //=> getting the password reset token [simply generating and returning the token] userSchema.methods.getPasswordResetToken = function () { const resetToken = crypto.randomBytes(32).toString('hex'); this.passwordResetToken = crypto .createHash('sha256') .update(resetToken) .digest('hex'); this.passwordResetExpires = Date.now() + 10 * 60 * 1000; return resetToken; }; //=> creating the collection const User = mongoose.model('User', userSchema); module.exports = User;