acha-framework/src/backend/models/user.js

is a modular framework on both client (angular.js) and server (node.js) side, it provides security, orm, ioc, obfuscation and ...

(function (undefined) {
  Ioc.define('backend.models.user', [
    'backend.stringHelper',
    'backend.cryptoHelper'
  ], function (provide, stringHelper, cryptoHelper) {
    provide(function (orm) {
      return {
        name: 'User',
        definitions: {
          uniqueId: {
            type: orm.database.String,
            'null': false,
            limit: 50,
            default: UUID()
          },
          provider: {
            type: orm.database.String,
            'null': true,
            limit: 50
          },
          locked: {
            type: orm.database.Boolean,
            'null': false,
            default: false
          },
          email: {
            type: orm.database.String,
            'null': false,
            index: true,
            unique: true
          },
          mobile: {
            type: orm.database.String,
            'null': true,
            index: true,
            unique: true
          },
          username: {
            type: orm.database.String,
            'null': false,
            limit: 50,
            index: true,
            unique: true
          },
          password: {
            type: orm.database.String,
            'null': false,
            limit: 100
          },
          salt: {
            type: orm.database.String,
            'null': false,
            limit: 200
          },
          lastPasswordChanged: { type: orm.database.Date },
          createdAt: {
            type: orm.database.Date,
            'null': false,
            default: Date.now
          }
        },
        patch: function (User) {
          User.prototype.validatePassword = function (password) {
            return cryptoHelper.validate_hash(this.password, this.salt, password);
          };
          User.beforeCreate = function (next) {
            this.salt = cryptoHelper.generate_salt();
            this.password = cryptoHelper.hash_with_salt(this.salt, this.password);
            next();
          };
          User.validatesPresenceOf('username', 'password', 'email');
          User.validatesUniquenessOf('email', { message: 'email is not unique' });
          User.validate('email', function (err) {
            if (!this.email || this.email.length > 100 || !stringHelper.isEmail(this.email)) {
              err();
            }
          }, { message: 'email is not valid' });
          User.validatesUniquenessOf('mobile', { message: 'mobile is not unique' });
          User.validate('mobile', function (err) {
            if (this.provider) {
              return;
            }
            if (!stringHelper.isMobile(this.mobile)) {
              err();
            }
          }, { message: 'mobile is not valid' });
          User.validatesUniquenessOf('username', { message: 'username is not unique' });
          User.validate('username', function (err) {
            if (!this.username) {
              err();
              return;
            }
            if (this.username.length < 6) {
              err();
              return;
            }
            if (stringHelper.isNumber(this.username[0])) {
              err();
              return;
            }
            if (!stringHelper.isAlphanumeric(this.username)) {
              err();
            }
          }, { message: 'username is not valid' });
        }
      };
    });
  });
}());