From 3546ddcc4340a991be76fb1d4dc3ecdbdfe580f0 Mon Sep 17 00:00:00 2001 From: Evert Date: Fri, 22 Sep 2017 23:59:43 +0300 Subject: [PATCH] add UUIDs to users as another way of identification --- migrations/20170922234831_cleanup.js | 22 ++++++++++++++++++++++ server/api/external.js | 4 +++- server/api/index.js | 2 ++ server/routes/index.js | 12 ++++++------ server/routes/oauth2.js | 1 + 5 files changed, 34 insertions(+), 7 deletions(-) create mode 100644 migrations/20170922234831_cleanup.js diff --git a/migrations/20170922234831_cleanup.js b/migrations/20170922234831_cleanup.js new file mode 100644 index 0000000..8baf236 --- /dev/null +++ b/migrations/20170922234831_cleanup.js @@ -0,0 +1,22 @@ + +exports.up = function (knex, Promise) { + return Promise.all([ + knex.schema.table('users', (table) => { + table.string('uuid', 36) + }), + knex.schema.table('news', (table) => { + table.dropColumn('slug') + }) + ]) +} + +exports.down = function (knex, Promise) { + return Promise.all([ + knex.schema.table('users', (table) => { + table.dropColumn('uuid') + }), + knex.schema.table('news', (table) => { + table.string('slug') + }) + ]) +} diff --git a/server/api/external.js b/server/api/external.js index d6311c3..e45097b 100644 --- a/server/api/external.js +++ b/server/api/external.js @@ -6,6 +6,7 @@ import qs from 'querystring' import oauth from 'oauth-libre' import path from 'path' import url from 'url' +import uuidV1 from 'uuid/v1' const imgdir = path.join(__dirname, '../../', 'usercontent', 'images') @@ -48,7 +49,8 @@ const API = { let udataLimited = Object.assign({ activated: 1, created_at: new Date(), - updated_at: new Date() + updated_at: new Date(), + uuid: uuidV1() }, data) // Check if the username is already taken diff --git a/server/api/index.js b/server/api/index.js index 575225d..312b169 100644 --- a/server/api/index.js +++ b/server/api/index.js @@ -8,6 +8,7 @@ import crypto from 'crypto' import notp from 'notp' import base32 from 'thirty-two' import emailer from './emailer' +import uuidV1 from 'uuid/v1' import Promise from 'bluebird' const fs = Promise.promisifyAll(require('fs')) @@ -350,6 +351,7 @@ const API = { let data = Object.assign(regdata, { created_at: new Date(), updated_at: new Date(), + uuid: uuidV1(), activated: email ? 0 : 1 }) diff --git a/server/routes/index.js b/server/routes/index.js index 73b96c8..afe8c7b 100644 --- a/server/routes/index.js +++ b/server/routes/index.js @@ -655,9 +655,9 @@ function newsPrivilege (req, res, next) { next() } -router.get('/news/compose', newsPrivilege, formKeep, wrap(async (req, res) => { +router.get('/news/compose', newsPrivilege, formKeep, (req, res) => { res.render('news/composer') -})) +}) router.post('/news/compose', newsPrivilege, wrap(async (req, res) => { if (req.body.csrf !== req.session.csrf) { @@ -708,11 +708,11 @@ router.get('/news/', wrap(async (req, res) => { })) // Render partials -router.get('/partials/:view', wrap(async (req, res, next) => { +router.get('/partials/:view', (req, res, next) => { if (!req.params.view) return next() res.render('user/partials/' + req.params.view) -})) +}) /* ========= @@ -720,10 +720,10 @@ router.get('/partials/:view', wrap(async (req, res, next) => { ========= */ -router.get('/logout', wrap(async (req, res) => { +router.get('/logout', (req, res) => { req.session.destroy() res.redirect('/') -})) +}) // User activation endpoint (emailed link) router.get('/activate/:token', wrap(async (req, res) => { diff --git a/server/routes/oauth2.js b/server/routes/oauth2.js index 77794be..073d636 100644 --- a/server/routes/oauth2.js +++ b/server/routes/oauth2.js @@ -41,6 +41,7 @@ router.get('/user', oauth.bearer, wrap(async (req, res) => { let udata = { id: user.id, + uuid: user.uuid, username: user.username, display_name: user.display_name, avatar_file: user.avatar_file