Account settings page.

2026-02-08 22:57:12 +01:00 · 2020-08-08 23:48:43 -07:00 · 2020-08-08 23:48:43 -07:00 · b5cf9f8719
commit b5cf9f8719
parent 58a1be7a30
32 changed files with 597 additions and 162 deletions
--- a/lib/crypto.js
+++ b/lib/crypto.js
@ -3,6 +3,7 @@ import { v4, v5, validate } from 'uuid';
 import bcrypt from 'bcrypt';
 import { JWT, JWE, JWK } from 'jose';

+const SALT_ROUNDS = 10;
 const KEY = JWK.asKey(Buffer.from(secret()));

 export function hash(...args) {
@ -23,6 +24,10 @@ export function isValidId(s) {
  return validate(s);
 }

+export function hashPassword(password) {
+  return bcrypt.hash(password, SALT_ROUNDS);
+}
+
 export function checkPassword(password, hash) {
  return bcrypt.compare(password, hash);
 }
--- a/lib/db.js
+++ b/lib/db.js
@ -124,8 +124,8 @@ export async function getSession({ session_id, session_uuid }) {
  return runQuery(
    prisma.session.findOne({
      where: {
-        ...(session_id && { session_id }),
-        ...(session_uuid && { session_uuid }),
+        session_id,
+        session_uuid,
      },
    }),
  );
@ -174,16 +174,53 @@ export async function saveEvent(website_id, session_id, url, event_type, event_v
  );
 }

-export async function getAccount(username = '') {
+export async function getAccounts() {
+  return runQuery(prisma.account.findMany());
+}
+
+export async function getAccount({ user_id, username }) {
  return runQuery(
    prisma.account.findOne({
      where: {
        username,
+        user_id,
      },
    }),
  );
 }

+export async function updateAccount(user_id, data) {
+  return runQuery(
+    prisma.account.update({
+      where: {
+        user_id,
+      },
+      data,
+    }),
+  );
+}
+
+export async function deleteAccount(user_id) {
+  return runQuery(
+    /* Prisma bug, does not cascade on non-nullable foreign keys
+    prisma.account.delete({
+      where: {
+        user_id,
+      },
+    }),
+     */
+    prisma.queryRaw(`delete from account where user_id=$1`, user_id),
+  );
+}
+
+export async function createAccount(data) {
+  return runQuery(
+    prisma.account.create({
+      data,
+    }),
+  );
+}
+
 export async function getPageviews(website_id, start_at, end_at) {
  return runQuery(
    prisma.pageview.findMany({
--- a/lib/session.js
+++ b/lib/session.js
@ -4,6 +4,11 @@ import { uuid, isValidId, parseToken } from 'lib/crypto';

 export async function verifySession(req) {
  const { payload } = req.body;
+
+  if (!payload) {
+    throw new Error('Invalid request');
+  }
+
  const { website: website_uuid, hostname, screen, language, session } = payload;

  const token = await parseToken(session);
--- a/lib/web.js
+++ b/lib/web.js
@ -11,7 +11,7 @@ export const apiRequest = (method, url, body) =>
    if (res.ok) {
      return res.json();
    }
-    return null;
+    return res.text();
  });

 function parseQuery(url, params = {}) {