Add template for database update script, work on password recovery

2014-01-27 18:23:31 -06:00 · 2014-01-27 18:23:31 -06:00 · 447a70be98
parent 8b0c370ad0
commit 447a70be98
3 changed files with 65 additions and 2 deletions
--- a/lib/database.js
+++ b/lib/database.js
@ -148,7 +148,7 @@ module.exports.initGlobalTables = function () {
            return;
        }

-        // TODO select/update appropriate values
+        require("./dbupdate").checkVersion();
    });
 };

@ -268,6 +268,10 @@ module.exports.addPasswordReset = function (data, cb) {
                         [ip, name, email, hash, expire, ip, hash, email, expire], cb);
 };

+module.exports.deletePasswordReset = function (hash) {
+    module.exports.query("DELETE FROM `password_reset` WHERE hash=?", [hash]);
+};
+
 /*
 module.exports.genPasswordReset = function (ip, name, email, callback) {
    if(typeof callback !== "function")
--- a/lib/dbupdate.js
+++ b/lib/dbupdate.js
@ -0,0 +1,36 @@
+var db = require("./database");
+var Logger = require("./logger");
+
+const DB_VERSION = 1;
+
+module.exports.checkVersion = function () {
+    db.query("SELECT `key`,`value` FROM `meta` WHERE `key`=?", ["db_version"], function (err, rows) {
+        if (err) {
+            return;
+        }
+
+        if (rows.length === 0) {
+            Logger.errlog.log("[Warning] db_version key missing from database.  Setting " +
+                              "db_version=" + DB_VERSION);
+            db.query("INSERT INTO `meta` (`key`, `value`) VALUES ('db_version', ?)",
+                     [DB_VERSION],
+                     function (err) {
+            });
+        } else {
+            var v = parseInt(rows[0].value);
+            var next = function () {
+                if (v < DB_VERSION) {
+                    update(v++, next);
+                } else {
+                    db.query("UPDATE `meta` SET `value`=? WHERE `key`='db_version'",
+                             [DB_VERSION]);
+                }
+            };
+            update(v++, next);
+        }
+    });
+};
+
+function update(version, cb) {
+    setImmediate(cb);
+}
--- a/lib/web/account.js
+++ b/lib/web/account.js
@ -609,7 +609,30 @@ function handlePasswordRecover(req, res) {
            return;
        }

-        // TODO actual reset
+        var newpw = "";
+        const avail = "abcdefgihkmnpqrstuvwxyz0123456789";
+        for (var i = 0; i < 10; i++) {
+            newpw += avail[Math.floor(Math.random() * avail.length)];
+        }
+        db.users.setPassword(row.name, newpw, function (err) {
+            if (err) {
+                sendJade(req, "account-passwordrecover", {
+                    recovered: false,
+                    recoverErr: "Database error.  Please contact an administrator if " +
+                                "this persists.",
+                    loginName: false
+                });
+                return;
+            }
+
+            db.deletePasswordReset(hash);
+
+            sendJade(req, "account-passwordrecover", {
+                recovered: true,
+                recoverPw: newpw,
+                loginName: false
+            });
+        });
    });
 }