view src/lib/User.luan @ 57:169ac5fdb320

add change email
author Franklin Schmidt <fschmidt@gmail.com>
date Mon, 28 Nov 2022 23:47:19 -0700
parents 7ce54f6d93f2
children 31c895b73bd0
line wrap: on
line source

local Luan = require "luan:Luan.luan"
local error = Luan.error
local set_metatable = Luan.set_metatable or error()
local type = Luan.type or error()
local to_string = Luan.to_string or error()
local range = Luan.range or error()
local set_local_only = Luan.set_local_only or error()
local get_local_only = Luan.get_local_only or error()
local String = require "luan:String.luan"
local sub_string = String.sub or error()
local to_number = String.to_number or error()
local regex = String.regex or error()
local Table = require "luan:Table.luan"
local concat = Table.concat or error()
local Math = require "luan:Math.luan"
local random = Math.random or error()
local Time = require "luan:Time.luan"
local time_now = Time.now or error()
local Html = require "luan:Html.luan"
local html_encode = Html.encode or error()
local Number = require "luan:Number.luan"
local long = Number.long or error()
local Lucene = require "luan:lucene/Lucene.luan"
local lucene_quote = Lucene.quote or error()
local Http = require "luan:http/Http.luan"
local Db = require "site:/lib/Db.luan"
local run_in_transaction = Db.run_in_transaction or error()


local User = {}

local users_by_id = {}

local function from_doc(doc)
	doc.type == "user" or error "wrong type"
	local user = User.new {
		id = doc.id
		email = doc.user_email
		password = doc.password
		name = doc.user_name
		created = doc.created
		hidden_password = doc.hidden_password
	}
	set_local_only(users_by_id,user.id,user)
	return user
end

local function to_doc(user)
	local email = user.email
	return {
		type = "user"
		id = user.id
		user_email = email
		password = user.password
		user_name = user.name
		created = user.created or time_now()
		hidden_password = user.hidden_password
	}
end

local metatable = {}
function metatable.__index(user,key)
	if key == "name_html" then
		user.name_html = html_encode(user.name)
		return user.name_html
	end
	return nil
end

function User.new(user)

	function user.save()
		local doc = to_doc(user)
		Db.save(doc)
		user.id = doc.id
	end

	function user.reload()
		return User.get_by_id(user.id) or error(user.id)
	end

	function user.login()
		local id = to_string(user.id)
		Http.response.set_persistent_cookie("user",id)
		Http.response.set_persistent_cookie("password",user.password)
		Http.request.cookies.user = id
		Http.request.cookies.password = user.password or error()
	end

	set_metatable(user,metatable)
	return user
end

local function get_by_id(id)
	if type(id) == "string" then
		id = to_number(id)
		if id == nil then return nil end
	end
	id = long(id)
	if not Db.is_in_transaction() then
		local user = get_local_only(users_by_id,id)
		if user ~= nil then return user end
	end
	local doc = Db.get_document("id:"..id)
	return doc and from_doc(doc)
end
User.get_by_id = get_by_id

function User.get_by_email(email)
	local doc = Db.get_document("user_email:"..lucene_quote(email))
	return doc and from_doc(doc)
end

function User.get_by_name(name)
	local doc = Db.get_document("user_name:"..lucene_quote(name))
	return doc and from_doc(doc)
end

function User.current()
	local id = Http.request.cookies.user
	local password = Http.request.cookies.password
	if id == nil or password == nil then
		return nil
	end
	local user = get_by_id(id)
	if user == nil or user.password ~= password then
		return nil
	end
	return user
end

function User.current_required()
	local user = User.current()
	user or Http.response.send_redirect "/login.html"
	return user
end

local password_chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
do
	local t = {}
	for i in range(1,#password_chars) do
		t[#t+1] = sub_string(password_chars,i,i)
	end
	password_chars = t
end	

local function new_password()
	local n = #password_chars
	local t = {}
	for _ in range(1,10) do
		t[#t+1] = password_chars[random(n)]
	end
	return concat(t)
end
User.new_password = new_password

function User.get_or_create_by_email(email,change_password)
	local user = User.get_by_email(email)
	if user == nil then
		run_in_transaction( function()
			user = User.new{ email=email, password=new_password() }
			user.save()
		end )
	elseif change_password then
		run_in_transaction( function()
			user = user.reload()
			user.password = new_password()
			user.save()
		end )
	end
	return user
end

User.name_regex = regex "^[a-zA-Z0-9_-]+$"

return User