dbconn.user.query('INSERT INTO user SET ?',data.profile,function(err,results,fields){
if(err){
returndbconn.user.rollback(function(){
throwerr
});
}
varnewUserId=results.insertId
// set password
varcredentialData={
user_id:newUserId,
password:data.password
}
dbconn.user.query('INSERT INTO credential SET ?',credentialData,function(err,results,fields){
if(err){
returndbconn.user.rollback(function(){
throwerr
});
}
// set default user-project-role
varprojectRoleData={
project_id:1,//M4_LAB
role_id:2,// USER
user_id:newUserId
}
dbconn.user.query('INSERT INTO user_project_role SET ?',projectRoleData,function(err,results,fields){
if(err){
returndbconn.user.rollback(function(){
throwerr
});
}
// COMMIT
dbconn.user.commit(function(err){
if(err){
returndbconn.user.rollback(function(){
throwerr
});
}
});
})
});
});
callback(err)
})
},
getUserByEmail:function(email,callback){
dbconn.user.query('SELECT title, firstname, lastname, industry, organisation, speciality FROM user WHERE email = "'+email+'"',function(err,rows,fields){
if(err){
throwerr;
}
else{
if(rows.length>0){
user=rows[0];
}
}
callback(user,err);
});
},
checkUserEmail:function(email,callback){
varuser;
dbconn.user.query('SELECT email FROM user WHERE email = "'+email+'"',function(err,rows,fields){
dbconn.user.query('SELECT id, email FROM user WHERE email = "'+email+'"',function(err,rows,fields){
if(err){
throwerr;
}
...
...
@@ -22,7 +85,7 @@ var methods = {
},
checkUserToken:function(token,callback){
varuser;
dbconn.user.query('SELECT email FROM user WHERE resetPasswordToken = "'+token+'" and resetPasswordExpires > '+Date.now(),function(err,rows,fields){
dbconn.user.query('SELECT user_id FROM credential WHERE resetPasswordToken = "'+token+'" and resetPasswordExpires > '+Date.now(),function(err,rows,fields){
if(err){
throwerr;
}
...
...
@@ -40,8 +103,8 @@ var methods = {
callback(err);
})
},
updatePassword:function(hash,email,callback){
dbconn.user.query('UPDATE user SET password = "'+hash+'" WHERE email = "'+email+'"',function(err,rows,fields){
updateCredential:function(data,callback){
dbconn.user.query('UPDATE credential SET ? WHERE user_id = '+data.user_id,data,function(err,rows,fields){