Constructor
new Account(json, source)
In a server-side application, there are two instantiation scenarios: one where the input is provided by the client, and the other where the input is provided by the database.
Client-side input is always lighter than database-side input, since auto-generated
properties such as _id are missing in the client-side variant. Moreover, client-side
input may contain less information than database-side input as some sensitive properties
such as password, salt, etc. are never revealed to the client side.
As such, we need a way to track the source of input and proceed with instantiation
accordingly. This source parameter serves exactly this purpose.
Parameters:
| Name | Type | Description |
|---|---|---|
json |
any | Input JSON |
source |
Source | Input source. See |
- Source:
Members
isDeleted
Flag used to soft-delete an account. Accounts are never deleted permanently. This
is for administrative and data analytics reasons. When a user submits a account
deletion request, this flag is set to true and the recoverBy date is set to 14
days ahead.
If a user logs into their account within those 14 days, the deletion hold is lifted
and this flag is set to false again.
- Source:
Methods
AddPoints(points, reason)
Adds loyalty points to the account.
Parameters:
| Name | Type | Description |
|---|---|---|
points |
number | Number of points to be awarded |
reason |
string | Reason for the generosity |
- Source:
AddReferral(id)
Adds a referral to the account's referrals list
Parameters:
| Name | Type | Description |
|---|---|---|
id |
string | User |
- Source:
CanAuthenticateUsing(password) → {boolean}
Salts the given password using the salt used at account creation,
and then compares the hash with the hashed password stored in the
database.
Parameters:
| Name | Type | Description |
|---|---|---|
password |
string | Client-provided password |
- Source:
Returns:
true if the password is correct, otherwise false
- Type
- boolean
Delete()
Puts the account into a 14-day deletion hold by setting isDeleted to true
and setting the account recoverBy date to 14-days from now.
- Source:
Export() → {string}
Exports the Account object to a shareable JSON string. Used to compose
HTTP response bodies. Prevents sensitive information such as password, salt etc.
from leaking onto client-side.
- Source:
Returns:
A stringified, sanitised version of the Account instance
- Type
- string
RedeemPoints(points, reason)
Redeems the given number of points. Throws an error if available
points are fewer than the points requested.
Parameters:
| Name | Type | Description |
|---|---|---|
points |
number | Numbe of points to be redeemed |
reason |
string | Purpose of redemption |
- Source:
RemoveReferral(id)
Removes a referral from the account's referral list. This is used only when a referral decides to permanently delete their account.
Parameters:
| Name | Type | Description |
|---|---|---|
id |
string | User |
- Source:
ResetPassword(newPass)
Changes the existing account password to newPass. This also changes the
salt used before hashing.
Parameters:
| Name | Type | Description |
|---|---|---|
newPass |
string | New password |
- Source:
Returns:
A tuple of the form (salt, newPassword)
SetOTP()
Generates a random 6-digit number and stores it in database as a verification code.
- Source:
SetReferrer(id)
Sets referredBy to the _id of the user who referred this user to
Magic Batua.
Parameters:
| Name | Type | Description |
|---|---|---|
id |
string | User |
- Source:
Undelete()
Removes the deletion hold on the account by setting isDeleted to false and
setting the account recoverBy date to undefined.
- Source:
UnsetOTP()
Sets the verification code otp to undefined after a successful verification
- Source: