rewrite user creation and authentication in database

bin/mongodb/play21.js

@@ -1,6 +1,9 @@
 // user.settings should not be an empty array, but an empty object
-db.user2.find({settings:[]}).forEach(function(user) {
-  db.user2.update({'_id': user['_id']}, {'$set':{settings:{}}});
+db.user2.find({settings:{'$in':[{},[]]}}).forEach(function(user) {
+  db.user2.update({'_id': user['_id']}, {'$unset':{settings:true}});
+});
+db.user2.find({roles:{'$in':[{},[]]}}).forEach(function(user) {
+  db.user2.update({'_id': user['_id']}, {'$unset':{roles:true}});
 });
 db.lobby_room.drop();
 db.createCollection("lobby_room",{capped:true,size:50000})

modules/user/src/main/User.scala

@@ -73,5 +73,7 @@ object User {
     "isChatBan" -> false,
     "settings" -> Json.obj(),
     "engine" -> false,
-    "toints" -> 0)
+    "toints" -> 0,
+    "settings" -> Json.obj(),
+    "roles" -> Json.arr())
 }

modules/user/src/main/UserRepo.scala

@@ -70,28 +70,35 @@ object UserRepo {
   def saveSetting(id: ID, key: String, value: String): Funit =
     $update($select(id), $set(("settings." + key) -> value))
 
-  def authenticate(id: ID, password: String): Fu[Option[User]] = for {
-    greenLight ← checkPassword(id, password)
-    if greenLight
-    userOption ← $find byId id
-  } yield userOption
+  def authenticate(id: ID, password: String): Fu[Option[User]] =
+    checkPassword(id, password) flatMap { _ ?? ($find byId id) }
 
   private case class AuthData(password: String, salt: String, enabled: Boolean, sha512: Boolean) {
     def compare(p: String) = password == sha512.fold(hash512(p, salt), hash(p, salt))
   }
 
-  def checkPassword(id: ID, password: String): Fu[Boolean] = for {
-    dataOption ← $projection.one($select(id), Seq("password", "salt", "enabled", "sha512")) { obj ⇒
-      (Json.reads[AuthData] reads obj).asOpt
+  private object AuthData {
+
+    import lila.db.Tube.Helpers._
+    import play.api.libs.json._
+
+    private def defaults = Json.obj("sha512" -> false)
+
+    lazy val reader = (__.json update merge(defaults)) andThen Json.reads[AuthData]
+  }
+
+  def checkPassword(id: ID, password: String): Fu[Boolean] =
+    $projection.one($select(id), Seq("password", "salt", "enabled", "sha512")) { obj ⇒
+      (AuthData.reader reads obj).asOpt
+    } map {
+      _ zmap (data ⇒ data.enabled && data.compare(password))
     }
-  } yield dataOption zmap (data ⇒ data.enabled && data.compare(password))
 
   def create(username: String, password: String): Fu[Option[User]] = for {
-    existing ← $count exists normalize(username)
-    userOption ← existing.fold(
-      fuccess(none),
-      $insert(newUser(username, password)) >> ($find byId normalize(username))
-    )
+    exists ← $count exists normalize(username)
+    userOption ← !exists ?? {
+      $insert(newUser(username, password)) >> named(normalize(username))
+    }
   } yield userOption
 
   def countEnabled: Fu[Int] = $count(enabledQuery)
@@ -182,7 +189,6 @@ object UserRepo {
       "nbLossesH" -> 0,
       "nbDrawsH" -> 0,
       "enabled" -> true,
-      "roles" -> Json.obj(),
       "createdAt" -> $date(DateTime.now))
   }