DEVELOPMENT ENVIRONMENT

~liljamo/felu

ref: 5774d421e3ce529080c6a381230080bd47b35d5c felu/db/users.go -rw-r--r-- 2.4 KiB
5774d421Jonni Liljamo fix: swap AuthLogin to return the handler instead 1 year, 26 days ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
/*
 * Copyright (C) 2023 Jonni Liljamo <jonni@liljamo.com>
 *
 * This file is licensed under AGPL-3.0-or-later, see NOTICE and LICENSE for
 * more information.
 */
package db

import (
	"database/sql"
	"errors"

	"github.com/matthewhartstonge/argon2"
	"github.com/oklog/ulid/v2"
)

func CreateUser(email string, pwd string) error {
	argon := argon2.DefaultConfig()
	encoded, err := argon.HashEncoded([]byte(pwd))
	if err != nil {
		return err
	}

	ulid := ulid.Make().String()

	_, err = DBConn.Exec(`INSERT INTO users(id, email, pwd) VALUES ($1, $2, $3)`,
		ulid, email, string(encoded))
	if err != nil {
		return err
	}

	return nil
}

func CreateAdmin(email string, pwd string) error {
	argon := argon2.DefaultConfig()
	encoded, err := argon.HashEncoded([]byte(pwd))
	if err != nil {
		return err
	}

	ulid := ulid.Make().String()

	_, err = DBConn.Exec(`INSERT INTO users(id, email, pwd, is_admin) VALUES ($1, $2, $3, TRUE)`,
		ulid, email, string(encoded))
	if err != nil {
		return err
	}

	return nil
}

type User struct {
	Id    string
	Email   string
	IsAdmin bool
}

func FetchUserWithCreds(email string, pwd string) (*User, error) {
	user := User{ Email: email }
	var encodedPwd string
	err := DBConn.QueryRow(`SELECT id, pwd FROM users WHERE email = $1`,
		email).Scan(&user.Id, &encodedPwd)
	if err == sql.ErrNoRows {
		return nil, errors.New("User not found")
	}
	if err != nil {
		return nil, errors.New("User query failed")
	}

	ok, err := argon2.VerifyEncoded([]byte(pwd), []byte(encodedPwd))
	if err != nil {
		return nil, errors.New("User not found")
	}
	if !ok {
		return nil, errors.New("User not found")
	}

	return &user, nil
}

func FetchUserWithId(id string) (*User, error) {
	user := User{ Id: id }
	err := DBConn.QueryRow(`SELECT email, is_admin FROM users WHERE id = $1`,
		id).Scan(&user.Email, &user.IsAdmin)
	if err == sql.ErrNoRows {
		return nil, errors.New("User not found")
	}
	if err != nil {
		return nil, errors.New("User query failed")
	}

	return &user, nil
}

func FetchAllUsers() ([]User, error) {
	rows, err := DBConn.Query(`SELECT id, email, is_admin FROM users`)
	if err != nil {
		return nil, err
	}
	defer rows.Close()

	var users []User
	for rows.Next() {
		var user User
		err = rows.Scan(&user.Id, &user.Email, &user.IsAdmin)
		if err != nil {
			return nil, err
		}
		users = append(users, user)
	}
	err = rows.Err()
	if err != nil {
		return nil, err
	}

	return users, nil
}