1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
package user
import (
"context"
"errors"
"fmt"
"strings"
"github.com/LMBishop/confplanner/pkg/database/sqlc"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgconn"
"github.com/jackc/pgx/v5/pgxpool"
"golang.org/x/crypto/bcrypt"
)
type Service interface {
CreateUser(username string, password string) (*sqlc.User, error)
GetUserByName(username string) (*sqlc.User, error)
GetUserByID(id int32) (*sqlc.User, error)
Authenticate(username string, password string) (*sqlc.User, error)
}
var (
ErrUserExists = errors.New("user already exists")
ErrUserNotFound = errors.New("user not found")
ErrNotAcceptingRegistrations = errors.New("not currently accepting registrations")
)
type service struct {
pool *pgxpool.Pool
acceptingRegistrations bool
}
func NewService(pool *pgxpool.Pool, acceptingRegistrations bool) Service {
return &service{
pool: pool,
acceptingRegistrations: acceptingRegistrations,
}
}
func (s *service) CreateUser(username string, password string) (*sqlc.User, error) {
if !s.acceptingRegistrations {
return nil, ErrNotAcceptingRegistrations
}
queries := sqlc.New(s.pool)
var passwordBytes = []byte(password)
hash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.DefaultCost)
if err != nil {
return nil, fmt.Errorf("could not hash password: %w", err)
}
user, err := queries.CreateUser(context.Background(), sqlc.CreateUserParams{
Username: strings.ToLower(username),
Password: string(hash),
})
if err != nil {
var pgErr *pgconn.PgError
if errors.As(err, &pgErr) && pgErr.Code == "23505" {
return nil, ErrUserExists
}
return nil, fmt.Errorf("could not create user: %w", err)
}
return &user, nil
}
func (s *service) GetUserByName(username string) (*sqlc.User, error) {
queries := sqlc.New(s.pool)
user, err := queries.GetUserByName(context.Background(), username)
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
return nil, ErrUserNotFound
}
return nil, fmt.Errorf("could not fetch user: %w", err)
}
return &user, nil
}
func (s *service) GetUserByID(id int32) (*sqlc.User, error) {
queries := sqlc.New(s.pool)
user, err := queries.GetUserByID(context.Background(), id)
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
return nil, ErrUserNotFound
}
return nil, fmt.Errorf("could not fetch user: %w", err)
}
return &user, nil
}
func (s *service) Authenticate(username string, password string) (*sqlc.User, error) {
random, err := bcrypt.GenerateFromPassword([]byte("00000000"), bcrypt.DefaultCost)
if err != nil {
return nil, err
}
user, err := s.GetUserByName(username)
if err != nil {
if errors.Is(err, ErrUserNotFound) {
bcrypt.CompareHashAndPassword(random, []byte(password))
return nil, nil
}
return nil, err
}
if err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); err != nil {
if errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) {
return nil, nil
}
return nil, err
}
return user, nil
}
|
