package models import ( "smt/utils/token" "errors" "log" "net/http" "github.com/gin-gonic/gin" "golang.org/x/crypto/bcrypt" ) type User struct { UserId int `db:"UserId"` RoleId int `db:"RoleId"` UserName string `db:"UserName"` Password string `db:"Password" json:"-"` } type UserRole struct { User RoleName string `db:"RoleName"` ReadOnly bool `db:"ReadOnly"` Admin bool `db:"Admin"` } func (u *User) SaveUser() (*User, error) { var err error // Validate username not already in use _, err = GetUserByName(u.UserName) if err != nil && err.Error() == "user not found" { log.Printf("SaveUser confirmed no existing user, continuing with creation of user '%s'\n", u.UserName) result, err := db.NamedExec((`INSERT INTO users (RoleId, UserName, Password) VALUES (:RoleId, :UserName, :Password)`), u) if err != nil { log.Printf("SaveUser error executing sql record : '%s'\n", err) return &User{}, err } else { affected, _ := result.RowsAffected() id, _ := result.LastInsertId() log.Printf("SaveUser insert returned result id '%d' affecting %d row(s).\n", id, affected) } } else { log.Printf("SaveUser Username already exists : '%v'\n", err) } return u, nil } func VerifyPassword(password, hashedPassword string) error { log.Printf("VerifyPassword comparing input against hashed value '%s'\n", hashedPassword) return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password)) } func LoginCheck(username string, password string) (string, error) { var err error u := User{} // Query database for matching user object err = db.QueryRowx("SELECT * FROM Users WHERE Username=?", username).StructScan(&u) log.Printf("LoginCheck retrieved user '%v' from database\n", u) if err != nil { return "", err } err = VerifyPassword(password, u.Password) if err != nil && err == bcrypt.ErrMismatchedHashAndPassword { log.Printf("LoginCheck says password doesn't match stored hash.\n") return "", err } else { log.Printf("LoginCheck verified password against stored hash.\n") } token, err := token.GenerateToken(uint(u.UserId)) if err != nil { log.Printf("LoginCheck error generating token : '%s'\n", err) return "", err } return token, nil } func GetUserByID(uid uint) (User, error) { var u User // Query database for matching user object err := db.QueryRowx("SELECT * FROM users WHERE UserId=?", uid).StructScan(&u) if err != nil { return u, errors.New("user not found") } /* if err := DB.First(&u, uid).Error; err != nil { return u, errors.New("User not found!") } */ //u.PrepareGive() return u, nil } func GetUserByName(username string) (User, error) { var u User // Query database for matching user object err := db.QueryRowx("SELECT * FROM users WHERE UserName=?", username).StructScan(&u) if err != nil { return u, errors.New("user not found") } return u, nil } func GetUserRoleByID(uid uint) (UserRole, error) { var ur UserRole // Query database for matching user object log.Printf("GetUserRoleByID querying for userid '%d'\n", uid) err := db.QueryRowx("SELECT users.UserId, users.RoleId, users.UserName, users.Password, roles.RoleName, roles.ReadOnly, roles.Admin FROM users INNER JOIN roles ON users.RoleId = roles.RoleId WHERE users.UserId=?", uid).StructScan(&ur) if err != nil { log.Printf("GetUserRoleByID received error when querying database : '%s'\n", err) return ur, errors.New("GetUserRoleByID user not found") } return ur, nil } func GetUserRoleFromToken(c *gin.Context) (UserRole, error) { var ur UserRole user_id, err := token.ExtractTokenID(c) if err != nil { c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) return ur, err } // Query database for matching user object log.Printf("GetUserRoleFromToken querying for userid '%d'\n", user_id) err = db.QueryRowx("SELECT users.UserId, users.RoleId, users.UserName, users.Password, roles.RoleName, roles.ReadOnly, roles.Admin FROM users INNER JOIN roles ON users.RoleId = roles.RoleId WHERE users.UserId=?", user_id).StructScan(&ur) if err != nil { log.Printf("GetUserRoleFromToken received error when querying database : '%s'\n", err) return ur, errors.New("GetUserRoleFromToken user not found") } return ur, nil } func QueryUsers() ([]User, error) { var results []User // Query database for role definitions rows, err := db.Queryx("SELECT * FROM users") if err != nil { log.Printf("QueryUsers error executing sql record : '%s'\n", err) return results, err } else { // parse all the results into a slice for rows.Next() { var u User err = rows.StructScan(&u) if err != nil { log.Printf("QueryUsers error parsing sql record : '%s'\n", err) return results, err } results = append(results, u) } log.Printf("QueryUsers retrieved '%d' results\n", len(results)) } return results, nil }