package models import ( "ccsecrets/utils/token" "errors" "fmt" "golang.org/x/crypto/bcrypt" ) type User struct { UserId int `db:"UserId"` RoleId int `db:"RoleId"` UserName string `db:"UserName"` Password string `db:"Password" json:"-"` } type UserRole struct { User RoleName string `db:"RoleName"` ReadOnly bool `db:"ReadOnly"` Admin bool `db:"Admin"` } func (u *User) SaveUser() (*User, error) { var err error // TODO - validate username not already in use result, err := db.NamedExec((`INSERT INTO users (RoleId, UserName, Password) VALUES (:RoleId, :UserName, :Password)`), u) if err != nil { fmt.Printf("SaveUser error executing sql record : '%s'\n", err) return &User{}, err } else { affected, _ := result.RowsAffected() id, _ := result.LastInsertId() fmt.Printf("SaveUser insert returned result id '%d' affecting %d row(s).\n", id, affected) } return u, nil } func VerifyPassword(password, hashedPassword string) error { fmt.Printf("VerifyPassword comparing password vs hashed:\n'%s'\n'%s'\n", password, hashedPassword) return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password)) } func LoginCheck(username string, password string) (string, error) { var err error u := User{} // Query database for matching user object err = db.QueryRowx("SELECT * FROM Users WHERE Username=?", username).StructScan(&u) fmt.Printf("LoginCheck retrieved user '%v' from database\n", u) if err != nil { return "", err } err = VerifyPassword(password, u.Password) if err != nil && err == bcrypt.ErrMismatchedHashAndPassword { fmt.Printf("LoginCheck says password doesn't match stored hash.\n") return "", err } else { fmt.Printf("LoginCheck verified password against stored hash.\n") } token, err := token.GenerateToken(uint(u.UserId)) if err != nil { fmt.Printf("LoginCheck error generating token : '%s'\n", err) return "", err } return token, nil } func GetUserByID(uid uint) (User, error) { var u User // Query database for matching user object err := db.QueryRowx("SELECT * FROM users WHERE UserId=?", uid).StructScan(&u) if err != nil { return u, errors.New("user not found") } /* if err := DB.First(&u, uid).Error; err != nil { return u, errors.New("User not found!") } */ //u.PrepareGive() return u, nil } func GetUserByName(username string) (User, error) { var u User // Query database for matching user object err := db.QueryRowx("SELECT * FROM users WHERE UserName=?", username).StructScan(&u) if err != nil { return u, errors.New("user not found") } return u, nil } func GetUserRoleByID(uid uint) (UserRole, error) { var ur UserRole // Query database for matching user object fmt.Printf("GetUserRoleByID querying for userid '%d'\n", uid) err := db.QueryRowx("SELECT users.UserId, users.RoleId, users.UserName, users.Password, roles.RoleName, roles.ReadOnly, roles.Admin FROM users INNER JOIN roles ON users.RoleId = roles.RoleId WHERE users.UserId=?", uid).StructScan(&ur) if err != nil { fmt.Printf("GetUserRoleByID received error when querying database : '%s'\n", err) return ur, errors.New("GetUserRoleByID user not found") } return ur, nil } /* func (u *User) PrepareGive() { u.Password = "" } */