124 lines
3.0 KiB
Go
124 lines
3.0 KiB
Go
package models
|
|
|
|
import (
|
|
"ccsecrets/utils/token"
|
|
"errors"
|
|
"fmt"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
type User struct {
|
|
UserId int `db:"UserId"`
|
|
RoleId int `db:"RoleId"`
|
|
UserName string `db:"UserName"`
|
|
Password string `db:"Password"`
|
|
}
|
|
|
|
type UserRole struct {
|
|
User
|
|
RoleName string `db:"RoleName"`
|
|
ReadOnly bool `db:"ReadOnly"`
|
|
Admin bool `db:"Admin"`
|
|
}
|
|
|
|
func (u *User) SaveUser() (*User, error) {
|
|
|
|
var err error
|
|
|
|
// TODO - validate username not already in use
|
|
|
|
result, err := db.NamedExec((`INSERT INTO users (RoleId, UserName, Password) VALUES (:RoleId, :UserName, :Password)`), u)
|
|
|
|
if err != nil {
|
|
fmt.Printf("SaveUser error executing sql record : '%s'\n", err)
|
|
return &User{}, err
|
|
} else {
|
|
affected, _ := result.RowsAffected()
|
|
id, _ := result.LastInsertId()
|
|
fmt.Printf("SaveUser insert returned result id '%d' affecting %d row(s).\n", id, affected)
|
|
}
|
|
|
|
return u, nil
|
|
}
|
|
|
|
func VerifyPassword(password, hashedPassword string) error {
|
|
fmt.Printf("VerifyPassword comparing password vs hashed:\n'%s'\n'%s'\n", password, hashedPassword)
|
|
return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
|
|
}
|
|
|
|
func LoginCheck(username string, password string) (string, error) {
|
|
|
|
var err error
|
|
|
|
u := User{}
|
|
|
|
// Query database for matching user object
|
|
err = db.QueryRowx("SELECT * FROM Users WHERE Username=?", username).StructScan(&u)
|
|
|
|
fmt.Printf("LoginCheck retrieved user '%v' from database\n", u)
|
|
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
err = VerifyPassword(password, u.Password)
|
|
|
|
if err != nil && err == bcrypt.ErrMismatchedHashAndPassword {
|
|
fmt.Printf("LoginCheck says password doesn't match stored hash.\n")
|
|
return "", err
|
|
} else {
|
|
fmt.Printf("LoginCheck verified password against stored hash.\n")
|
|
}
|
|
|
|
token, err := token.GenerateToken(uint(u.UserId))
|
|
|
|
if err != nil {
|
|
fmt.Printf("LoginCheck error generating token : '%s'\n", err)
|
|
return "", err
|
|
}
|
|
|
|
return token, nil
|
|
|
|
}
|
|
|
|
func GetUserByID(uid uint) (User, error) {
|
|
|
|
var u User
|
|
|
|
// Query database for matching user object
|
|
err := db.QueryRowx("SELECT * FROM users INNER JOIN roles ON users.RoleId = roles.RoleId WHERE UserId=?", uid).StructScan(&u)
|
|
if err != nil {
|
|
return u, errors.New("user not found")
|
|
}
|
|
/*
|
|
if err := DB.First(&u, uid).Error; err != nil {
|
|
return u, errors.New("User not found!")
|
|
}
|
|
*/
|
|
u.PrepareGive()
|
|
|
|
return u, nil
|
|
|
|
}
|
|
|
|
func GetUserRoleByID(uid uint) (UserRole, error) {
|
|
|
|
var ur UserRole
|
|
|
|
// Query database for matching user object
|
|
fmt.Printf("GetUserRoleByID querying for userid '%d'\n", uid)
|
|
err := db.QueryRowx("SELECT users.UserId, users.RoleId, users.UserName, users.Password, roles.RoleName, roles.ReadOnly, roles.Admin FROM users INNER JOIN roles ON users.RoleId = roles.RoleId WHERE users.UserId=?", uid).StructScan(&ur)
|
|
if err != nil {
|
|
fmt.Printf("GetUserRoleByID received error when querying database : '%s'\n", err)
|
|
return ur, errors.New("GetUserRoleByID user not found")
|
|
}
|
|
|
|
return ur, nil
|
|
|
|
}
|
|
|
|
func (u *User) PrepareGive() {
|
|
u.Password = ""
|
|
}
|