Add user signup

2020-01-31 17:36:48 +01:00 · 2020-01-31 17:36:48 +01:00 · 0518c0e360
parent 8a69b1a82c
commit 0518c0e360
6 changed files with 120 additions and 10 deletions
--- a/api/database/migrations/0001_init.up.sql
+++ b/api/database/migrations/0001_init.up.sql
@ -1,9 +1,9 @@
 CREATE TABLE IF NOT EXISTS users (
  user_id int NOT NULL AUTO_INCREMENT,
-  username varchar(255) NOT NULL,
+  username varchar(255) NOT NULL UNIQUE,
  password varchar(255) NOT NULL,
-  root_path varchar(512) NOT NULL,
-  admin boolean,
+  root_path varchar(512),
+  admin boolean NOT NULL DEFAULT 0,

  PRIMARY KEY (user_id)
 );
--- a/api/go.mod
+++ b/api/go.mod
@ -9,4 +9,5 @@ require (
 	github.com/joho/godotenv v1.3.0
 	github.com/lib/pq v1.3.0
 	github.com/vektah/gqlparser v1.2.0
+	golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2
 )
--- a/api/go.sum
+++ b/api/go.sum
@ -43,6 +43,7 @@ github.com/vektah/dataloaden v0.2.1-0.20190515034641-a19b9a6e7c9e/go.mod h1:/HUd
 github.com/vektah/gqlparser v1.2.0 h1:ntkSCX7F5ZJKl+HIVnmLaO269MruasVpNiMOjX9kgo0=
 github.com/vektah/gqlparser v1.2.0/go.mod h1:bkVf0FX+Stjg/MHnm8mEyubuaArhNEqfQhF+OTiAL74=
 github.com/viktorstrate/photoview v0.0.0-20200119220544-691e4c7dc433 h1:n6jGnDctC9HI7B1rnc5ATQPYaaxQaJtS8bI6oI0QV34=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
--- a/api/graphql/models/user.go
+++ b/api/graphql/models/user.go
@ -0,0 +1,72 @@
+package models
+
+import (
+	"database/sql"
+	"errors"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+type User struct {
+	User_id   int
+	Username  string
+	Password  string
+	Root_path *string
+	Admin     bool
+}
+
+var UserInvalidCredentialsError = errors.New("invalid credentials")
+
+func NewUserFromRow(row *sql.Row) (*User, error) {
+	user := User{}
+
+	row.Scan(&user.User_id, &user.Username, &user.Password, &user.Root_path, &user.Admin)
+
+	return &user, nil
+}
+
+func AuthorizeUser(database *sql.DB, username string, password string) (*User, error) {
+	row := database.QueryRow("SELECT * FROM users WHERE username = ?", username)
+	if row == nil {
+		return nil, UserInvalidCredentialsError
+	}
+
+	user, err := NewUserFromRow(row)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); err != nil {
+		if err == bcrypt.ErrMismatchedHashAndPassword {
+			return nil, UserInvalidCredentialsError
+		} else {
+			return nil, err
+		}
+	}
+
+	return user, nil
+}
+
+func RegisterUser(database *sql.DB, username string, password string) (*User, error) {
+	hashedPassBytes, err := bcrypt.GenerateFromPassword([]byte(password), 12)
+	if err != nil {
+		return nil, err
+	}
+	hashedPass := string(hashedPassBytes)
+
+	if _, err := database.Query("INSERT INTO users (username, password) VALUES (?, ?)", username, hashedPass); err != nil {
+		return nil, err
+	}
+
+	row := database.QueryRow("SELECT * FROM users WHERE username = ?", username)
+	if row == nil {
+		return nil, UserInvalidCredentialsError
+	}
+
+	user, err := NewUserFromRow(row)
+	if err != nil {
+		return nil, err
+	}
+
+	return user, nil
+}
--- a/api/graphql/resolver.go
+++ b/api/graphql/resolver.go
@ -18,13 +18,6 @@ func (r *Resolver) Query() QueryResolver {

 type mutationResolver struct{ *Resolver }

-func (r *mutationResolver) AuthorizeUser(ctx context.Context, username string, password string) (*AuthorizeResult, error) {
-	panic("not implemented")
-}
-func (r *mutationResolver) RegisterUser(ctx context.Context, username string, password string) (*AuthorizeResult, error) {
-	panic("not implemented")
-}
-
 type queryResolver struct{ *Resolver }

 func (r *queryResolver) Users(ctx context.Context) ([]*User, error) {
--- a/api/graphql/resolver_user.go
+++ b/api/graphql/resolver_user.go
@ -0,0 +1,43 @@
+package api
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/viktorstrate/photoview/api/graphql/models"
+)
+
+func (r *mutationResolver) AuthorizeUser(ctx context.Context, username string, password string) (*AuthorizeResult, error) {
+	user, err := models.AuthorizeUser(r.Database, username, password)
+	if err != nil {
+		return &AuthorizeResult{
+			Success: false,
+			Status:  err.Error(),
+		}, nil
+	}
+
+	token := fmt.Sprintf("token:%d", user.User_id)
+
+	return &AuthorizeResult{
+		Success: true,
+		Status:  "ok",
+		Token:   &token,
+	}, nil
+}
+func (r *mutationResolver) RegisterUser(ctx context.Context, username string, password string) (*AuthorizeResult, error) {
+	user, err := models.RegisterUser(r.Database, username, password)
+	if err != nil {
+		return &AuthorizeResult{
+			Success: false,
+			Status:  err.Error(),
+		}, nil
+	}
+
+	token := fmt.Sprintf("token:%d", user.User_id)
+
+	return &AuthorizeResult{
+		Success: true,
+		Status:  "ok",
+		Token:   &token,
+	}, nil
+}