feat(api): first user is admin

api/auth.go

@@ -205,7 +205,7 @@ func (api *API) appAuthRegister(c *gin.Context) {
 		return
 	}
 
-	// Generate Auth Hash
+	// Generate auth hash
 	rawAuthHash, err := utils.GenerateToken(64)
 	if err != nil {
 		log.Error("Failed to generate user token: ", err)
@@ -214,31 +214,41 @@ func (api *API) appAuthRegister(c *gin.Context) {
 		return
 	}
 
-	// Create User in DB
-	authHash := fmt.Sprintf("%x", rawAuthHash)
-	rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
-		ID:       username,
-		Pass:     &hashedPassword,
-		AuthHash: &authHash,
-	})
-
-	// SQL Error
+	// Get current users
+	currentUsers, err := api.db.Queries.GetUsers(api.db.Ctx)
 	if err != nil {
-		log.Error("CreateUser DB Error:", err)
-		templateVars["Error"] = "Registration Disabled or User Already Exists"
+		log.Error("Failed to check all users: ", err)
+		templateVars["Error"] = "Failed to Create User"
 		c.HTML(http.StatusBadRequest, "page/login", templateVars)
 		return
 	}
 
-	// User Already Exists
-	if rows == 0 {
+	// Determine if we should be admin
+	isAdmin := false
+	if len(currentUsers) == 0 {
+		isAdmin = true
+	}
+
+	// Create user in DB
+	authHash := fmt.Sprintf("%x", rawAuthHash)
+	if rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
+		ID:       username,
+		Pass:     &hashedPassword,
+		AuthHash: &authHash,
+		Admin:    isAdmin,
+	}); err != nil {
+		log.Error("CreateUser DB Error:", err)
+		templateVars["Error"] = "Registration Disabled or User Already Exists"
+		c.HTML(http.StatusBadRequest, "page/login", templateVars)
+		return
+	} else if rows == 0 {
 		log.Warn("User Already Exists:", username)
 		templateVars["Error"] = "Registration Disabled or User Already Exists"
 		c.HTML(http.StatusBadRequest, "page/login", templateVars)
 		return
 	}
 
-	// Get User
+	// Get user
 	user, err := api.db.Queries.GetUser(api.db.Ctx, username)
 	if err != nil {
 		log.Error("GetUser DB Error:", err)
@@ -247,7 +257,7 @@ func (api *API) appAuthRegister(c *gin.Context) {
 		return
 	}
 
-	// Set Session
+	// Set session
 	auth := authData{
 		UserName: user.ID,
 		IsAdmin:  user.Admin,
@@ -289,6 +299,7 @@ func (api *API) koAuthRegister(c *gin.Context) {
 		return
 	}
 
+	// Generate password hash
 	hashedPassword, err := argon2.CreateHash(rUser.Password, argon2.DefaultParams)
 	if err != nil {
 		log.Error("Argon2 Hash Failure:", err)
@@ -296,7 +307,7 @@ func (api *API) koAuthRegister(c *gin.Context) {
 		return
 	}
 
-	// Generate Auth Hash
+	// Generate auth hash
 	rawAuthHash, err := utils.GenerateToken(64)
 	if err != nil {
 		log.Error("Failed to generate user token: ", err)
@@ -304,20 +315,32 @@ func (api *API) koAuthRegister(c *gin.Context) {
 		return
 	}
 
-	authHash := fmt.Sprintf("%x", rawAuthHash)
-	rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
-		ID:       rUser.Username,
-		Pass:     &hashedPassword,
-		AuthHash: &authHash,
-	})
+	// Get current users
+	currentUsers, err := api.db.Queries.GetUsers(api.db.Ctx)
 	if err != nil {
-		log.Error("CreateUser DB Error:", err)
-		apiErrorPage(c, http.StatusBadRequest, "Invalid User Data")
+		log.Error("Failed to check all users: ", err)
+		apiErrorPage(c, http.StatusBadRequest, "Failed to Create User")
 		return
 	}
 
-	// User Exists
-	if rows == 0 {
+	// Determine if we should be admin
+	isAdmin := false
+	if len(currentUsers) == 0 {
+		isAdmin = true
+	}
+
+	// Create user
+	authHash := fmt.Sprintf("%x", rawAuthHash)
+	if rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
+		ID:       rUser.Username,
+		Pass:     &hashedPassword,
+		AuthHash: &authHash,
+		Admin:    isAdmin,
+	}); err != nil {
+		log.Error("CreateUser DB Error:", err)
+		apiErrorPage(c, http.StatusBadRequest, "Invalid User Data")
+		return
+	} else if rows == 0 {
 		log.Error("User Already Exists:", rUser.Username)
 		apiErrorPage(c, http.StatusBadRequest, "User Already Exists")
 		return

database/db.go

@@ -1,6 +1,6 @@
 // Code generated by sqlc. DO NOT EDIT.
 // versions:
-//   sqlc v1.21.0
+//   sqlc v1.25.0
 
 package database
 

database/models.go

@@ -1,12 +1,10 @@
 // Code generated by sqlc. DO NOT EDIT.
 // versions:
-//   sqlc v1.21.0
+//   sqlc v1.25.0
 
 package database
 
-import (
-	"database/sql"
-)
+import ()
 
 type Activity struct {
 	ID              int64   `json:"id"`
@@ -121,23 +119,23 @@ type UserStreak struct {
 }
 
 type ViewDocumentUserStatistic struct {
-	DocumentID         string          `json:"document_id"`
-	UserID             string          `json:"user_id"`
-	Percentage         float64         `json:"percentage"`
-	LastRead           interface{}     `json:"last_read"`
-	ReadPercentage     sql.NullFloat64 `json:"read_percentage"`
-	TotalTimeSeconds   sql.NullFloat64 `json:"total_time_seconds"`
-	TotalWordsRead     interface{}     `json:"total_words_read"`
-	TotalWpm           int64           `json:"total_wpm"`
-	YearlyTimeSeconds  sql.NullFloat64 `json:"yearly_time_seconds"`
-	YearlyWordsRead    interface{}     `json:"yearly_words_read"`
-	YearlyWpm          interface{}     `json:"yearly_wpm"`
-	MonthlyTimeSeconds sql.NullFloat64 `json:"monthly_time_seconds"`
-	MonthlyWordsRead   interface{}     `json:"monthly_words_read"`
-	MonthlyWpm         interface{}     `json:"monthly_wpm"`
-	WeeklyTimeSeconds  sql.NullFloat64 `json:"weekly_time_seconds"`
-	WeeklyWordsRead    interface{}     `json:"weekly_words_read"`
-	WeeklyWpm          interface{}     `json:"weekly_wpm"`
+	DocumentID         string      `json:"document_id"`
+	UserID             string      `json:"user_id"`
+	Percentage         float64     `json:"percentage"`
+	LastRead           interface{} `json:"last_read"`
+	ReadPercentage     *float64    `json:"read_percentage"`
+	TotalTimeSeconds   *float64    `json:"total_time_seconds"`
+	TotalWordsRead     interface{} `json:"total_words_read"`
+	TotalWpm           int64       `json:"total_wpm"`
+	YearlyTimeSeconds  *float64    `json:"yearly_time_seconds"`
+	YearlyWordsRead    interface{} `json:"yearly_words_read"`
+	YearlyWpm          interface{} `json:"yearly_wpm"`
+	MonthlyTimeSeconds *float64    `json:"monthly_time_seconds"`
+	MonthlyWordsRead   interface{} `json:"monthly_words_read"`
+	MonthlyWpm         interface{} `json:"monthly_wpm"`
+	WeeklyTimeSeconds  *float64    `json:"weekly_time_seconds"`
+	WeeklyWordsRead    interface{} `json:"weekly_words_read"`
+	WeeklyWpm          interface{} `json:"weekly_wpm"`
 }
 
 type ViewUserStreak struct {

database/query.sql

@@ -26,8 +26,8 @@ VALUES (?, ?, ?, ?, ?, ?, ?, ?)
 RETURNING *;
 
 -- name: CreateUser :execrows
-INSERT INTO users (id, pass, auth_hash)
-VALUES (?, ?, ?)
+INSERT INTO users (id, pass, auth_hash, admin)
+VALUES (?, ?, ?, ?)
 ON CONFLICT DO NOTHING;
 
 -- name: DeleteDocument :execrows

database/query.sql.go

@@ -1,6 +1,6 @@
 // Code generated by sqlc. DO NOT EDIT.
 // versions:
-//   sqlc v1.21.0
+//   sqlc v1.25.0
 // source: query.sql
 
 package database
@@ -113,8 +113,8 @@ func (q *Queries) AddMetadata(ctx context.Context, arg AddMetadataParams) (Metad
 }
 
 const createUser = `-- name: CreateUser :execrows
-INSERT INTO users (id, pass, auth_hash)
-VALUES (?, ?, ?)
+INSERT INTO users (id, pass, auth_hash, admin)
+VALUES (?, ?, ?, ?)
 ON CONFLICT DO NOTHING
 `
 
@@ -122,10 +122,16 @@ type CreateUserParams struct {
 	ID       string  `json:"id"`
 	Pass     *string `json:"-"`
 	AuthHash *string `json:"auth_hash"`
+	Admin    bool    `json:"-"`
 }
 
 func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (int64, error) {
-	result, err := q.db.ExecContext(ctx, createUser, arg.ID, arg.Pass, arg.AuthHash)
+	result, err := q.db.ExecContext(ctx, createUser,
+		arg.ID,
+		arg.Pass,
+		arg.AuthHash,
+		arg.Admin,
+	)
 	if err != nil {
 		return 0, err
 	}

sqlc.yaml

@@ -8,6 +8,7 @@ sql:
         package: "database"
         out: "database"
         emit_json_tags: true
+        emit_pointers_for_null_types: true
         overrides:
           # Documents
           - column: "documents.md5"