Compare commits
2 Commits
fe81b57a34
...
6c6a6dd329
Author | SHA1 | Date | |
---|---|---|---|
6c6a6dd329 | |||
c4602c8c3b |
77
api/auth.go
77
api/auth.go
@ -205,7 +205,7 @@ func (api *API) appAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Generate Auth Hash
|
// Generate auth hash
|
||||||
rawAuthHash, err := utils.GenerateToken(64)
|
rawAuthHash, err := utils.GenerateToken(64)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Failed to generate user token: ", err)
|
log.Error("Failed to generate user token: ", err)
|
||||||
@ -214,31 +214,41 @@ func (api *API) appAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create User in DB
|
// Get current users
|
||||||
authHash := fmt.Sprintf("%x", rawAuthHash)
|
currentUsers, err := api.db.Queries.GetUsers(api.db.Ctx)
|
||||||
rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
|
|
||||||
ID: username,
|
|
||||||
Pass: &hashedPassword,
|
|
||||||
AuthHash: &authHash,
|
|
||||||
})
|
|
||||||
|
|
||||||
// SQL Error
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("CreateUser DB Error:", err)
|
log.Error("Failed to check all users: ", err)
|
||||||
templateVars["Error"] = "Registration Disabled or User Already Exists"
|
templateVars["Error"] = "Failed to Create User"
|
||||||
c.HTML(http.StatusBadRequest, "page/login", templateVars)
|
c.HTML(http.StatusBadRequest, "page/login", templateVars)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// User Already Exists
|
// Determine if we should be admin
|
||||||
if rows == 0 {
|
isAdmin := false
|
||||||
|
if len(currentUsers) == 0 {
|
||||||
|
isAdmin = true
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create user in DB
|
||||||
|
authHash := fmt.Sprintf("%x", rawAuthHash)
|
||||||
|
if rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
|
||||||
|
ID: username,
|
||||||
|
Pass: &hashedPassword,
|
||||||
|
AuthHash: &authHash,
|
||||||
|
Admin: isAdmin,
|
||||||
|
}); err != nil {
|
||||||
|
log.Error("CreateUser DB Error:", err)
|
||||||
|
templateVars["Error"] = "Registration Disabled or User Already Exists"
|
||||||
|
c.HTML(http.StatusBadRequest, "page/login", templateVars)
|
||||||
|
return
|
||||||
|
} else if rows == 0 {
|
||||||
log.Warn("User Already Exists:", username)
|
log.Warn("User Already Exists:", username)
|
||||||
templateVars["Error"] = "Registration Disabled or User Already Exists"
|
templateVars["Error"] = "Registration Disabled or User Already Exists"
|
||||||
c.HTML(http.StatusBadRequest, "page/login", templateVars)
|
c.HTML(http.StatusBadRequest, "page/login", templateVars)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get User
|
// Get user
|
||||||
user, err := api.db.Queries.GetUser(api.db.Ctx, username)
|
user, err := api.db.Queries.GetUser(api.db.Ctx, username)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("GetUser DB Error:", err)
|
log.Error("GetUser DB Error:", err)
|
||||||
@ -247,7 +257,7 @@ func (api *API) appAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set Session
|
// Set session
|
||||||
auth := authData{
|
auth := authData{
|
||||||
UserName: user.ID,
|
UserName: user.ID,
|
||||||
IsAdmin: user.Admin,
|
IsAdmin: user.Admin,
|
||||||
@ -289,6 +299,7 @@ func (api *API) koAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Generate password hash
|
||||||
hashedPassword, err := argon2.CreateHash(rUser.Password, argon2.DefaultParams)
|
hashedPassword, err := argon2.CreateHash(rUser.Password, argon2.DefaultParams)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Argon2 Hash Failure:", err)
|
log.Error("Argon2 Hash Failure:", err)
|
||||||
@ -296,7 +307,7 @@ func (api *API) koAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Generate Auth Hash
|
// Generate auth hash
|
||||||
rawAuthHash, err := utils.GenerateToken(64)
|
rawAuthHash, err := utils.GenerateToken(64)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Failed to generate user token: ", err)
|
log.Error("Failed to generate user token: ", err)
|
||||||
@ -304,20 +315,32 @@ func (api *API) koAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
authHash := fmt.Sprintf("%x", rawAuthHash)
|
// Get current users
|
||||||
rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
|
currentUsers, err := api.db.Queries.GetUsers(api.db.Ctx)
|
||||||
ID: rUser.Username,
|
|
||||||
Pass: &hashedPassword,
|
|
||||||
AuthHash: &authHash,
|
|
||||||
})
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("CreateUser DB Error:", err)
|
log.Error("Failed to check all users: ", err)
|
||||||
apiErrorPage(c, http.StatusBadRequest, "Invalid User Data")
|
apiErrorPage(c, http.StatusBadRequest, "Failed to Create User")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// User Exists
|
// Determine if we should be admin
|
||||||
if rows == 0 {
|
isAdmin := false
|
||||||
|
if len(currentUsers) == 0 {
|
||||||
|
isAdmin = true
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create user
|
||||||
|
authHash := fmt.Sprintf("%x", rawAuthHash)
|
||||||
|
if rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
|
||||||
|
ID: rUser.Username,
|
||||||
|
Pass: &hashedPassword,
|
||||||
|
AuthHash: &authHash,
|
||||||
|
Admin: isAdmin,
|
||||||
|
}); err != nil {
|
||||||
|
log.Error("CreateUser DB Error:", err)
|
||||||
|
apiErrorPage(c, http.StatusBadRequest, "Invalid User Data")
|
||||||
|
return
|
||||||
|
} else if rows == 0 {
|
||||||
log.Error("User Already Exists:", rUser.Username)
|
log.Error("User Already Exists:", rUser.Username)
|
||||||
apiErrorPage(c, http.StatusBadRequest, "User Already Exists")
|
apiErrorPage(c, http.StatusBadRequest, "User Already Exists")
|
||||||
return
|
return
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
// Code generated by sqlc. DO NOT EDIT.
|
// Code generated by sqlc. DO NOT EDIT.
|
||||||
// versions:
|
// versions:
|
||||||
// sqlc v1.21.0
|
// sqlc v1.25.0
|
||||||
|
|
||||||
package database
|
package database
|
||||||
|
|
||||||
|
@ -1,12 +1,10 @@
|
|||||||
// Code generated by sqlc. DO NOT EDIT.
|
// Code generated by sqlc. DO NOT EDIT.
|
||||||
// versions:
|
// versions:
|
||||||
// sqlc v1.21.0
|
// sqlc v1.25.0
|
||||||
|
|
||||||
package database
|
package database
|
||||||
|
|
||||||
import (
|
import ()
|
||||||
"database/sql"
|
|
||||||
)
|
|
||||||
|
|
||||||
type Activity struct {
|
type Activity struct {
|
||||||
ID int64 `json:"id"`
|
ID int64 `json:"id"`
|
||||||
@ -121,23 +119,23 @@ type UserStreak struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type ViewDocumentUserStatistic struct {
|
type ViewDocumentUserStatistic struct {
|
||||||
DocumentID string `json:"document_id"`
|
DocumentID string `json:"document_id"`
|
||||||
UserID string `json:"user_id"`
|
UserID string `json:"user_id"`
|
||||||
Percentage float64 `json:"percentage"`
|
Percentage float64 `json:"percentage"`
|
||||||
LastRead interface{} `json:"last_read"`
|
LastRead interface{} `json:"last_read"`
|
||||||
ReadPercentage sql.NullFloat64 `json:"read_percentage"`
|
ReadPercentage *float64 `json:"read_percentage"`
|
||||||
TotalTimeSeconds sql.NullFloat64 `json:"total_time_seconds"`
|
TotalTimeSeconds *float64 `json:"total_time_seconds"`
|
||||||
TotalWordsRead interface{} `json:"total_words_read"`
|
TotalWordsRead interface{} `json:"total_words_read"`
|
||||||
TotalWpm int64 `json:"total_wpm"`
|
TotalWpm int64 `json:"total_wpm"`
|
||||||
YearlyTimeSeconds sql.NullFloat64 `json:"yearly_time_seconds"`
|
YearlyTimeSeconds *float64 `json:"yearly_time_seconds"`
|
||||||
YearlyWordsRead interface{} `json:"yearly_words_read"`
|
YearlyWordsRead interface{} `json:"yearly_words_read"`
|
||||||
YearlyWpm interface{} `json:"yearly_wpm"`
|
YearlyWpm interface{} `json:"yearly_wpm"`
|
||||||
MonthlyTimeSeconds sql.NullFloat64 `json:"monthly_time_seconds"`
|
MonthlyTimeSeconds *float64 `json:"monthly_time_seconds"`
|
||||||
MonthlyWordsRead interface{} `json:"monthly_words_read"`
|
MonthlyWordsRead interface{} `json:"monthly_words_read"`
|
||||||
MonthlyWpm interface{} `json:"monthly_wpm"`
|
MonthlyWpm interface{} `json:"monthly_wpm"`
|
||||||
WeeklyTimeSeconds sql.NullFloat64 `json:"weekly_time_seconds"`
|
WeeklyTimeSeconds *float64 `json:"weekly_time_seconds"`
|
||||||
WeeklyWordsRead interface{} `json:"weekly_words_read"`
|
WeeklyWordsRead interface{} `json:"weekly_words_read"`
|
||||||
WeeklyWpm interface{} `json:"weekly_wpm"`
|
WeeklyWpm interface{} `json:"weekly_wpm"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type ViewUserStreak struct {
|
type ViewUserStreak struct {
|
||||||
|
@ -26,8 +26,8 @@ VALUES (?, ?, ?, ?, ?, ?, ?, ?)
|
|||||||
RETURNING *;
|
RETURNING *;
|
||||||
|
|
||||||
-- name: CreateUser :execrows
|
-- name: CreateUser :execrows
|
||||||
INSERT INTO users (id, pass, auth_hash)
|
INSERT INTO users (id, pass, auth_hash, admin)
|
||||||
VALUES (?, ?, ?)
|
VALUES (?, ?, ?, ?)
|
||||||
ON CONFLICT DO NOTHING;
|
ON CONFLICT DO NOTHING;
|
||||||
|
|
||||||
-- name: DeleteDocument :execrows
|
-- name: DeleteDocument :execrows
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
// Code generated by sqlc. DO NOT EDIT.
|
// Code generated by sqlc. DO NOT EDIT.
|
||||||
// versions:
|
// versions:
|
||||||
// sqlc v1.21.0
|
// sqlc v1.25.0
|
||||||
// source: query.sql
|
// source: query.sql
|
||||||
|
|
||||||
package database
|
package database
|
||||||
@ -113,8 +113,8 @@ func (q *Queries) AddMetadata(ctx context.Context, arg AddMetadataParams) (Metad
|
|||||||
}
|
}
|
||||||
|
|
||||||
const createUser = `-- name: CreateUser :execrows
|
const createUser = `-- name: CreateUser :execrows
|
||||||
INSERT INTO users (id, pass, auth_hash)
|
INSERT INTO users (id, pass, auth_hash, admin)
|
||||||
VALUES (?, ?, ?)
|
VALUES (?, ?, ?, ?)
|
||||||
ON CONFLICT DO NOTHING
|
ON CONFLICT DO NOTHING
|
||||||
`
|
`
|
||||||
|
|
||||||
@ -122,10 +122,16 @@ type CreateUserParams struct {
|
|||||||
ID string `json:"id"`
|
ID string `json:"id"`
|
||||||
Pass *string `json:"-"`
|
Pass *string `json:"-"`
|
||||||
AuthHash *string `json:"auth_hash"`
|
AuthHash *string `json:"auth_hash"`
|
||||||
|
Admin bool `json:"-"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (int64, error) {
|
func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (int64, error) {
|
||||||
result, err := q.db.ExecContext(ctx, createUser, arg.ID, arg.Pass, arg.AuthHash)
|
result, err := q.db.ExecContext(ctx, createUser,
|
||||||
|
arg.ID,
|
||||||
|
arg.Pass,
|
||||||
|
arg.AuthHash,
|
||||||
|
arg.Admin,
|
||||||
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user