2021-03-23 08:43:44 +00:00
|
|
|
package goscrobble
|
2021-03-24 09:28:05 +00:00
|
|
|
|
|
|
|
import (
|
|
|
|
"errors"
|
|
|
|
"fmt"
|
2021-03-25 10:09:17 +00:00
|
|
|
"time"
|
2021-03-24 09:28:05 +00:00
|
|
|
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
)
|
|
|
|
|
|
|
|
const bCryptCost = 16
|
|
|
|
|
|
|
|
type User struct {
|
2021-03-25 10:09:17 +00:00
|
|
|
UUID string `json:"uuid"`
|
|
|
|
CreatedAt time.Time `json:"created_at"`
|
|
|
|
Username string `json:"username"`
|
|
|
|
password []byte
|
|
|
|
Email string `json:"email"`
|
|
|
|
Verified bool `json:"verified"`
|
|
|
|
Active bool `json:"active"`
|
|
|
|
Admin bool `json:"admin"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// RegisterRequest - Incoming JSON
|
|
|
|
type RegisterRequest struct {
|
2021-03-24 09:28:05 +00:00
|
|
|
Username string `json:"username"`
|
|
|
|
Email string `json:"email"`
|
2021-03-25 10:09:17 +00:00
|
|
|
Password string `json:"password"`
|
2021-03-24 09:28:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// createUser - Called from API
|
2021-03-25 10:09:17 +00:00
|
|
|
func createUser(req *RegisterRequest) error {
|
2021-03-24 09:28:05 +00:00
|
|
|
// Check if user already exists..
|
2021-03-25 10:09:17 +00:00
|
|
|
if len(req.Password) < 8 {
|
2021-03-24 09:28:05 +00:00
|
|
|
return errors.New("Password must be at least 8 characters")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check username is set
|
2021-03-25 10:09:17 +00:00
|
|
|
if req.Username == "" {
|
2021-03-24 09:28:05 +00:00
|
|
|
return errors.New("A username is required")
|
|
|
|
}
|
|
|
|
|
2021-03-25 10:09:17 +00:00
|
|
|
// If set an email.. validate it!
|
|
|
|
if req.Email != "" {
|
|
|
|
if !isEmailValid(req.Email) {
|
|
|
|
return errors.New("Invalid email address")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-03-24 09:28:05 +00:00
|
|
|
// Check if user or email exists!
|
2021-03-25 10:09:17 +00:00
|
|
|
if userAlreadyExists(req) {
|
2021-03-24 09:28:05 +00:00
|
|
|
return errors.New("Username or email already exists")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Lets hashit!
|
2021-03-25 10:09:17 +00:00
|
|
|
hash, err := hashPassword(req.Password)
|
2021-03-24 09:28:05 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2021-03-25 10:09:17 +00:00
|
|
|
return insertUser(req.Username, req.Email, hash)
|
2021-03-24 09:28:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// insertUser - Does the dirtywork!
|
|
|
|
func insertUser(username string, email string, password []byte) error {
|
2021-03-25 10:09:17 +00:00
|
|
|
_, err := db.Exec("INSERT INTO users (uuid, created_at, username, email, password) VALUES (UUID_TO_BIN(UUID(), true),NOW(),?,?,?)", username, email, password)
|
2021-03-24 09:28:05 +00:00
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// hashPassword - Returns bcrypt hash
|
|
|
|
func hashPassword(password string) ([]byte, error) {
|
|
|
|
return bcrypt.GenerateFromPassword([]byte(password), bCryptCost)
|
|
|
|
}
|
|
|
|
|
|
|
|
// isValidPassword - Checks if password is valid
|
|
|
|
func isValidPassword(password string, user User) bool {
|
|
|
|
err := bcrypt.CompareHashAndPassword(user.password, []byte(password))
|
|
|
|
if err != nil {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
|
|
|
// userAlreadyExists - Returns bool indicating if a record exists for either username or email
|
|
|
|
// Using two look ups to make use of DB indexes.
|
2021-03-25 10:09:17 +00:00
|
|
|
func userAlreadyExists(req *RegisterRequest) bool {
|
|
|
|
var userExists int
|
|
|
|
err := db.QueryRow("SELECT COUNT(*) FROM users WHERE username = ?", req.Username).Scan(&userExists)
|
|
|
|
if userExists > 0 {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
|
|
|
if req.Email != "" {
|
|
|
|
// Only run email check if there's an email...
|
|
|
|
err = db.QueryRow("SELECT COUNT(*) FROM users WHERE email = ?", req.Email).Scan(&userExists)
|
2021-03-24 09:28:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
fmt.Printf("Error querying for duplicate users: %v", err)
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2021-03-25 10:09:17 +00:00
|
|
|
return userExists > 0
|
2021-03-24 09:28:05 +00:00
|
|
|
}
|