Decouple SQL queries from logic
This commit is contained in:
parent
75d8996cf9
commit
eff740072d
@ -16,6 +16,17 @@ type Session struct {
|
||||
CreatedAt time.Time
|
||||
}
|
||||
|
||||
const sessionColumnsNoId = "\"UserId\", \"AuthToken\", \"CreatedAt\""
|
||||
const sessionColumns = "\"Id\", " + sessionColumnsNoId
|
||||
const sessionTable = "public.\"Session\""
|
||||
|
||||
const (
|
||||
selectSessionByAuthToken = "SELECT " + sessionColumns + " FROM " + sessionTable + " WHERE \"AuthToken\" = $1"
|
||||
selectAuthTokenIfExists = "SELECT EXISTS(SELECT 1 FROM " + sessionTable + " WHERE \"AuthToken\" = $1)"
|
||||
insertSession = "INSERT INTO " + sessionTable + " (" + sessionColumnsNoId + ") VALUES ($1, $2, $3) RETURNING \"Id\""
|
||||
deleteSessionByAuthToken = "DELETE FROM " + sessionTable + " WHERE \"AuthToken\" = $1"
|
||||
)
|
||||
|
||||
// CreateSession creates a new session for a user
|
||||
func CreateSession(app *app.App, w http.ResponseWriter, userId int64) (Session, error) {
|
||||
session := Session{}
|
||||
@ -25,7 +36,7 @@ func CreateSession(app *app.App, w http.ResponseWriter, userId int64) (Session,
|
||||
|
||||
// If the AuthToken column for any user matches the token, set existingAuthToken to true
|
||||
var existingAuthToken bool
|
||||
err := app.Db.QueryRow("SELECT EXISTS(SELECT 1 FROM public.\"Session\" WHERE \"AuthToken\" = $1)", session.AuthToken).Scan(&existingAuthToken)
|
||||
err := app.Db.QueryRow(selectAuthTokenIfExists, session.AuthToken).Scan(&existingAuthToken)
|
||||
if err != nil {
|
||||
log.Println("Error checking for existing auth token")
|
||||
log.Println(err)
|
||||
@ -39,7 +50,7 @@ func CreateSession(app *app.App, w http.ResponseWriter, userId int64) (Session,
|
||||
}
|
||||
|
||||
// Insert session into database
|
||||
err = app.Db.QueryRow("INSERT INTO public.\"Session\" (\"UserId\", \"AuthToken\", \"CreatedAt\") VALUES ($1, $2, $3) RETURNING \"Id\"", session.UserId, session.AuthToken, session.CreatedAt).Scan(&session.Id)
|
||||
err = app.Db.QueryRow(insertSession, session.UserId, session.AuthToken, session.CreatedAt).Scan(&session.Id)
|
||||
if err != nil {
|
||||
log.Println("Error inserting session into database")
|
||||
return Session{}, err
|
||||
@ -91,7 +102,7 @@ func deleteSessionCookie(app *app.App, w http.ResponseWriter) {
|
||||
// DeleteSessionByAuthToken deletes a session from the database by AuthToken
|
||||
func DeleteSessionByAuthToken(app *app.App, w http.ResponseWriter, authToken string) error {
|
||||
// Delete session from database
|
||||
_, err := app.Db.Exec("DELETE FROM public.\"Session\" WHERE \"AuthToken\" = $1", authToken)
|
||||
_, err := app.Db.Exec(deleteSessionByAuthToken, authToken)
|
||||
if err != nil {
|
||||
log.Println("Error deleting session from database")
|
||||
return err
|
||||
|
@ -18,6 +18,17 @@ type User struct {
|
||||
UpdatedAt time.Time
|
||||
}
|
||||
|
||||
const userColumnsNoId = "\"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\""
|
||||
const userColumns = "\"Id\", " + userColumnsNoId
|
||||
const userTable = "public.\"User\""
|
||||
|
||||
const (
|
||||
selectSessionIdByAuthToken = "SELECT \"Id\" FROM public.\"Session\" WHERE \"AuthToken\" = $1"
|
||||
selectUserById = "SELECT " + userColumns + " FROM " + userTable + " WHERE \"Id\" = $1"
|
||||
selectUserByUsername = "SELECT " + userColumns + " FROM " + userTable + " WHERE \"Username\" = $1"
|
||||
insertUser = "INSERT INTO " + userTable + " (" + userColumnsNoId + ") VALUES ($1, $2, $3, $4) RETURNING \"Id\""
|
||||
)
|
||||
|
||||
// GetCurrentUser finds the currently logged-in user by session cookie
|
||||
func GetCurrentUser(app *app.App, r *http.Request) (User, error) {
|
||||
cookie, err := r.Cookie("session")
|
||||
@ -29,7 +40,7 @@ func GetCurrentUser(app *app.App, r *http.Request) (User, error) {
|
||||
var userId int64
|
||||
|
||||
// Query row by AuthToken
|
||||
err = app.Db.QueryRow("SELECT \"Id\" FROM public.\"Session\" WHERE \"AuthToken\" = $1", cookie.Value).Scan(&userId)
|
||||
err = app.Db.QueryRow(selectSessionIdByAuthToken, cookie.Value).Scan(&userId)
|
||||
if err != nil {
|
||||
log.Println("Error querying session row with session: " + cookie.Value)
|
||||
return User{}, err
|
||||
@ -38,12 +49,12 @@ func GetCurrentUser(app *app.App, r *http.Request) (User, error) {
|
||||
return GetUserById(app, userId)
|
||||
}
|
||||
|
||||
// GetUserById finds a users table row in the database by id and returns a struct representing this row
|
||||
// GetUserById finds a User table row in the database by id and returns a struct representing this row
|
||||
func GetUserById(app *app.App, id int64) (User, error) {
|
||||
user := User{}
|
||||
|
||||
// Query row by id
|
||||
err := app.Db.QueryRow("SELECT \"Id\", \"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\" FROM public.\"User\" WHERE \"Id\" = $1", id).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
|
||||
err := app.Db.QueryRow(selectUserById, id).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
|
||||
if err != nil {
|
||||
log.Println("Get user error (user not found) for user id:" + strconv.FormatInt(id, 10))
|
||||
return User{}, err
|
||||
@ -52,12 +63,12 @@ func GetUserById(app *app.App, id int64) (User, error) {
|
||||
return user, nil
|
||||
}
|
||||
|
||||
// GetUserByUsername finds a users table row in the database by username and returns a struct representing this row
|
||||
// GetUserByUsername finds a User table row in the database by username and returns a struct representing this row
|
||||
func GetUserByUsername(app *app.App, username string) (User, error) {
|
||||
user := User{}
|
||||
|
||||
// Query row by username
|
||||
err := app.Db.QueryRow("SELECT \"Id\", \"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\" FROM public.\"User\" WHERE \"Username\" = $1", username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
|
||||
err := app.Db.QueryRow(selectUserByUsername, username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
|
||||
if err != nil {
|
||||
log.Println("Get user error (user not found) for user:" + username)
|
||||
return User{}, err
|
||||
@ -66,7 +77,7 @@ func GetUserByUsername(app *app.App, username string) (User, error) {
|
||||
return user, nil
|
||||
}
|
||||
|
||||
// CreateUser creates a users table row in the database
|
||||
// CreateUser creates a User table row in the database
|
||||
func CreateUser(app *app.App, username string, password string, createdAt time.Time, updatedAt time.Time) (User, error) {
|
||||
// Hash password
|
||||
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
||||
@ -77,8 +88,7 @@ func CreateUser(app *app.App, username string, password string, createdAt time.T
|
||||
|
||||
var lastInsertId int64
|
||||
|
||||
sqlStatement := "INSERT INTO public.\"User\" (\"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\") VALUES ($1, $2, $3, $4) RETURNING \"Id\""
|
||||
err = app.Db.QueryRow(sqlStatement, username, string(hash), createdAt, updatedAt).Scan(&lastInsertId)
|
||||
err = app.Db.QueryRow(insertUser, username, string(hash), createdAt, updatedAt).Scan(&lastInsertId)
|
||||
if err != nil {
|
||||
log.Println("Error creating user row")
|
||||
return User{}, err
|
||||
@ -92,7 +102,7 @@ func AuthenticateUser(app *app.App, w http.ResponseWriter, username string, pass
|
||||
var user User
|
||||
|
||||
// Query row by username
|
||||
err := app.Db.QueryRow("SELECT \"Id\", \"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\" FROM public.\"User\" WHERE \"Username\" = $1", username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
|
||||
err := app.Db.QueryRow(selectUserByUsername, username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
|
||||
if err != nil {
|
||||
log.Println("Authentication error (user not found) for user:" + username)
|
||||
return Session{}, err
|
||||
@ -108,7 +118,7 @@ func AuthenticateUser(app *app.App, w http.ResponseWriter, username string, pass
|
||||
}
|
||||
}
|
||||
|
||||
// LogoutUser deletes the session cookie and token from the database
|
||||
// LogoutUser deletes the session cookie and AuthToken from the database
|
||||
func LogoutUser(app *app.App, w http.ResponseWriter, r *http.Request) {
|
||||
// Get cookie from request
|
||||
cookie, err := r.Cookie("session")
|
||||
@ -120,7 +130,7 @@ func LogoutUser(app *app.App, w http.ResponseWriter, r *http.Request) {
|
||||
// Set token to empty string
|
||||
err = DeleteSessionByAuthToken(app, w, cookie.Value)
|
||||
if err != nil {
|
||||
log.Println("Error deleting session by auth token")
|
||||
log.Println("Error deleting session by AuthToken")
|
||||
return
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user