Decouple SQL queries from logic

This commit is contained in:
Maximilian 2023-03-05 15:46:43 -06:00
parent 75d8996cf9
commit eff740072d
2 changed files with 35 additions and 14 deletions

View File

@ -16,6 +16,17 @@ type Session struct {
CreatedAt time.Time CreatedAt time.Time
} }
const sessionColumnsNoId = "\"UserId\", \"AuthToken\", \"CreatedAt\""
const sessionColumns = "\"Id\", " + sessionColumnsNoId
const sessionTable = "public.\"Session\""
const (
selectSessionByAuthToken = "SELECT " + sessionColumns + " FROM " + sessionTable + " WHERE \"AuthToken\" = $1"
selectAuthTokenIfExists = "SELECT EXISTS(SELECT 1 FROM " + sessionTable + " WHERE \"AuthToken\" = $1)"
insertSession = "INSERT INTO " + sessionTable + " (" + sessionColumnsNoId + ") VALUES ($1, $2, $3) RETURNING \"Id\""
deleteSessionByAuthToken = "DELETE FROM " + sessionTable + " WHERE \"AuthToken\" = $1"
)
// CreateSession creates a new session for a user // CreateSession creates a new session for a user
func CreateSession(app *app.App, w http.ResponseWriter, userId int64) (Session, error) { func CreateSession(app *app.App, w http.ResponseWriter, userId int64) (Session, error) {
session := Session{} session := Session{}
@ -25,7 +36,7 @@ func CreateSession(app *app.App, w http.ResponseWriter, userId int64) (Session,
// If the AuthToken column for any user matches the token, set existingAuthToken to true // If the AuthToken column for any user matches the token, set existingAuthToken to true
var existingAuthToken bool var existingAuthToken bool
err := app.Db.QueryRow("SELECT EXISTS(SELECT 1 FROM public.\"Session\" WHERE \"AuthToken\" = $1)", session.AuthToken).Scan(&existingAuthToken) err := app.Db.QueryRow(selectAuthTokenIfExists, session.AuthToken).Scan(&existingAuthToken)
if err != nil { if err != nil {
log.Println("Error checking for existing auth token") log.Println("Error checking for existing auth token")
log.Println(err) log.Println(err)
@ -39,7 +50,7 @@ func CreateSession(app *app.App, w http.ResponseWriter, userId int64) (Session,
} }
// Insert session into database // Insert session into database
err = app.Db.QueryRow("INSERT INTO public.\"Session\" (\"UserId\", \"AuthToken\", \"CreatedAt\") VALUES ($1, $2, $3) RETURNING \"Id\"", session.UserId, session.AuthToken, session.CreatedAt).Scan(&session.Id) err = app.Db.QueryRow(insertSession, session.UserId, session.AuthToken, session.CreatedAt).Scan(&session.Id)
if err != nil { if err != nil {
log.Println("Error inserting session into database") log.Println("Error inserting session into database")
return Session{}, err return Session{}, err
@ -91,7 +102,7 @@ func deleteSessionCookie(app *app.App, w http.ResponseWriter) {
// DeleteSessionByAuthToken deletes a session from the database by AuthToken // DeleteSessionByAuthToken deletes a session from the database by AuthToken
func DeleteSessionByAuthToken(app *app.App, w http.ResponseWriter, authToken string) error { func DeleteSessionByAuthToken(app *app.App, w http.ResponseWriter, authToken string) error {
// Delete session from database // Delete session from database
_, err := app.Db.Exec("DELETE FROM public.\"Session\" WHERE \"AuthToken\" = $1", authToken) _, err := app.Db.Exec(deleteSessionByAuthToken, authToken)
if err != nil { if err != nil {
log.Println("Error deleting session from database") log.Println("Error deleting session from database")
return err return err

View File

@ -18,6 +18,17 @@ type User struct {
UpdatedAt time.Time UpdatedAt time.Time
} }
const userColumnsNoId = "\"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\""
const userColumns = "\"Id\", " + userColumnsNoId
const userTable = "public.\"User\""
const (
selectSessionIdByAuthToken = "SELECT \"Id\" FROM public.\"Session\" WHERE \"AuthToken\" = $1"
selectUserById = "SELECT " + userColumns + " FROM " + userTable + " WHERE \"Id\" = $1"
selectUserByUsername = "SELECT " + userColumns + " FROM " + userTable + " WHERE \"Username\" = $1"
insertUser = "INSERT INTO " + userTable + " (" + userColumnsNoId + ") VALUES ($1, $2, $3, $4) RETURNING \"Id\""
)
// GetCurrentUser finds the currently logged-in user by session cookie // GetCurrentUser finds the currently logged-in user by session cookie
func GetCurrentUser(app *app.App, r *http.Request) (User, error) { func GetCurrentUser(app *app.App, r *http.Request) (User, error) {
cookie, err := r.Cookie("session") cookie, err := r.Cookie("session")
@ -29,7 +40,7 @@ func GetCurrentUser(app *app.App, r *http.Request) (User, error) {
var userId int64 var userId int64
// Query row by AuthToken // Query row by AuthToken
err = app.Db.QueryRow("SELECT \"Id\" FROM public.\"Session\" WHERE \"AuthToken\" = $1", cookie.Value).Scan(&userId) err = app.Db.QueryRow(selectSessionIdByAuthToken, cookie.Value).Scan(&userId)
if err != nil { if err != nil {
log.Println("Error querying session row with session: " + cookie.Value) log.Println("Error querying session row with session: " + cookie.Value)
return User{}, err return User{}, err
@ -38,12 +49,12 @@ func GetCurrentUser(app *app.App, r *http.Request) (User, error) {
return GetUserById(app, userId) return GetUserById(app, userId)
} }
// GetUserById finds a users table row in the database by id and returns a struct representing this row // GetUserById finds a User table row in the database by id and returns a struct representing this row
func GetUserById(app *app.App, id int64) (User, error) { func GetUserById(app *app.App, id int64) (User, error) {
user := User{} user := User{}
// Query row by id // Query row by id
err := app.Db.QueryRow("SELECT \"Id\", \"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\" FROM public.\"User\" WHERE \"Id\" = $1", id).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt) err := app.Db.QueryRow(selectUserById, id).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
if err != nil { if err != nil {
log.Println("Get user error (user not found) for user id:" + strconv.FormatInt(id, 10)) log.Println("Get user error (user not found) for user id:" + strconv.FormatInt(id, 10))
return User{}, err return User{}, err
@ -52,12 +63,12 @@ func GetUserById(app *app.App, id int64) (User, error) {
return user, nil return user, nil
} }
// GetUserByUsername finds a users table row in the database by username and returns a struct representing this row // GetUserByUsername finds a User table row in the database by username and returns a struct representing this row
func GetUserByUsername(app *app.App, username string) (User, error) { func GetUserByUsername(app *app.App, username string) (User, error) {
user := User{} user := User{}
// Query row by username // Query row by username
err := app.Db.QueryRow("SELECT \"Id\", \"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\" FROM public.\"User\" WHERE \"Username\" = $1", username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt) err := app.Db.QueryRow(selectUserByUsername, username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
if err != nil { if err != nil {
log.Println("Get user error (user not found) for user:" + username) log.Println("Get user error (user not found) for user:" + username)
return User{}, err return User{}, err
@ -66,7 +77,7 @@ func GetUserByUsername(app *app.App, username string) (User, error) {
return user, nil return user, nil
} }
// CreateUser creates a users table row in the database // CreateUser creates a User table row in the database
func CreateUser(app *app.App, username string, password string, createdAt time.Time, updatedAt time.Time) (User, error) { func CreateUser(app *app.App, username string, password string, createdAt time.Time, updatedAt time.Time) (User, error) {
// Hash password // Hash password
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
@ -77,8 +88,7 @@ func CreateUser(app *app.App, username string, password string, createdAt time.T
var lastInsertId int64 var lastInsertId int64
sqlStatement := "INSERT INTO public.\"User\" (\"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\") VALUES ($1, $2, $3, $4) RETURNING \"Id\"" err = app.Db.QueryRow(insertUser, username, string(hash), createdAt, updatedAt).Scan(&lastInsertId)
err = app.Db.QueryRow(sqlStatement, username, string(hash), createdAt, updatedAt).Scan(&lastInsertId)
if err != nil { if err != nil {
log.Println("Error creating user row") log.Println("Error creating user row")
return User{}, err return User{}, err
@ -92,7 +102,7 @@ func AuthenticateUser(app *app.App, w http.ResponseWriter, username string, pass
var user User var user User
// Query row by username // Query row by username
err := app.Db.QueryRow("SELECT \"Id\", \"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\" FROM public.\"User\" WHERE \"Username\" = $1", username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt) err := app.Db.QueryRow(selectUserByUsername, username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
if err != nil { if err != nil {
log.Println("Authentication error (user not found) for user:" + username) log.Println("Authentication error (user not found) for user:" + username)
return Session{}, err return Session{}, err
@ -108,7 +118,7 @@ func AuthenticateUser(app *app.App, w http.ResponseWriter, username string, pass
} }
} }
// LogoutUser deletes the session cookie and token from the database // LogoutUser deletes the session cookie and AuthToken from the database
func LogoutUser(app *app.App, w http.ResponseWriter, r *http.Request) { func LogoutUser(app *app.App, w http.ResponseWriter, r *http.Request) {
// Get cookie from request // Get cookie from request
cookie, err := r.Cookie("session") cookie, err := r.Cookie("session")
@ -120,7 +130,7 @@ func LogoutUser(app *app.App, w http.ResponseWriter, r *http.Request) {
// Set token to empty string // Set token to empty string
err = DeleteSessionByAuthToken(app, w, cookie.Value) err = DeleteSessionByAuthToken(app, w, cookie.Value)
if err != nil { if err != nil {
log.Println("Error deleting session by auth token") log.Println("Error deleting session by AuthToken")
return return
} }