aboutsummaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--pkg/database/password.go8
-rw-r--r--pkg/database/users.go25
-rw-r--r--pkg/database/users_test.go73
-rw-r--r--pkg/model/users.go5
4 files changed, 106 insertions, 5 deletions
diff --git a/pkg/database/password.go b/pkg/database/password.go
index d24183d..10abe4b 100644
--- a/pkg/database/password.go
+++ b/pkg/database/password.go
@@ -12,3 +12,11 @@ func hashPassword(password string) (string, error) {
}
return string(bytes), nil
}
+
+func checkPassword(hash string, password string) error {
+ err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
+ if err != nil {
+ return newPasswordError(err)
+ }
+ return nil
+}
diff --git a/pkg/database/users.go b/pkg/database/users.go
index 3f75f62..10e6416 100644
--- a/pkg/database/users.go
+++ b/pkg/database/users.go
@@ -45,3 +45,28 @@ func (env *DBEnv) CreateUser(reg *model.UserRegistration) (*model.User, error) {
}
return &user, nil
}
+
+// Login logs a user in if the password matches the hash in database
+// a PasswordError is return if the passwords do not match
+// a QueryError is returned if the username contains invalid sql characters like %
+func (env *DBEnv) Login(login *model.UserLogin) (*model.User, error) {
+ query := `SELECT id, password, email FROM users WHERE username = $1;`
+ user := model.User{Username: login.Username}
+ var hash string
+ err := env.db.QueryRow(
+ query,
+ login.Username,
+ ).Scan(
+ &user.Id,
+ &hash,
+ &user.Email,
+ )
+ if err != nil {
+ return nil, newQueryError("Could not run database query", err)
+ }
+ err = checkPassword(hash, login.Password)
+ if err != nil {
+ return nil, err
+ }
+ return &user, nil
+}
diff --git a/pkg/database/users_test.go b/pkg/database/users_test.go
index 4b87d90..b1197db 100644
--- a/pkg/database/users_test.go
+++ b/pkg/database/users_test.go
@@ -32,18 +32,17 @@ func TestCreateUser(t *testing.T) {
// Test cases
testCases := []struct {
name string
- db *DBEnv
input *model.UserRegistration
expected int
expectedError interface{}
}{
- {"Normal user", db, &normalUser, 1, nil},
- {"Duplicate user", db, &normalUser, 0, &QueryError{}},
- {"Normal user 2", db, &normalUser2, 2, nil},
+ {"Normal user", &normalUser, 1, nil},
+ {"Duplicate user", &normalUser, 0, &QueryError{}},
+ {"Normal user 2", &normalUser2, 2, nil},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
- valid, err := tc.db.CreateUser(tc.input)
+ valid, err := db.CreateUser(tc.input)
if tc.expectedError != nil {
require.Error(t, err)
assert.Equalf(t, reflect.TypeOf(err), reflect.TypeOf(tc.expectedError), "Invalid error type. Got %s but expected %s", reflect.TypeOf(err), reflect.TypeOf(tc.expectedError))
@@ -109,3 +108,67 @@ func TestCreateUserWithSQLMock(t *testing.T) {
})
}
}
+
+func TestLogin(t *testing.T) {
+ user1 := model.UserRegistration{
+ Username: "user1",
+ Password: "user1_pass",
+ Email: "user1",
+ }
+ user2 := model.UserRegistration{
+ Username: "user2",
+ Password: "user2_pass",
+ Email: "user2",
+ }
+ // test db setup
+ db, err := InitDB("sqlite3", "file::memory:?_foreign_keys=on")
+ require.NoError(t, err)
+ err = db.Migrate()
+ require.NoError(t, err)
+ _, err = db.CreateUser(&user1)
+ require.NoError(t, err)
+ _, err = db.CreateUser(&user2)
+ require.NoError(t, err)
+ // successful logins
+ loginUser1 := model.UserLogin{
+ Username: user1.Username,
+ Password: user1.Password,
+ }
+ loginUser2 := model.UserLogin{
+ Username: user2.Username,
+ Password: user2.Password,
+ }
+ // a failed login
+ failedUser1 := model.UserLogin{
+ Username: user1.Username,
+ Password: user2.Password,
+ }
+ // Query error
+ queryError := model.UserLogin{
+ Username: "%",
+ }
+ // Test cases
+ testCases := []struct {
+ name string
+ input *model.UserLogin
+ expectedError interface{}
+ }{
+ {"login user1", &loginUser1, nil},
+ {"login user2", &loginUser2, nil},
+ {"failed login", &failedUser1, &PasswordError{}},
+ {"query error", &queryError, &QueryError{}},
+ }
+ for _, tc := range testCases {
+ t.Run(tc.name, func(t *testing.T) {
+ valid, err := db.Login(tc.input)
+ if tc.expectedError != nil {
+ require.Error(t, err)
+ assert.Equalf(t, reflect.TypeOf(err), reflect.TypeOf(tc.expectedError), "Invalid error type. Got %s but expected %s", reflect.TypeOf(err), reflect.TypeOf(tc.expectedError))
+ require.Nil(t, valid)
+ } else {
+ require.NoError(t, err)
+ assert.Equal(t, tc.input.Username, valid.Username)
+ }
+ })
+ }
+}
diff --git a/pkg/model/users.go b/pkg/model/users.go
index dfef67b..e4b4bf0 100644
--- a/pkg/model/users.go
+++ b/pkg/model/users.go
@@ -10,6 +10,11 @@ type User struct {
Last_login_at *time.Time `json:"last_login_at"`
}
+type UserLogin struct {
+ Username string `json:"username"`
+ Password string `json:"password"`
+}
+
type UserRegistration struct {
Username string `json:"username"`
Password string `json:"password"`