Initial sessions implementation

2024-03-03 09:16:49 +01:00
parent 8f7ac979a3
commit 45036fe286
12 changed files with 267 additions and 103 deletions
--- a/cmd/data/articles.go
+++ b/cmd/data/articles.go
@ -8,12 +8,14 @@ import (
 )

 type Article struct {
-	Title   string
-	Created time.Time
-	Desc    string
-	Content string
-	Tags    []string
-	UUID    uuid.UUID
+	Title    string
+	Author   string
+	Created  time.Time
+	Desc     string
+	Content  string
+	Tags     []string
+	UUID     uuid.UUID
+	AuthorID int64
 }

 type ArticleList struct {
--- a/cmd/data/db.go
+++ b/cmd/data/db.go
@ -43,8 +43,7 @@ func (db *DB) AddUser(user User, pass string) error {
 	query := `
    INSERT INTO users
        (username, password, first_name, last_name, role)
-    VALUES
-        (?, ?, ?, ?, ?)
+    VALUES (?, ?, ?, ?, ?)
    `
 	_, err = db.Exec(query, user.UserName, string(hashedPass), user.FirstName, user.LastName, user.Role)
 	if err != nil {
@ -58,10 +57,9 @@ func (db *DB) GetID(userName string) (int64, error) {
 	var id int64

 	query := `
-    SELECT id FROM
-        users
-    WHERE
-        username = ?
+    SELECT id
+    FROM users
+    WHERE username = ?
    `
 	row := db.QueryRow(query, userName)
 	if err := row.Scan(&id); err != nil {
@ -75,10 +73,9 @@ func (db *DB) CheckPassword(id int64, pass string) error {
 	var queriedPass string

 	query := `
-    SELECT password FROM
-        users
-    WHERE
-        id = ?
+    SELECT password
+    FROM users
+    WHERE id = ?
    `
 	row := db.QueryRow(query, id)
 	if err := row.Scan(&queriedPass); err != nil {
@ -103,10 +100,9 @@ func (db *DB) ChangePassword(id int64, oldPass, newPass string) error {
 	}

 	query := `
-    UPDATE users SET
-        password = ?
-    WHERE
-        id = ?
+    UPDATE users
+    SET password = ?
+    WHERE id = ?
    `
 	_, err = db.Exec(query, string(newHashedPass), id)
 	if err != nil {
@ -127,3 +123,21 @@ func (db *DB) CountEntries() (int64, error) {

 	return count, nil
 }
+
+// TODO: No need for ID field in general
+func (db *DB) GetUser(id int64) (*User, error) {
+	user := new(User)
+	query := `
+    SELECT id, username, first_name, last_name, role
+    FROM users
+    WHERE id = ?
+    `
+
+	row := db.QueryRow(query, id)
+	if err := row.Scan(&user.ID, &user.UserName, &user.FirstName,
+		&user.LastName, &user.Role); err != nil {
+		return nil, fmt.Errorf("error reading user information: %v", err)
+	}
+
+	return user, nil
+}
--- a/cmd/data/sessions.go
+++ b/cmd/data/sessions.go
@ -0,0 +1,66 @@
+package data
+
+import (
+	"crypto/rand"
+	"encoding/gob"
+	"fmt"
+	"io"
+	"os"
+
+	"github.com/gorilla/sessions"
+)
+
+type CookieStore struct {
+	sessions.CookieStore
+}
+
+func NewKey() ([]byte, error) {
+	key := make([]byte, 32)
+
+	_, err := io.ReadFull(rand.Reader, key)
+	if err != nil {
+		return nil, fmt.Errorf("error generating key: %v", err)
+	}
+
+	return key, nil
+}
+
+func SaveKey(key []byte, filename string) error {
+	file, err := os.Create(filename)
+	if err != nil {
+		return fmt.Errorf("error creating key file: %v", err)
+	}
+	defer file.Close()
+	file.Chmod(0600)
+
+	encoder := gob.NewEncoder(file)
+	err = encoder.Encode(key)
+	if err != nil {
+		return fmt.Errorf("error ecoding key: %v", err)
+	}
+
+	return nil
+}
+
+func LoadKey(filename string) ([]byte, error) {
+	file, err := os.Open(filename)
+	if err != nil {
+		return nil, fmt.Errorf("error opening key file: %v", err)
+	}
+
+	key := make([]byte, 32)
+	decoder := gob.NewDecoder(file)
+	err = decoder.Decode(&key)
+	if err != nil {
+		return nil, fmt.Errorf("error decoding key: %v", err)
+	}
+
+	return key, nil
+}
+
+func NewCookieStore(key []byte) *CookieStore {
+	store := sessions.NewCookieStore(key)
+	store.Options.Secure = true
+	store.Options.HttpOnly = true
+	return &CookieStore{*store}
+}
--- a/cmd/data/user.go
+++ b/cmd/data/user.go
@ -6,13 +6,11 @@ const (
 	Writer
 )

-type Role int
-
 type User struct {
 	UserName         string
 	FirstName        string
 	LastName         string
 	RejectedArticles []*Article
 	ID               int64
-	Role
+	Role             int
 }