feat(database): add authentication methods (untested)

lukewhrit · Nov 17, 2024 · 6361f7d · 6361f7d
1 parent 03e52f1
commit 6361f7d
Show file tree

Hide file tree

Showing 5 changed files with 335 additions and 25 deletions.
diff --git a/internal/database/database.go b/internal/database/database.go
@@ -31,10 +31,10 @@ type Document struct {
 }
 
 type Account struct {
-	ID        string     `db:"id" json:"id"`
-	Username  string     `db:"username" json:"username"`
-	Password  string     `db:"password" json:"password"`
-	Documents []Document `db:"documents" json:"documents"`
+	ID       string `db:"id" json:"id"`
+	Username string `db:"username" json:"username"`
+	Password string `db:"password" json:"password"`
+	// Documents []Document `db:"documents" json:"documents"`
 }
 
 type Session struct {
@@ -53,7 +53,7 @@ type Database interface {
 
 	GetAccount(ctx context.Context, id string) (Account, error)
 	CreateAccount(ctx context.Context, username, password string) error
-	UpdateAccount(ctx context.Context, id, username, password string) error
+	// UpdateAccount(ctx context.Context, id, username, password string) error
 	DeleteAccount(ctx context.Context, id string) error
 
 	GetSession(ctx context.Context, id string) (Session, error)

diff --git a/internal/database/database_mysql.go b/internal/database/database_mysql.go
@@ -24,6 +24,7 @@ import (
 	"time"
 
 	_ "github.com/go-sql-driver/mysql"
+	"github.com/lukewhrit/spacebin/internal/util"
 )
 
 type MySQL struct {
@@ -48,7 +49,19 @@ CREATE TABLE IF NOT EXISTS documents (
 	content TEXT NOT NULL,
 	created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
 	updated_at DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
-)`)
+);
+
+CREATE TABLE IF NOT EXISTS accounts (
+	id SERIAL PRIMARY KEY,
+	username varchar(255) NOT NULL,
+	password varchar(255) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS sessions (
+	public varchar(255) PRIMARY KEY,
+	token varchar(255) NOT NULL,
+	secret varchar
+);`)
 
 	return err
 }
@@ -78,10 +91,70 @@ func (m *MySQL) CreateDocument(ctx context.Context, id, content string) error {
 	return tx.Commit()
 }
 
-func (m *MySQL) GetAccount(ctx context.Context, id string) (Account, error)
-func (m *MySQL) CreateAccount(ctx context.Context, username, password string) error
-func (m *MySQL) UpdateAccount(ctx context.Context, id, username, password string) error
-func (m *MySQL) DeleteAccount(ctx context.Context, id string) error
+func (m *MySQL) GetAccount(ctx context.Context, id string) (Account, error) {
+	acc := new(Account)
+	row := m.QueryRow("SELECT * FROM accounts WHERE id=?", id)
+	err := row.Scan(&acc.ID, &acc.Username, &acc.Password)
+
+	return *acc, err
+}
+
+func (m *MySQL) CreateAccount(ctx context.Context, username, password string) error {
+	tx, err := m.Begin()
+
+	if err != nil {
+		return err
+	}
+
+	// Add account to database
+	// Hash and salt the password
+	_, err = tx.Exec("INSERT INTO accounts (username, password) VALUES ($1, $2)",
+		username, util.HashAndSalt([]byte(password)))
+
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}
+
+func (m *MySQL) DeleteAccount(ctx context.Context, id string) error {
+	tx, err := m.Begin()
+
+	if err != nil {
+		return err
+	}
+
+	_, err = tx.Exec("DELETE FROM accounts WHERE id=$1", id)
+
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}
+
+func (m *MySQL) GetSession(ctx context.Context, id string) (Session, error) {
+	session := new(Session)
+	row := m.QueryRow("SELECT * FROM sessions WHERE id=$1", id)
+	err := row.Scan(&session.Public, &session.Token, &session.Secret)
+
+	return *session, err
+}
+
+func (m *MySQL) CreateSession(ctx context.Context, public, token, secret string) error {
+	tx, err := m.Begin()
+
+	if err != nil {
+		return err
+	}
+
+	_, err = tx.Exec("INSERT INTO sessions (public, token, secret) VALUES ($1, $2, $3)",
+		public, token, secret)
 
-func (m *MySQL) GetSession(ctx context.Context, id string) (Session, error)
-func (m *MySQL) CreateSession(ctx context.Context, public, token, secret string) error
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}
diff --git a/internal/database/database_pg.go b/internal/database/database_pg.go
@@ -22,6 +22,7 @@ import (
 	"net/url"
 
 	_ "github.com/lib/pq"
+	"github.com/lukewhrit/spacebin/internal/util"
 )
 
 type Postgres struct {
@@ -41,7 +42,19 @@ CREATE TABLE IF NOT EXISTS documents (
 	content text NOT NULL,
 	created_at timestamp with time zone DEFAULT now(),
 	updated_at timestamp with time zone DEFAULT now()
-)`)
+);
+
+CREATE TABLE IF NOT EXISTS accounts (
+	id SERIAL PRIMARY KEY,
+	username varchar(255) NOT NULL,
+	password varchar(255) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS sessions (
+	public varchar(255) PRIMARY KEY,
+	token varchar(255) NOT NULL,
+	secret varchar
+);`)
 
 	return err
 }
@@ -71,10 +84,70 @@ func (p *Postgres) CreateDocument(ctx context.Context, id, content string) error
 	return tx.Commit()
 }
 
-func (p *Postgres) GetAccount(ctx context.Context, id string) (Account, error)
-func (p *Postgres) CreateAccount(ctx context.Context, username, password string) error
-func (p *Postgres) UpdateAccount(ctx context.Context, id, username, password string) error
-func (p *Postgres) DeleteAccount(ctx context.Context, id string) error
+func (p *Postgres) GetAccount(ctx context.Context, id string) (Account, error) {
+	account := new(Account)
+	row := p.QueryRow("SELECT * FROM accounts WHERE id=$1", id)
+	err := row.Scan(&account.ID, &account.Username, &account.Password)
+
+	return *account, err
+}
+
+func (p *Postgres) CreateAccount(ctx context.Context, username, password string) error {
+	tx, err := p.Begin()
+
+	if err != nil {
+		return err
+	}
+
+	// Add account to database
+	// Hash and salt the password
+	_, err = tx.Exec("INSERT INTO accounts (username, password) VALUES ($1, $2)",
+		username, util.HashAndSalt([]byte(password)))
+
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}
+
+func (p *Postgres) DeleteAccount(ctx context.Context, id string) error {
+	tx, err := p.Begin()
+
+	if err != nil {
+		return err
+	}
+
+	_, err = tx.Exec("DELETE FROM accounts WHERE id=$1", id)
+
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}
+
+func (p *Postgres) GetSession(ctx context.Context, id string) (Session, error) {
+	session := new(Session)
+	row := p.QueryRow("SELECT * FROM sessions WHERE id=$1", id)
+	err := row.Scan(&session.Public, &session.Token, &session.Secret)
+
+	return *session, err
+}
+
+func (p *Postgres) CreateSession(ctx context.Context, public, token, secret string) error {
+	tx, err := p.Begin()
+
+	if err != nil {
+		return err
+	}
+
+	_, err = tx.Exec("INSERT INTO sessions (public, token, secret) VALUES ($1, $2, $3)",
+		public, token, secret)
 
-func (p *Postgres) GetSession(ctx context.Context, id string) (Session, error)
-func (p *Postgres) CreateSession(ctx context.Context, public, token, secret string) error
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}
diff --git a/internal/database/database_sqlite.go b/internal/database/database_sqlite.go
@@ -22,6 +22,7 @@ import (
 	"net/url"
 	"sync"
 
+	"github.com/lukewhrit/spacebin/internal/util"
 	_ "modernc.org/sqlite"
 )
 
@@ -43,6 +44,18 @@ CREATE TABLE IF NOT EXISTS documents (
     content TEXT NOT NULL,
     created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
     usdated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE TABLE IF NOT EXISTS accounts (
+	id SERIAL PRIMARY KEY,
+	username varchar(255) NOT NULL,
+	password varchar(255) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS sessions (
+	public varchar(255) PRIMARY KEY,
+	token varchar(255) NOT NULL,
+	secret varchar
 );`)
 
 	return err
@@ -79,10 +92,85 @@ func (s *SQLite) CreateDocument(ctx context.Context, id, content string) error {
 	return tx.Commit()
 }
 
-func (s *SQLite) GetAccount(ctx context.Context, id string) (Account, error)
-func (s *SQLite) CreateAccount(ctx context.Context, username, password string) error
-func (s *SQLite) UpdateAccount(ctx context.Context, id, username, password string) error
-func (s *SQLite) DeleteAccount(ctx context.Context, id string) error
+func (s *SQLite) GetAccount(ctx context.Context, id string) (Account, error) {
+	s.RLock()
+	defer s.RUnlock()
+
+	acc := new(Account)
+	row := s.QueryRow("SELECT * FROM accounts WHERE id=?", id)
+	err := row.Scan(&acc.ID, &acc.Username, &acc.Password)
+
+	return *acc, err
+}
+
+func (s *SQLite) CreateAccount(ctx context.Context, username, password string) error {
+	s.Lock()
+	defer s.Unlock()
+
+	tx, err := s.Begin()
+
+	if err != nil {
+		return err
+	}
+
+	// Add account to database
+	// Hash and salt the password
+	_, err = tx.Exec("INSERT INTO accounts (username, password) VALUES ($1, $2)",
+		username, util.HashAndSalt([]byte(password)))
+
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}
+
+func (s *SQLite) DeleteAccount(ctx context.Context, id string) error {
+	s.Lock()
+	defer s.Unlock()
+
+	tx, err := s.Begin()
+
+	if err != nil {
+		return err
+	}
 
-func (s *SQLite) GetSession(ctx context.Context, id string) (Session, error)
-func (s *SQLite) CreateSession(ctx context.Context, public, token, secret string) error
+	_, err = tx.Exec("DELETE FROM accounts WHERE id=$1", id)
+
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}
+
+func (s *SQLite) GetSession(ctx context.Context, id string) (Session, error) {
+	s.RLock()
+	defer s.RUnlock()
+
+	session := new(Session)
+	row := s.QueryRow("SELECT * FROM sessions WHERE id=?", id)
+	err := row.Scan(&session.Public, &session.Token, &session.Secret)
+
+	return *session, err
+}
+
+func (s *SQLite) CreateSession(ctx context.Context, public, token, secret string) error {
+	s.Lock()
+	defer s.Unlock()
+
+	tx, err := s.Begin()
+
+	if err != nil {
+		return err
+	}
+
+	_, err = tx.Exec("INSERT INTO sessions (public, token, secret) VALUES ($1, $2, $3)",
+		public, token, secret)
+
+	if err != nil {
+		return err
+	}
+
+	return tx.Commit()
+}