tulip/database/tx.go

package database

import (
	"database/sql"
	"fmt"
	"github.com/1f349/tulip/password"
	"github.com/1f349/twofactor"
	"github.com/go-oauth2/oauth2/v4"
	"github.com/google/uuid"
	"time"
)

func updatedAt() string {
	return time.Now().UTC().Format(time.DateTime)
}

type Tx struct{ tx *sql.Tx }

func (t *Tx) Commit() error {
	return t.tx.Commit()
}

func (t *Tx) Rollback() {
	_ = t.tx.Rollback()
}

func (t *Tx) HasUser() error {
	var exists bool
	row := t.tx.QueryRow(`SELECT EXISTS(SELECT 1 FROM users)`)
	err := row.Scan(&exists)
	if err != nil {
		return err
	}
	if !exists {
		return sql.ErrNoRows
	}
	return nil
}

func (t *Tx) InsertUser(name, un, pw, email string, role UserRole, active bool) (uuid.UUID, error) {
	pwHash, err := password.HashPassword(pw)
	if err != nil {
		return uuid.UUID{}, err
	}
	u := uuid.New()
	_, err = t.tx.Exec(`INSERT INTO users (subject, name, username, password, email, role, updated_at, active) VALUES (?, ?, ?, ?, ?, ?, ?, ?)`, u, name, un, pwHash, email, role, updatedAt(), active)
	return u, err
}

func (t *Tx) CheckLogin(un, pw string) (*User, bool, bool, error) {
	var u User
	var pwHash password.HashString
	var hasOtp, hasVerify bool
	row := t.tx.QueryRow(`SELECT subject, password, EXISTS(SELECT 1 FROM otp WHERE otp.subject = users.subject), email, email_verified FROM users WHERE username = ?`, un)
	err := row.Scan(&u.Sub, &pwHash, &hasOtp, &u.Email, &hasVerify)
	if err != nil {
		return nil, false, false, err
	}
	err = password.CheckPasswordHash(pwHash, pw)
	return &u, hasOtp, hasVerify, err
}

func (t *Tx) GetUserDisplayName(sub uuid.UUID) (*User, error) {
	var u User
	row := t.tx.QueryRow(`SELECT name FROM users WHERE subject = ? LIMIT 1`, sub.String())
	err := row.Scan(&u.Name)
	u.Sub = sub
	return &u, err
}

func (t *Tx) GetUserRole(sub uuid.UUID) (UserRole, error) {
	var r UserRole
	row := t.tx.QueryRow(`SELECT role FROM users WHERE subject = ? LIMIT 1`, sub.String())
	err := row.Scan(&r)
	return r, err
}

func (t *Tx) GetUser(sub uuid.UUID) (*User, error) {
	var u User
	row := t.tx.QueryRow(`SELECT name, username, picture, website, email, email_verified, pronouns, birthdate, zoneinfo, locale, updated_at, active FROM users WHERE subject = ?`, sub.String())
	err := row.Scan(&u.Name, &u.Username, &u.Picture, &u.Website, &u.Email, &u.EmailVerified, &u.Pronouns, &u.Birthdate, &u.ZoneInfo, &u.Locale, &u.UpdatedAt, &u.Active)
	u.Sub = sub
	return &u, err
}

func (t *Tx) GetUserEmail(sub uuid.UUID) (string, error) {
	var email string
	row := t.tx.QueryRow(`SELECT email FROM users WHERE subject = ?`, sub.String())
	err := row.Scan(&email)
	return email, err
}

func (t *Tx) ChangeUserPassword(sub uuid.UUID, pwOld, pwNew string) error {
	q, err := t.tx.Query(`SELECT password FROM users WHERE subject = ?`, sub)
	if err != nil {
		return err
	}
	var pwHash password.HashString
	if q.Next() {
		err = q.Scan(&pwHash)
		if err != nil {
			return err
		}
	} else {
		return fmt.Errorf("invalid user")
	}
	if err := q.Err(); err != nil {
		return err
	}
	if err := q.Close(); err != nil {
		return err
	}
	err = password.CheckPasswordHash(pwHash, pwOld)
	if err != nil {
		return err
	}
	pwNewHash, err := password.HashPassword(pwNew)
	if err != nil {
		return err
	}
	exec, err := t.tx.Exec(`UPDATE users SET password = ?, updated_at = ? WHERE subject = ? AND password = ?`, pwNewHash, updatedAt(), sub, pwHash)
	if err != nil {
		return err
	}
	affected, err := exec.RowsAffected()
	if err != nil {
		return err
	}
	if affected != 1 {
		return fmt.Errorf("row wasn't updated")
	}
	return nil
}

func (t *Tx) ModifyUser(sub uuid.UUID, v *UserPatch) error {
	exec, err := t.tx.Exec(
		`UPDATE users
SET name       = ?,
    picture    = ?,
    website    = ?,
    pronouns   = ?,
    birthdate  = ?,
    zoneinfo   = ?,
    locale     = ?,
    updated_at = ?
WHERE subject = ?`,
		v.Name,
		v.Picture,
		v.Website,
		v.Pronouns.String(),
		v.Birthdate,
		v.ZoneInfo.String(),
		v.Locale.String(),
		updatedAt(),
		sub,
	)
	if err != nil {
		return err
	}
	affected, err := exec.RowsAffected()
	if err != nil {
		return err
	}
	if affected != 1 {
		return fmt.Errorf("row wasn't updated")
	}
	return nil
}

func (t *Tx) SetTwoFactor(sub uuid.UUID, totp *twofactor.Totp) error {
	u, err := totp.ToBytes()
	if err != nil {
		return err
	}
	_, err = t.tx.Exec(`INSERT INTO otp(subject, raw) VALUES (?, ?) ON CONFLICT(subject) DO UPDATE SET raw = excluded.raw`, sub.String(), u)
	return err
}

func (t *Tx) GetTwoFactor(sub uuid.UUID, issuer string) (*twofactor.Totp, error) {
	var u []byte
	row := t.tx.QueryRow(`SELECT raw FROM otp WHERE subject = ?`, sub.String())
	err := row.Scan(&u)
	if err != nil {
		return nil, err
	}
	return twofactor.TOTPFromBytes(u, issuer)
}

func (t *Tx) HasTwoFactor(sub uuid.UUID) (bool, error) {
	var hasOtp bool
	row := t.tx.QueryRow(`SELECT EXISTS(SELECT 1 FROM otp WHERE otp.subject = ?)`, sub)
	err := row.Scan(&hasOtp)
	if err != nil {
		return false, err
	}
	return hasOtp, row.Err()
}

func (t *Tx) GetClientInfo(sub string) (oauth2.ClientInfo, error) {
	var u ClientInfoDbOutput
	row := t.tx.QueryRow(`SELECT secret, name, domain, sso, active FROM client_store WHERE subject = ? LIMIT 1`, sub)
	err := row.Scan(&u.Secret, &u.Name, &u.Domain, &u.SSO, &u.Active)
	u.Owner = sub
	if !u.Active {
		return nil, fmt.Errorf("client is not active")
	}
	return &u, err
}

func (t *Tx) GetAppList(offset int) ([]ClientInfoDbOutput, error) {
	var u []ClientInfoDbOutput
	row, err := t.tx.Query(`SELECT subject, name, domain, owner, sso, active FROM client_store LIMIT 25 OFFSET ?`, offset)
	if err != nil {
		return nil, err
	}
	defer row.Close()
	for row.Next() {
		var a ClientInfoDbOutput
		err := row.Scan(&a.Sub, &a.Name, &a.Domain, &a.Owner, &a.SSO, &a.Active)
		if err != nil {
			return nil, err
		}
		u = append(u, a)
	}
	return u, row.Err()
}

func (t *Tx) InsertClientApp(name, domain string, sso, active bool, owner uuid.UUID) error {
	u := uuid.New()
	secret, err := password.GenerateApiSecret(70)
	if err != nil {
		return err
	}
	_, err = t.tx.Exec(`INSERT INTO client_store (subject, name, secret, domain, owner, sso, active) VALUES (?, ?, ?, ?, ?, ?, ?)`, u.String(), name, secret, domain, owner.String(), sso, active)
	return err
}

func (t *Tx) UpdateClientApp(subject uuid.UUID, name, domain string, sso, active bool) error {
	_, err := t.tx.Exec(`UPDATE client_store SET name = ?, domain = ?, sso = ?, active = ? WHERE subject = ?`, name, domain, sso, active, subject.String())
	return err
}

func (t *Tx) ResetClientAppSecret(subject uuid.UUID, secret string) error {
	secret, err := password.GenerateApiSecret(70)
	if err != nil {
		return err
	}
	_, err = t.tx.Exec(`UPDATE client_store SET secret = ? WHERE subject = ?`, secret, subject.String())
	return err
}

func (t *Tx) GetUserList(offset int) ([]User, error) {
	var u []User
	row, err := t.tx.Query(`SELECT subject, name, username, picture, website, email, email_verified, pronouns, birthdate, zoneinfo, locale, role, updated_at, active FROM users LIMIT 25 OFFSET ?`, offset)
	if err != nil {
		return nil, err
	}
	for row.Next() {
		var a User
		err := row.Scan(&a.Sub, &a.Name, &a.Username, &a.Picture, &a.Website, &a.Email, &a.EmailVerified, &a.Pronouns, &a.Birthdate, &a.ZoneInfo, &a.Locale, &a.Role, &a.UpdatedAt, &a.Active)
		if err != nil {
			return nil, err
		}
		u = append(u, a)
	}
	return u, row.Err()
}

func (t *Tx) UpdateUser(subject uuid.UUID, role UserRole, active bool) error {
	_, err := t.tx.Exec(`UPDATE users SET active = ?, role = ? WHERE subject = ?`, active, role, subject)
	return err
}

func (t *Tx) VerifyUserEmail(sub uuid.UUID) error {
	_, err := t.tx.Exec(`UPDATE users SET email_verified = 1 WHERE subject = ?`, sub.String())
	return err
}

func (t *Tx) UserResetPassword(sub uuid.UUID, pw string) error {
	hashPassword, err := password.HashPassword(pw)
	if err != nil {
		return err
	}
	exec, err := t.tx.Exec(`UPDATE users SET password = ?, updated_at = ? WHERE subject = ?`, hashPassword, updatedAt(), sub.String())
	if err != nil {
		return err
	}
	affected, err := exec.RowsAffected()
	if err != nil {
		return err
	}
	if affected != 1 {
		return fmt.Errorf("row wasn't updated")
	}
	return nil
}

func (t *Tx) UserEmailExists(email string) (exists bool, err error) {
	row := t.tx.QueryRow(`SELECT EXISTS(SELECT 1 FROM users WHERE email = ? and email_verified = 1)`, email)
	err = row.Scan(&exists)
	return
}
Lots of code changes 2023-09-06 22:20:09 +01:00			`package database`

			`import (`
			`"database/sql"`
			`"fmt"`
			`"github.com/1f349/tulip/password"`
Add OTP and fix up oauth with the new page rendering system 2023-09-09 01:38:10 +01:00			`"github.com/1f349/twofactor"`
Lots of code changes 2023-09-06 22:20:09 +01:00			`"github.com/go-oauth2/oauth2/v4"`
			`"github.com/google/uuid"`
			`"time"`
			`)`

Provide datalist for zoneinfo and locale 2023-09-07 16:34:51 +01:00			`func updatedAt() string {`
			`return time.Now().UTC().Format(time.DateTime)`
			`}`

Lots of code changes 2023-09-06 22:20:09 +01:00			`type Tx struct{ tx *sql.Tx }`

			`func (t *Tx) Commit() error {`
			`return t.tx.Commit()`
			`}`

			`func (t *Tx) Rollback() {`
			`_ = t.tx.Rollback()`
			`}`

			`func (t *Tx) HasUser() error {`
			`var exists bool`
			row := t.tx.QueryRow(`SELECT EXISTS(SELECT 1 FROM users)`)
			`err := row.Scan(&exists)`
			`if err != nil {`
			`return err`
			`}`
			`if !exists {`
			`return sql.ErrNoRows`
			`}`
			`return nil`
			`}`

Add mailer and output true user info 2023-09-24 18:24:16 +01:00			`func (t *Tx) InsertUser(name, un, pw, email string, role UserRole, active bool) (uuid.UUID, error) {`
Lots of code changes 2023-09-06 22:20:09 +01:00			`pwHash, err := password.HashPassword(pw)`
			`if err != nil {`
Add mailer and output true user info 2023-09-24 18:24:16 +01:00			`return uuid.UUID{}, err`
Lots of code changes 2023-09-06 22:20:09 +01:00			`}`
Add mailer and output true user info 2023-09-24 18:24:16 +01:00			`u := uuid.New()`
			_, err = t.tx.Exec(`INSERT INTO users (subject, name, username, password, email, role, updated_at, active) VALUES (?, ?, ?, ?, ?, ?, ?, ?)`, u, name, un, pwHash, email, role, updatedAt(), active)
			`return u, err`
Lots of code changes 2023-09-06 22:20:09 +01:00			`}`

Add mailer and output true user info 2023-09-24 18:24:16 +01:00			`func (t Tx) CheckLogin(un, pw string) (User, bool, bool, error) {`
Lots of code changes 2023-09-06 22:20:09 +01:00			`var u User`
Start adding a reset password system 2023-09-29 16:37:23 +01:00			`var pwHash password.HashString`
Add mailer and output true user info 2023-09-24 18:24:16 +01:00			`var hasOtp, hasVerify bool`
			row := t.tx.QueryRow(`SELECT subject, password, EXISTS(SELECT 1 FROM otp WHERE otp.subject = users.subject), email, email_verified FROM users WHERE username = ?`, un)
Start adding a reset password system 2023-09-29 16:37:23 +01:00			`err := row.Scan(&u.Sub, &pwHash, &hasOtp, &u.Email, &hasVerify)`
Lots of code changes 2023-09-06 22:20:09 +01:00			`if err != nil {`
Add mailer and output true user info 2023-09-24 18:24:16 +01:00			`return nil, false, false, err`
Lots of code changes 2023-09-06 22:20:09 +01:00			`}`
Start adding a reset password system 2023-09-29 16:37:23 +01:00			`err = password.CheckPasswordHash(pwHash, pw)`
Add mailer and output true user info 2023-09-24 18:24:16 +01:00			`return &u, hasOtp, hasVerify, err`
Lots of code changes 2023-09-06 22:20:09 +01:00			`}`

			`func (t Tx) GetUserDisplayName(sub uuid.UUID) (User, error) {`
			`var u User`
			row := t.tx.QueryRow(`SELECT name FROM users WHERE subject = ? LIMIT 1`, sub.String())
			`err := row.Scan(&u.Name)`
			`u.Sub = sub`
			`return &u, err`
			`}`

Login, edit, oauth, otp and management page changes 2023-09-15 13:06:31 +01:00			`func (t *Tx) GetUserRole(sub uuid.UUID) (UserRole, error) {`
			`var r UserRole`
			row := t.tx.QueryRow(`SELECT role FROM users WHERE subject = ? LIMIT 1`, sub.String())
			`err := row.Scan(&r)`
			`return r, err`
			`}`

Lots of code changes 2023-09-06 22:20:09 +01:00			`func (t Tx) GetUser(sub uuid.UUID) (User, error) {`
			`var u User`
Start adding a reset password system 2023-09-29 16:37:23 +01:00			row := t.tx.QueryRow(`SELECT name, username, picture, website, email, email_verified, pronouns, birthdate, zoneinfo, locale, updated_at, active FROM users WHERE subject = ?`, sub.String())
			`err := row.Scan(&u.Name, &u.Username, &u.Picture, &u.Website, &u.Email, &u.EmailVerified, &u.Pronouns, &u.Birthdate, &u.ZoneInfo, &u.Locale, &u.UpdatedAt, &u.Active)`
Lots of code changes 2023-09-06 22:20:09 +01:00			`u.Sub = sub`
			`return &u, err`
			`}`

Add OTP and fix up oauth with the new page rendering system 2023-09-09 01:38:10 +01:00			`func (t *Tx) GetUserEmail(sub uuid.UUID) (string, error) {`
			`var email string`
			row := t.tx.QueryRow(`SELECT email FROM users WHERE subject = ?`, sub.String())
			`err := row.Scan(&email)`
			`return email, err`
			`}`

Lots of code changes 2023-09-06 22:20:09 +01:00			`func (t *Tx) ChangeUserPassword(sub uuid.UUID, pwOld, pwNew string) error {`
			q, err := t.tx.Query(`SELECT password FROM users WHERE subject = ?`, sub)
			`if err != nil {`
			`return err`
			`}`
Start adding a reset password system 2023-09-29 16:37:23 +01:00			`var pwHash password.HashString`
Lots of code changes 2023-09-06 22:20:09 +01:00			`if q.Next() {`
			`err = q.Scan(&pwHash)`
			`if err != nil {`
			`return err`
			`}`
			`} else {`
			`return fmt.Errorf("invalid user")`
			`}`
			`if err := q.Err(); err != nil {`
			`return err`
			`}`
			`if err := q.Close(); err != nil {`
			`return err`
			`}`
			`err = password.CheckPasswordHash(pwHash, pwOld)`
			`if err != nil {`
			`return err`
			`}`
			`pwNewHash, err := password.HashPassword(pwNew)`
			`if err != nil {`
			`return err`
			`}`
Provide datalist for zoneinfo and locale 2023-09-07 16:34:51 +01:00			exec, err := t.tx.Exec(`UPDATE users SET password = ?, updated_at = ? WHERE subject = ? AND password = ?`, pwNewHash, updatedAt(), sub, pwHash)
Lots of code changes 2023-09-06 22:20:09 +01:00			`if err != nil {`
			`return err`
			`}`
			`affected, err := exec.RowsAffected()`
			`if err != nil {`
			`return err`
			`}`
			`if affected != 1 {`
			`return fmt.Errorf("row wasn't updated")`
			`}`
			`return nil`
			`}`

			`func (t Tx) ModifyUser(sub uuid.UUID, v UserPatch) error {`
			`exec, err := t.tx.Exec(`
			`UPDATE users
Improve underlying types and start writing edit page 2023-09-07 11:45:16 +01:00			`SET name = ?,`
			`picture = ?,`
			`website = ?,`
			`pronouns = ?,`
			`birthdate = ?,`
			`zoneinfo = ?,`
			`locale = ?,`
Lots of code changes 2023-09-06 22:20:09 +01:00			`updated_at = ?`
			WHERE subject = ?`,
			`v.Name,`
Improve underlying types and start writing edit page 2023-09-07 11:45:16 +01:00			`v.Picture,`
			`v.Website,`
Lots of code changes 2023-09-06 22:20:09 +01:00			`v.Pronouns.String(),`
Improve underlying types and start writing edit page 2023-09-07 11:45:16 +01:00			`v.Birthdate,`
Lots of code changes 2023-09-06 22:20:09 +01:00			`v.ZoneInfo.String(),`
			`v.Locale.String(),`
Provide datalist for zoneinfo and locale 2023-09-07 16:34:51 +01:00			`updatedAt(),`
Lots of code changes 2023-09-06 22:20:09 +01:00			`sub,`
			`)`
			`if err != nil {`
			`return err`
			`}`
			`affected, err := exec.RowsAffected()`
			`if err != nil {`
			`return err`
			`}`
			`if affected != 1 {`
			`return fmt.Errorf("row wasn't updated")`
			`}`
			`return nil`
			`}`

Add OTP and fix up oauth with the new page rendering system 2023-09-09 01:38:10 +01:00			`func (t Tx) SetTwoFactor(sub uuid.UUID, totp twofactor.Totp) error {`
			`u, err := totp.ToBytes()`
			`if err != nil {`
			`return err`
			`}`
			_, err = t.tx.Exec(`INSERT INTO otp(subject, raw) VALUES (?, ?) ON CONFLICT(subject) DO UPDATE SET raw = excluded.raw`, sub.String(), u)
			`return err`
			`}`

			`func (t Tx) GetTwoFactor(sub uuid.UUID, issuer string) (twofactor.Totp, error) {`
			`var u []byte`
			row := t.tx.QueryRow(`SELECT raw FROM otp WHERE subject = ?`, sub.String())
			`err := row.Scan(&u)`
			`if err != nil {`
			`return nil, err`
			`}`
			`return twofactor.TOTPFromBytes(u, issuer)`
			`}`

Login, edit, oauth, otp and management page changes 2023-09-15 13:06:31 +01:00			`func (t *Tx) HasTwoFactor(sub uuid.UUID) (bool, error) {`
			`var hasOtp bool`
			row := t.tx.QueryRow(`SELECT EXISTS(SELECT 1 FROM otp WHERE otp.subject = ?)`, sub)
			`err := row.Scan(&hasOtp)`
			`if err != nil {`
			`return false, err`
			`}`
			`return hasOtp, row.Err()`
			`}`

Lots of code changes 2023-09-06 22:20:09 +01:00			`func (t *Tx) GetClientInfo(sub string) (oauth2.ClientInfo, error) {`
Login, edit, oauth, otp and management page changes 2023-09-15 13:06:31 +01:00			`var u ClientInfoDbOutput`
Add OTP and fix up oauth with the new page rendering system 2023-09-09 01:38:10 +01:00			row := t.tx.QueryRow(`SELECT secret, name, domain, sso, active FROM client_store WHERE subject = ? LIMIT 1`, sub)
Login, edit, oauth, otp and management page changes 2023-09-15 13:06:31 +01:00			`err := row.Scan(&u.Secret, &u.Name, &u.Domain, &u.SSO, &u.Active)`
			`u.Owner = sub`
			`if !u.Active {`
Add OTP and fix up oauth with the new page rendering system 2023-09-09 01:38:10 +01:00			`return nil, fmt.Errorf("client is not active")`
			`}`
Lots of code changes 2023-09-06 22:20:09 +01:00			`return &u, err`
			`}`

Login, edit, oauth, otp and management page changes 2023-09-15 13:06:31 +01:00			`func (t *Tx) GetAppList(offset int) ([]ClientInfoDbOutput, error) {`
			`var u []ClientInfoDbOutput`
			row, err := t.tx.Query(`SELECT subject, name, domain, owner, sso, active FROM client_store LIMIT 25 OFFSET ?`, offset)
			`if err != nil {`
			`return nil, err`
			`}`
			`defer row.Close()`
			`for row.Next() {`
			`var a ClientInfoDbOutput`
			`err := row.Scan(&a.Sub, &a.Name, &a.Domain, &a.Owner, &a.SSO, &a.Active)`
			`if err != nil {`
			`return nil, err`
			`}`
			`u = append(u, a)`
			`}`
			`return u, row.Err()`
Lots of code changes 2023-09-06 22:20:09 +01:00			`}`

Login, edit, oauth, otp and management page changes 2023-09-15 13:06:31 +01:00			`func (t *Tx) InsertClientApp(name, domain string, sso, active bool, owner uuid.UUID) error {`
			`u := uuid.New()`
			`secret, err := password.GenerateApiSecret(70)`
			`if err != nil {`
			`return err`
			`}`
			_, err = t.tx.Exec(`INSERT INTO client_store (subject, name, secret, domain, owner, sso, active) VALUES (?, ?, ?, ?, ?, ?, ?)`, u.String(), name, secret, domain, owner.String(), sso, active)
			`return err`
			`}`
Add OTP and fix up oauth with the new page rendering system 2023-09-09 01:38:10 +01:00
Login, edit, oauth, otp and management page changes 2023-09-15 13:06:31 +01:00			`func (t *Tx) UpdateClientApp(subject uuid.UUID, name, domain string, sso, active bool) error {`
			_, err := t.tx.Exec(`UPDATE client_store SET name = ?, domain = ?, sso = ?, active = ? WHERE subject = ?`, name, domain, sso, active, subject.String())
			`return err`
			`}`

			`func (t *Tx) ResetClientAppSecret(subject uuid.UUID, secret string) error {`
			`secret, err := password.GenerateApiSecret(70)`
			`if err != nil {`
			`return err`
			`}`
			_, err = t.tx.Exec(`UPDATE client_store SET secret = ? WHERE subject = ?`, secret, subject.String())
			`return err`
			`}`

			`func (t *Tx) GetUserList(offset int) ([]User, error) {`
			`var u []User`
			row, err := t.tx.Query(`SELECT subject, name, username, picture, website, email, email_verified, pronouns, birthdate, zoneinfo, locale, role, updated_at, active FROM users LIMIT 25 OFFSET ?`, offset)
			`if err != nil {`
			`return nil, err`
			`}`
			`for row.Next() {`
			`var a User`
			`err := row.Scan(&a.Sub, &a.Name, &a.Username, &a.Picture, &a.Website, &a.Email, &a.EmailVerified, &a.Pronouns, &a.Birthdate, &a.ZoneInfo, &a.Locale, &a.Role, &a.UpdatedAt, &a.Active)`
			`if err != nil {`
			`return nil, err`
			`}`
			`u = append(u, a)`
			`}`
			`return u, row.Err()`
			`}`

			`func (t *Tx) UpdateUser(subject uuid.UUID, role UserRole, active bool) error {`
			_, err := t.tx.Exec(`UPDATE users SET active = ?, role = ? WHERE subject = ?`, active, role, subject)
			`return err`
			`}`

Add mailer and output true user info 2023-09-24 18:24:16 +01:00			`func (t *Tx) VerifyUserEmail(sub uuid.UUID) error {`
			_, err := t.tx.Exec(`UPDATE users SET email_verified = 1 WHERE subject = ?`, sub.String())
			`return err`
			`}`

Start adding a reset password system 2023-09-29 16:37:23 +01:00			`func (t *Tx) UserResetPassword(sub uuid.UUID, pw string) error {`
			`hashPassword, err := password.HashPassword(pw)`
			`if err != nil {`
			`return err`
			`}`
			exec, err := t.tx.Exec(`UPDATE users SET password = ?, updated_at = ? WHERE subject = ?`, hashPassword, updatedAt(), sub.String())
			`if err != nil {`
			`return err`
			`}`
			`affected, err := exec.RowsAffected()`
			`if err != nil {`
			`return err`
			`}`
			`if affected != 1 {`
			`return fmt.Errorf("row wasn't updated")`
			`}`
			`return nil`
			`}`

			`func (t *Tx) UserEmailExists(email string) (exists bool, err error) {`
			row := t.tx.QueryRow(`SELECT EXISTS(SELECT 1 FROM users WHERE email = ? and email_verified = 1)`, email)
			`err = row.Scan(&exists)`
			`return`
Login, edit, oauth, otp and management page changes 2023-09-15 13:06:31 +01:00			`}`