Reimplement CheckLogin functionality

This commit is contained in:
Melon 2024-03-12 03:29:10 +00:00
parent 37570e2157
commit 1a7c13bb51
Signed by: melon
GPG Key ID: 6C9D970C50D26A25
4 changed files with 27 additions and 11 deletions

View File

@ -38,10 +38,26 @@ func (q *Queries) AddUser(ctx context.Context, arg AddUserParams) (string, error
return a.Subject, q.addUser(ctx, a)
}
type CheckLoginRow struct {
Subject string `json:"subject"`
Password password.HashString `json:"password"`
HasTwoFactor bool `json:"hasTwoFactor"`
Email string `json:"email"`
EmailVerified bool `json:"email_verified"`
type CheckLoginResult struct {
Subject string `json:"subject"`
HasTwoFactor bool `json:"hasTwoFactor"`
Email string `json:"email"`
EmailVerified bool `json:"email_verified"`
}
func (q *Queries) CheckLogin(ctx context.Context, un, pw string) (CheckLoginResult, error) {
login, err := q.checkLogin(ctx, un)
if err != nil {
return CheckLoginResult{}, err
}
err = password.CheckPasswordHash(login.Password, pw)
if err != nil {
return CheckLoginResult{}, err
}
return CheckLoginResult{
Subject: login.Subject,
HasTwoFactor: login.HasOtp,
Email: login.Email,
EmailVerified: login.EmailVerified,
}, nil
}

View File

@ -7,7 +7,7 @@ INSERT INTO users (subject, name, username, password, email, email_verified, rol
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);
-- name: checkLogin :one
SELECT subject, password, EXISTS(SELECT 1 FROM otp WHERE otp.subject = users.subject), email, email_verified
SELECT subject, password, cast(EXISTS(SELECT 1 FROM otp WHERE otp.subject = users.subject) AS BOOLEAN) as has_otp, email, email_verified
FROM users
WHERE username = ?
LIMIT 1;

View File

@ -245,7 +245,7 @@ func (q *Queries) changeUserPassword(ctx context.Context, arg changeUserPassword
}
const checkLogin = `-- name: checkLogin :one
SELECT subject, password, EXISTS(SELECT 1 FROM otp WHERE otp.subject = users.subject), email, email_verified
SELECT subject, password, cast(EXISTS(SELECT 1 FROM otp WHERE otp.subject = users.subject) AS BOOLEAN) as has_otp, email, email_verified
FROM users
WHERE username = ?
LIMIT 1
@ -254,7 +254,7 @@ LIMIT 1
type checkLoginRow struct {
Subject string `json:"subject"`
Password password.HashString `json:"password"`
Column3 int64 `json:"column_3"`
HasOtp bool `json:"has_otp"`
Email string `json:"email"`
EmailVerified bool `json:"email_verified"`
}
@ -265,7 +265,7 @@ func (q *Queries) checkLogin(ctx context.Context, username string) (checkLoginRo
err := row.Scan(
&i.Subject,
&i.Password,
&i.Column3,
&i.HasOtp,
&i.Email,
&i.EmailVerified,
)

View File

@ -63,7 +63,7 @@ func (h *HttpServer) LoginPost(rw http.ResponseWriter, req *http.Request, _ http
var hasOtp bool
if h.DbTx(rw, func(tx *database.Queries) error {
loginUser, hasOtpRaw, hasVerifiedEmail, err := tx.CheckLogin(un, pw)
loginUser, err := tx.CheckLogin(req.Context(), un, pw)
if err != nil {
if errors.Is(err, sql.ErrNoRows) || errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) {
loginMismatch = 1