pronounss/backend/db/email.go

package db

import (
	"context"
	"crypto/rand"

	"github.com/jackc/pgx/v5"
	"github.com/jackc/pgx/v5/pgconn"

	"codeberg.org/pronounscc/pronouns.cc/backend/common"
	"emperror.dev/errors"
	"github.com/georgysavva/scany/v2/pgxscan"
)

type UserEmail struct {
	ID           common.EmailID
	UserID       common.UserID
	EmailAddress string
}

func (db *DB) UserEmails(ctx context.Context, userID common.UserID) (es []UserEmail, err error) {
	sql, args, err := sq.Select("*").From("user_emails").Where("user_id = ?", userID).OrderBy("id").ToSql()
	if err != nil {
		return nil, errors.Wrap(err, "building query")
	}

	err = pgxscan.Select(ctx, db, &es, sql, args...)
	if err != nil {
		return nil, errors.Wrap(err, "executing query")
	}

	return NotNull(es), nil
}

// UserByEmail gets a user by their email address.
func (db *DB) UserByEmail(ctx context.Context, email string) (u User, err error) {
	sql, args, err := sq.Select("users.*").
		From("user_emails").
		Join("users ON user_emails.user_id = users.snowflake_id").
		Where("email_address = ?", email).
		ToSql()
	if err != nil {
		return u, errors.Wrap(err, "building query")
	}

	err = pgxscan.Get(ctx, db, &u, sql, args...)
	if err != nil {
		if errors.Cause(err) == pgx.ErrNoRows {
			return u, ErrUserNotFound
		}
		return u, errors.Wrap(err, "executing query")
	}
	return u, nil
}

// EmailExists returns whether an email address already exists. It does not need to be comfirmed.
func (db *DB) EmailExists(ctx context.Context, email string) (exists bool, err error) {
	err = db.QueryRow(ctx, "select exists(SELECT * FROM user_emails WHERE email = $1)", email).Scan(&exists)
	return exists, err
}

const ErrEmailInUse = errors.Sentinel("email already in use")

// AddEmail adds a new email to the database, and generates a confirmation token for it.
func (db *DB) AddEmail(ctx context.Context, tx pgx.Tx, userID common.UserID, email string) (e UserEmail, err error) {
	sql, args, err := sq.Insert("user_emails").SetMap(map[string]any{
		"id":            common.GenerateID(),
		"user_id":       userID,
		"email_address": email,
	}).Suffix("RETURNING *").ToSql()
	if err != nil {
		return e, errors.Wrap(err, "building query")
	}

	err = pgxscan.Get(ctx, tx, &e, sql, args...)
	if err != nil {
		pge := &pgconn.PgError{}
		if errors.As(err, &pge) {
			// unique constraint violation
			if pge.Code == uniqueViolation {
				return e, ErrEmailInUse
			}
		}

		return e, errors.Wrap(err, "executing query")
	}
	return e, nil
}

func (db *DB) SetPassword(ctx context.Context, tx pgx.Tx, userID common.UserID, password string) (err error) {
	salt := make([]byte, 16)
	_, err = rand.Read(salt)
	if err != nil {
		return errors.Wrap(err, "creating salt")
	}

	hash := hashPassword([]byte(password), salt)

	sql, args, err := sq.Update("users").Set("password", hash).Set("salt", salt).Where("snowflake_id = ?", userID).ToSql()
	if err != nil {
		return errors.Wrap(err, "building sql")
	}

	_, err = tx.Exec(ctx, sql, args...)
	return errors.Wrap(err, "executing query")
}
start email functions 2023-12-18 23:39:16 +01:00			`package db`

			`import (`
			`"context"`
feat: add POST /api/v2/auth/email/signup/confirm 2024-02-13 16:57:03 +01:00			`"crypto/rand"`

start email functions 2023-12-18 23:39:16 +01:00			`"github.com/jackc/pgx/v5"`
			`"github.com/jackc/pgx/v5/pgconn"`

			`"codeberg.org/pronounscc/pronouns.cc/backend/common"`
			`"emperror.dev/errors"`
			`"github.com/georgysavva/scany/v2/pgxscan"`
			`)`

			`type UserEmail struct {`
			`ID common.EmailID`
			`UserID common.UserID`
			`EmailAddress string`
			`}`

			`func (db *DB) UserEmails(ctx context.Context, userID common.UserID) (es []UserEmail, err error) {`
			`sql, args, err := sq.Select("*").From("user_emails").Where("user_id = ?", userID).OrderBy("id").ToSql()`
			`if err != nil {`
			`return nil, errors.Wrap(err, "building query")`
			`}`

			`err = pgxscan.Select(ctx, db, &es, sql, args...)`
			`if err != nil {`
			`return nil, errors.Wrap(err, "executing query")`
			`}`

			`return NotNull(es), nil`
			`}`

			`// UserByEmail gets a user by their email address.`
			`func (db *DB) UserByEmail(ctx context.Context, email string) (u User, err error) {`
			`sql, args, err := sq.Select("users.*").`
			`From("user_emails").`
			`Join("users ON user_emails.user_id = users.snowflake_id").`
			`Where("email_address = ?", email).`
			`ToSql()`
			`if err != nil {`
			`return u, errors.Wrap(err, "building query")`
			`}`

			`err = pgxscan.Get(ctx, db, &u, sql, args...)`
			`if err != nil {`
			`if errors.Cause(err) == pgx.ErrNoRows {`
			`return u, ErrUserNotFound`
			`}`
			`return u, errors.Wrap(err, "executing query")`
			`}`
			`return u, nil`
			`}`

			`// EmailExists returns whether an email address already exists. It does not need to be comfirmed.`
			`func (db *DB) EmailExists(ctx context.Context, email string) (exists bool, err error) {`
			`err = db.QueryRow(ctx, "select exists(SELECT * FROM user_emails WHERE email = $1)", email).Scan(&exists)`
			`return exists, err`
			`}`

			`const ErrEmailInUse = errors.Sentinel("email already in use")`

			`// AddEmail adds a new email to the database, and generates a confirmation token for it.`
			`func (db *DB) AddEmail(ctx context.Context, tx pgx.Tx, userID common.UserID, email string) (e UserEmail, err error) {`
			`sql, args, err := sq.Insert("user_emails").SetMap(map[string]any{`
feat: add POST /api/v2/auth/email/signup/confirm 2024-02-13 16:57:03 +01:00			`"id": common.GenerateID(),`
			`"user_id": userID,`
			`"email_address": email,`
start email functions 2023-12-18 23:39:16 +01:00			`}).Suffix("RETURNING *").ToSql()`
			`if err != nil {`
			`return e, errors.Wrap(err, "building query")`
			`}`

			`err = pgxscan.Get(ctx, tx, &e, sql, args...)`
			`if err != nil {`
			`pge := &pgconn.PgError{}`
			`if errors.As(err, &pge) {`
			`// unique constraint violation`
			`if pge.Code == uniqueViolation {`
			`return e, ErrEmailInUse`
			`}`
			`}`

			`return e, errors.Wrap(err, "executing query")`
			`}`
			`return e, nil`
			`}`
feat: add POST /api/v2/auth/email/signup/confirm 2024-02-13 16:57:03 +01:00
			`func (db *DB) SetPassword(ctx context.Context, tx pgx.Tx, userID common.UserID, password string) (err error) {`
			`salt := make([]byte, 16)`
			`_, err = rand.Read(salt)`
			`if err != nil {`
			`return errors.Wrap(err, "creating salt")`
			`}`

			`hash := hashPassword([]byte(password), salt)`

			`sql, args, err := sq.Update("users").Set("password", hash).Set("salt", salt).Where("snowflake_id = ?", userID).ToSql()`
			`if err != nil {`
			`return errors.Wrap(err, "building sql")`
			`}`

			`_, err = tx.Exec(ctx, sql, args...)`
			`return errors.Wrap(err, "executing query")`
			`}`