pronounss/backend/db/email.go

106 lines
3 KiB
Go

package db
import (
"context"
"crypto/rand"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgconn"
"codeberg.org/pronounscc/pronouns.cc/backend/common"
"emperror.dev/errors"
"github.com/georgysavva/scany/v2/pgxscan"
)
type UserEmail struct {
ID common.EmailID
UserID common.UserID
EmailAddress string
}
func (db *DB) UserEmails(ctx context.Context, userID common.UserID) (es []UserEmail, err error) {
sql, args, err := sq.Select("*").From("user_emails").Where("user_id = ?", userID).OrderBy("id").ToSql()
if err != nil {
return nil, errors.Wrap(err, "building query")
}
err = pgxscan.Select(ctx, db, &es, sql, args...)
if err != nil {
return nil, errors.Wrap(err, "executing query")
}
return NotNull(es), nil
}
// UserByEmail gets a user by their email address.
func (db *DB) UserByEmail(ctx context.Context, email string) (u User, err error) {
sql, args, err := sq.Select("users.*").
From("user_emails").
Join("users ON user_emails.user_id = users.snowflake_id").
Where("email_address = ?", email).
ToSql()
if err != nil {
return u, errors.Wrap(err, "building query")
}
err = pgxscan.Get(ctx, db, &u, sql, args...)
if err != nil {
if errors.Cause(err) == pgx.ErrNoRows {
return u, ErrUserNotFound
}
return u, errors.Wrap(err, "executing query")
}
return u, nil
}
// EmailExists returns whether an email address already exists. It does not need to be comfirmed.
func (db *DB) EmailExists(ctx context.Context, email string) (exists bool, err error) {
err = db.QueryRow(ctx, "select exists(SELECT * FROM user_emails WHERE email = $1)", email).Scan(&exists)
return exists, err
}
const ErrEmailInUse = errors.Sentinel("email already in use")
// AddEmail adds a new email to the database, and generates a confirmation token for it.
func (db *DB) AddEmail(ctx context.Context, tx pgx.Tx, userID common.UserID, email string) (e UserEmail, err error) {
sql, args, err := sq.Insert("user_emails").SetMap(map[string]any{
"id": common.GenerateID(),
"user_id": userID,
"email_address": email,
}).Suffix("RETURNING *").ToSql()
if err != nil {
return e, errors.Wrap(err, "building query")
}
err = pgxscan.Get(ctx, tx, &e, sql, args...)
if err != nil {
pge := &pgconn.PgError{}
if errors.As(err, &pge) {
// unique constraint violation
if pge.Code == uniqueViolation {
return e, ErrEmailInUse
}
}
return e, errors.Wrap(err, "executing query")
}
return e, nil
}
func (db *DB) SetPassword(ctx context.Context, tx pgx.Tx, userID common.UserID, password string) (err error) {
salt := make([]byte, 16)
_, err = rand.Read(salt)
if err != nil {
return errors.Wrap(err, "creating salt")
}
hash := hashPassword([]byte(password), salt)
sql, args, err := sq.Update("users").Set("password", hash).Set("salt", salt).Where("snowflake_id = ?", userID).ToSql()
if err != nil {
return errors.Wrap(err, "building sql")
}
_, err = tx.Exec(ctx, sql, args...)
return errors.Wrap(err, "executing query")
}