case insensitive username
This commit is contained in:
scs
72
main.go
72
main.go
@@ -56,7 +56,7 @@ func UsernameAvailable(username string) bool {
|
||||
return false
|
||||
}
|
||||
var u string
|
||||
q := fmt.Sprintf("select username from %s_auth where username=$1", c.TablePrefix)
|
||||
q := fmt.Sprintf("select username from %s_auth where username ILIKE $1", c.TablePrefix)
|
||||
err := c.db.Get(&u, q, username)
|
||||
if err == sql.ErrNoRows {
|
||||
return true
|
||||
@@ -91,7 +91,7 @@ func Register(username, email, ip string) bool {
|
||||
return true
|
||||
}
|
||||
log.Printf("scsusers.Register: Failed to send registration email, deleting user %s\n", username)
|
||||
q=fmt.Sprintf("delete from %s_auth where username=$1 AND password=$2", c.TablePrefix)
|
||||
q=fmt.Sprintf("delete from %s_auth where username ILIKE $1 AND password=$2", c.TablePrefix)
|
||||
_,err = c.db.Exec(q, username, string(crypt))
|
||||
if err != nil {
|
||||
log.Printf("scsusers.Register: Failed to delete new user %s: %s\n", username, err.Error())
|
||||
@@ -100,7 +100,7 @@ func Register(username, email, ip string) bool {
|
||||
}
|
||||
|
||||
func Login(username, password string) bool {
|
||||
q:=fmt.Sprintf("select password from %s_auth where username=$1 AND status='active'",c.TablePrefix)
|
||||
q:=fmt.Sprintf("select password from %s_auth where username ILIKE $1 AND status='active'",c.TablePrefix)
|
||||
var crypt string
|
||||
err:=c.db.Get(&crypt, q, username)
|
||||
if err != nil {
|
||||
@@ -118,7 +118,7 @@ func Login(username, password string) bool {
|
||||
|
||||
func ChangePassword(username, oldpass, newpass string) bool {
|
||||
log.Println("scsusers.ChangePassword: Attempting password change for "+ username)
|
||||
q:=fmt.Sprintf("select password from %s_auth where username=$1 AND status='active'",c.TablePrefix)
|
||||
q:=fmt.Sprintf("select password from %s_auth where username ILIKE $1 AND status='active'",c.TablePrefix)
|
||||
var crypt string
|
||||
err:=c.db.Get(&crypt, q, username)
|
||||
if err != nil {
|
||||
@@ -130,7 +130,7 @@ func ChangePassword(username, oldpass, newpass string) bool {
|
||||
return false
|
||||
}
|
||||
newcrypt, err := bcrypt.GenerateFromPassword([]byte(newpass), 10)
|
||||
q=fmt.Sprintf("update %s_auth set password=$2 where username=$1", c.TablePrefix)
|
||||
q=fmt.Sprintf("update %s_auth set password=$2 where username ILIKE $1", c.TablePrefix)
|
||||
_,err=c.db.Exec(q, username, newcrypt)
|
||||
if err!= nil {
|
||||
log.Printf("scsusers.ChangePassword: update failed for %s: %s\n", username, err.Error())
|
||||
@@ -143,7 +143,7 @@ func ChangePassword(username, oldpass, newpass string) bool {
|
||||
|
||||
func GetUserid(username string) int64 {
|
||||
var i int64
|
||||
q:=fmt.Sprintf("select userid from %s_auth where username=$1", c.TablePrefix)
|
||||
q:=fmt.Sprintf("select userid from %s_auth where username ILIKE $1", c.TablePrefix)
|
||||
err:=c.db.Get(&i, q, username)
|
||||
if err != nil {
|
||||
log.Printf("scsusers.getUserId: Error loading user: %s : %s\n", username, err.Error())
|
||||
@@ -153,7 +153,7 @@ func GetUserid(username string) int64 {
|
||||
}
|
||||
func LoadUser(username string) (UserData, error) {
|
||||
var u UserData
|
||||
q:=fmt.Sprintf("select data from %s_userdata where username=$1", c.TablePrefix)
|
||||
q:=fmt.Sprintf("select data from %s_userdata where username ILIKE $1", c.TablePrefix)
|
||||
var d string
|
||||
err:=c.db.Get(d, q, username)
|
||||
if err != nil {
|
||||
@@ -168,7 +168,7 @@ func LoadUser(username string) (UserData, error) {
|
||||
}
|
||||
|
||||
func SaveUser(username string, d UserData) bool {
|
||||
q:=fmt.Sprintf("update %s_userdata set data=$1 where username=$2")
|
||||
q:=fmt.Sprintf("update %s_userdata set data=$1 where username ILIKE $2")
|
||||
j, err:=json.Marshal(d)
|
||||
if err != nil {
|
||||
log.Printf("scsusers.SaveUser: json.Marshal failed for username %s : %s\n", username, err.Error())
|
||||
@@ -184,7 +184,7 @@ func SaveUser(username string, d UserData) bool {
|
||||
}
|
||||
|
||||
func Bump(username string) {
|
||||
q:=fmt.Sprintf("update %s_auth set lastseen=CURRENT_TIMESTAMP where username=$1", c.TablePrefix)
|
||||
q:=fmt.Sprintf("update %s_auth set lastseen=CURRENT_TIMESTAMP where username ILIKE $1", c.TablePrefix)
|
||||
_, err :=c.db.Exec(q, username)
|
||||
if err != nil {
|
||||
log.Printf("scsusers.Bump: Error on user bump: %s : %s\n", username, err.Error())
|
||||
@@ -200,7 +200,7 @@ func GetAllMeta(username string) (map[string]string) {
|
||||
meta:=make(map[string]string)
|
||||
q:=fmt.Sprintf(`select meta_key, meta_value
|
||||
from %s_user_metadata where
|
||||
user_id=(select userid from %s_auth where username=?)`,
|
||||
user_id=(select userid from %s_auth where username ILIKE $1)`,
|
||||
c.TablePrefix, c.TablePrefix)
|
||||
rows,err:=c.db.Queryx(q, username)
|
||||
if err != nil {
|
||||
@@ -222,7 +222,7 @@ func GetAllMeta(username string) (map[string]string) {
|
||||
func GetMeta(username string, metakey string) string {
|
||||
var v string
|
||||
q:=fmt.Sprintf(`select meta_value from %s_user_metadata where
|
||||
user_id=(select userid from %s_auth where username=?) AND meta_key=?`, c.TablePrefix, c.TablePrefix)
|
||||
user_id=(select userid from %s_auth where username ILIKE $1) AND meta_key=$2`, c.TablePrefix, c.TablePrefix)
|
||||
err:=c.db.Get(&v, q, username, metakey)
|
||||
if err != nil {
|
||||
log.Printf("scsusers.GetMeta: %s - %s - %s\n", username, metakey, err.Error())
|
||||
@@ -233,12 +233,12 @@ func GetMeta(username string, metakey string) string {
|
||||
func SetMeta(username string, metakey string, metavalue string) {
|
||||
var err error
|
||||
if metavalue=="" {
|
||||
q:=fmt.Sprintf(`delete from %s_user_metadata where user_id=(select userid from %s_auth where username=?) AND meta_key=?`,
|
||||
q:=fmt.Sprintf(`delete from %s_user_metadata where user_id=(select userid from %s_auth where username ILIKE $1) AND meta_key=$2`,
|
||||
c.TablePrefix, c.TablePrefix)
|
||||
_, err=c.db.Exec(q, username, metakey)
|
||||
} else {
|
||||
q:=fmt.Sprintf(`insert into %s_user_metadata (user_id, meta_key, meta_value) VALUES
|
||||
((select userid from %s_auth where username=?), ?, ?)`, c.TablePrefix, c.TablePrefix)
|
||||
((select userid from %s_auth where username ILIKE $1), $2, $3)`, c.TablePrefix, c.TablePrefix)
|
||||
_,err=c.db.Exec(q, username, metakey, metavalue)
|
||||
}
|
||||
if err != nil {
|
||||
@@ -246,55 +246,15 @@ func SetMeta(username string, metakey string, metavalue string) {
|
||||
}
|
||||
}
|
||||
|
||||
func GetRoles(username string) []string {
|
||||
var roles []string
|
||||
q:=fmt.Sprintf(`select role_name from %s_roles
|
||||
left join %s_user_roles on %s_roles.role_id=%s_user_roles.role_id
|
||||
left join %s_auth on %s_user_roles.user_id=%s_auth.user_id
|
||||
where %s_auth.username=?`, c.TablePrefix, c.TablePrefix, c.TablePrefix, c.TablePrefix, c.TablePrefix, c.TablePrefix, c.TablePrefix)
|
||||
err:=c.db.Select(&roles,q, username)
|
||||
if err != nil {
|
||||
log.Printf("scsusers.GetRoles: %s : %s\n", username, err.Error())
|
||||
}
|
||||
return roles
|
||||
}
|
||||
|
||||
func HasRole(username string, role string) bool {
|
||||
roles:=GetRoles(username)
|
||||
for _,a:=range(roles) {
|
||||
if a==role {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func AddRole(username string, role string) bool {
|
||||
if HasRole(username, role) {
|
||||
return true
|
||||
}
|
||||
q:=fmt.Sprintf(`insert into %s_user_roles (user_id, role_id)
|
||||
VALUES (
|
||||
(select userid from %s_auth where username=?),
|
||||
(select role_id from %s_roles where role_name=?)
|
||||
);
|
||||
`, c.TablePrefix, c.TablePrefix, c.TablePrefix)
|
||||
_, err:=c.db.Exec(q)
|
||||
if err != nil {
|
||||
log.Printf("scsusers.AddRole: %s %s %s\n", username, role, err.Error())
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
func RecoverByUsername(u string) {
|
||||
var username, email string
|
||||
q:=fmt.Sprintf("select username, email from %s_auth where username=$1", c.TablePrefix)
|
||||
q:=fmt.Sprintf("select username, email from %s_auth where username ILIKE $1", c.TablePrefix)
|
||||
row:=c.db.QueryRow(q, u)
|
||||
err:=row.Scan(&username, &email)
|
||||
if err!=sql.ErrNoRows {
|
||||
recoverycode:=randBytes(16)
|
||||
qq:=fmt.Sprintf("update %s_auth set recoverycode=$1, recoverytime=NOW() where username=$2", c.TablePrefix)
|
||||
qq:=fmt.Sprintf("update %s_auth set recoverycode=$1, recoverytime=NOW() where username ILIKE $2", c.TablePrefix)
|
||||
_,err:=c.db.Exec(qq, recoverycode, username)
|
||||
if err==nil {
|
||||
sendRecoveryEmail(email, username, string(recoverycode))
|
||||
@@ -309,7 +269,7 @@ func RecoverByEmail(e string) {
|
||||
err:=row.Scan(&username, &email)
|
||||
if err!=sql.ErrNoRows {
|
||||
recoverycode:=randBytes(16)
|
||||
qq:=fmt.Sprintf("update %s_auth set recoverycode=$1, recoverytime=NOW() where username=$2", c.TablePrefix)
|
||||
qq:=fmt.Sprintf("update %s_auth set recoverycode=$1, recoverytime=NOW() where username ILIKE $2", c.TablePrefix)
|
||||
_,err:=c.db.Exec(qq, recoverycode, username)
|
||||
if err==nil {
|
||||
sendRecoveryEmail(email, username, string(recoverycode))
|
||||
|
||||
Reference in New Issue
Block a user