shortcut
/
scsusers
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Some case fixes

This commit is contained in:
Your Name 2020-07-18 07:55:19 -04:00
parent a39ba83c85
commit 187d9d2ce2
1 changed files with 65 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
main.go
View File

@ -55,9 +55,11 @@ func UsernameAvailable(username string) bool {
if len(username) == 0 { if len(username) == 0 {
return false return false
} }
var u string var tmp string
u := strings.ToLower(username)
q := fmt.Sprintf("select username from %s_auth where username ILIKE $1", c.TablePrefix) q := fmt.Sprintf("select username from %s_auth where username ILIKE $1", c.TablePrefix)
err := c.db.Get(&u, q, username) err := c.db.Get(&tmp, q, u)
if err == sql.ErrNoRows { if err == sql.ErrNoRows {
return true return true
} }
@ -74,14 +76,16 @@ func Register(username, email, ip string) bool {
if !UsernameAvailable(username) { if !UsernameAvailable(username) {
return false return false
} }
u := strings.ToLower(username)
pass := randBytes(16) pass := randBytes(16)
crypt, err := bcrypt.GenerateFromPassword(pass, 10) crypt, err := bcrypt.GenerateFromPassword(pass, 10)
if err != nil { if err != nil {
log.Printf("scsusers.Register: Bcrypt GenerateFromPassword failed? Pass is %s and error is %s\n", pass, err.Error()) log.Printf("scsusers.Register: Bcrypt GenerateFromPassword failed? Pass is %s and error is %s\n", pass, err.Error())
return false return false
} }
q := fmt.Sprintf("insert into %s_auth (username, email, password, registration_date, registration_ip) values ($1, $2, $3, CURRENT_TIMESTAMP, $4)", c.TablePrefix) q := fmt.Sprintf("insert into %s_auth (username, , displayname, email, password, registration_date, registration_ip) values ($1, $2, $3, CURRENT_TIMESTAMP, $4)", c.TablePrefix)
_, err = c.db.Exec(q, username, email, crypt, ip) _, err = c.db.Exec(q, u, username, email, crypt, ip)
if err != nil { if err != nil {
log.Printf("scsusers.Register: insert failed: %s\n", err.Error()) log.Printf("scsusers.Register: insert failed: %s\n", err.Error())
return false return false
@ -100,9 +104,11 @@ func Register(username, email, ip string) bool {
} }
func Login(username, password string) bool { func Login(username, password string) bool {
q := fmt.Sprintf("select password from %s_auth where username ILIKE $1 AND status='active'", c.TablePrefix) u := strings.ToLower(username)
q := fmt.Sprintf("select password from %s_auth where username = $1 AND status='active'", c.TablePrefix)
var crypt string var crypt string
err := c.db.Get(&crypt, q, username) err := c.db.Get(&crypt, q, u)
if err != nil { if err != nil {
log.Printf("scsusers.Login: Failed login attempt for unknown username: %s\n", username) log.Printf("scsusers.Login: Failed login attempt for unknown username: %s\n", username)
return false return false
@ -116,9 +122,11 @@ func Login(username, password string) bool {
} }
func ChangePassword(username, oldpass, newpass string) bool { func ChangePassword(username, oldpass, newpass string) bool {
q := fmt.Sprintf("select password from %s_auth where username ILIKE $1 AND status='active'", c.TablePrefix) u := strings.ToLower(username)
q := fmt.Sprintf("select password from %s_auth where username = $1 AND status='active'", c.TablePrefix)
var crypt string var crypt string
err := c.db.Get(&crypt, q, username) err := c.db.Get(&crypt, q, u)
if err != nil { if err != nil {
log.Println("scsusers.ChangePassword: Failed change attempt for unknown username: " + username) log.Println("scsusers.ChangePassword: Failed change attempt for unknown username: " + username)
return false return false
@ -128,8 +136,8 @@ func ChangePassword(username, oldpass, newpass string) bool {
return false return false
} }
newcrypt, err := bcrypt.GenerateFromPassword([]byte(newpass), 10) newcrypt, err := bcrypt.GenerateFromPassword([]byte(newpass), 10)
q = fmt.Sprintf("update %s_auth set password=$2 where username ILIKE $1", c.TablePrefix) q = fmt.Sprintf("update %s_auth set password=$2 where username = $1", c.TablePrefix)
_, err = c.db.Exec(q, username, newcrypt) _, err = c.db.Exec(q, u, newcrypt)
if err != nil { if err != nil {
log.Printf("scsusers.ChangePassword: update failed for %s: %s\n", username, err.Error()) log.Printf("scsusers.ChangePassword: update failed for %s: %s\n", username, err.Error())
return false return false
@ -140,8 +148,10 @@ func ChangePassword(username, oldpass, newpass string) bool {
func GetUserid(username string) int64 { func GetUserid(username string) int64 {
var i int64 var i int64
q := fmt.Sprintf("select userid from %s_auth where username ILIKE $1", c.TablePrefix) u := strings.ToLower(username)
err := c.db.Get(&i, q, username)
q := fmt.Sprintf("select userid from %s_auth where username = $1", c.TablePrefix)
err := c.db.Get(&i, q, u)
if err != nil { if err != nil {
log.Printf("scsusers.getUserId: Error loading user: %s : %s\n", username, err.Error()) log.Printf("scsusers.getUserId: Error loading user: %s : %s\n", username, err.Error())
return 0 return 0
@ -149,29 +159,32 @@ func GetUserid(username string) int64 {
return i return i
} }
func LoadUser(username string) (UserData, error) { func LoadUser(username string) (UserData, error) {
var u UserData var tmp UserData
q := fmt.Sprintf("select data from %s_userdata where username ILIKE $1", c.TablePrefix) u := strings.ToLower(username)
q := fmt.Sprintf("select data from %s_userdata where username = $1", c.TablePrefix)
var d string var d string
err := c.db.Get(d, q, username) err := c.db.Get(d, q, u)
if err != nil { if err != nil {
log.Printf("scsusers.LoadUser: Error loading user: %s : %s\n", username, err.Error()) log.Printf("scsusers.LoadUser: Error loading user: %s : %s\n", username, err.Error())
return u, err return tmp, err
} }
err = json.Unmarshal([]byte(d), &u) err = json.Unmarshal([]byte(d), &tmp)
if err != nil { if err != nil {
log.Printf("scsusers.LoadUser: Error decoding json on user %s. Unmarshal returned %s\n", username, err.Error()) log.Printf("scsusers.LoadUser: Error decoding json on user %s. Unmarshal returned %s\n", username, err.Error())
} }
return u, err return tmp, err
} }
func SaveUser(username string, d UserData) bool { func SaveUser(username string, d UserData) bool {
q := fmt.Sprintf("update %s_userdata set data=$1 where username ILIKE $2") u := strings.ToLower(username)
q := fmt.Sprintf("update %s_userdata set data=$1 where username = $2", c.TablePrefix)
j, err := json.Marshal(d) j, err := json.Marshal(d)
if err != nil { if err != nil {
log.Printf("scsusers.SaveUser: json.Marshal failed for username %s : %s\n", username, err.Error()) log.Printf("scsusers.SaveUser: json.Marshal failed for username %s : %s\n", username, err.Error())
return false return false
} }
_, err = c.db.Exec(q, username, j) _, err = c.db.Exec(q, u, j)
if err != nil { if err != nil {
log.Printf("scsusers.SaveUser: db.Exec failed for username %s : %s\n", username, err.Error()) log.Printf("scsusers.SaveUser: db.Exec failed for username %s : %s\n", username, err.Error())
return false return false
@ -181,25 +194,28 @@ func SaveUser(username string, d UserData) bool {
} }
func Bump(username string, ip string) { func Bump(username string, ip string) {
q := fmt.Sprintf("update %s_auth set lastseen=CURRENT_TIMESTAMP, lastseenip=$2 where username ILIKE $1", c.TablePrefix) u := strings.ToLower(username)
_, err := c.db.Exec(q, username, ip) q := fmt.Sprintf("update %s_auth set lastseen=CURRENT_TIMESTAMP, lastseenip=$2 where username = $1", c.TablePrefix)
_, err := c.db.Exec(q, u, ip)
if err != nil { if err != nil {
log.Printf("scsusers.Bump: Error on user bump: %s : %s\n", username, err.Error()) log.Printf("scsusers.Bump: Error on user bump: %s : %s\n", username, err.Error())
} }
} }
type Metadata struct { type Metadata struct {
MetaKey string `db:meta_key` MetaKey string `db:"meta_key"`
MetaValue string `db:meta_value` MetaValue string `db:"meta_value"`
} }
func GetAllMeta(username string) map[string]string { func GetAllMeta(username string) map[string]string {
meta := make(map[string]string) meta := make(map[string]string)
u := strings.ToLower(username)
q := fmt.Sprintf(`select meta_key, meta_value q := fmt.Sprintf(`select meta_key, meta_value
from %s_user_metadata where from %s_user_metadata where
user_id=(select userid from %s_auth where username ILIKE $1)`, user_id=(select userid from %s_auth where username = $1)`,
c.TablePrefix, c.TablePrefix) c.TablePrefix, c.TablePrefix)
rows, err := c.db.Queryx(q, username) rows, err := c.db.Queryx(q, u)
if err != nil && err != sql.ErrNoRows { if err != nil && err != sql.ErrNoRows {
log.Printf("scsusers.GetAllMeta: %s: %s\n", username, err.Error()) log.Printf("scsusers.GetAllMeta: %s: %s\n", username, err.Error())
return meta return meta
@ -208,7 +224,7 @@ func GetAllMeta(username string) map[string]string {
for rows.Next() { for rows.Next() {
err = rows.StructScan(&m) err = rows.StructScan(&m)
if err != nil { if err != nil {
log.Printf("scsusers.GetAllMeta: StructScan: %s\n", username, err.Error()) log.Printf("scsusers.GetAllMeta: StructScan: %s: %s\n", username, err.Error())
return meta return meta
} }
meta[m.MetaKey] = m.MetaValue meta[m.MetaKey] = m.MetaValue
@ -218,9 +234,11 @@ func GetAllMeta(username string) map[string]string {
func GetMeta(username string, metakey string) string { func GetMeta(username string, metakey string) string {
var v string var v string
u := strings.ToLower(username)
q := fmt.Sprintf(`select meta_value from %s_user_metadata where q := fmt.Sprintf(`select meta_value from %s_user_metadata where
user_id=(select userid from %s_auth where username ILIKE $1) AND meta_key=$2`, c.TablePrefix, c.TablePrefix) user_id=(select userid from %s_auth where username = $1) AND meta_key=$2`, c.TablePrefix, c.TablePrefix)
err := c.db.Get(&v, q, username, metakey) err := c.db.Get(&v, q, u, metakey)
if err != nil && err != sql.ErrNoRows { if err != nil && err != sql.ErrNoRows {
log.Printf("scsusers.GetMeta: %s - %s - %s\n", username, metakey, err.Error()) log.Printf("scsusers.GetMeta: %s - %s - %s\n", username, metakey, err.Error())
} }
@ -237,29 +255,32 @@ func GetMeta(username string, metakey string) string {
func SetMeta(username string, metakey string, metavalue string) { func SetMeta(username string, metakey string, metavalue string) {
var err error var err error
u := strings.ToLower(username)
if metavalue == "" { if metavalue == "" {
q := fmt.Sprintf(`delete from %s_user_metadata where user_id=(select userid from %s_auth where username ILIKE $1) AND meta_key=$2`, q := fmt.Sprintf(`delete from %s_user_metadata where user_id=(select userid from %s_auth where username = $1) AND meta_key=$2`,
c.TablePrefix, c.TablePrefix) c.TablePrefix, c.TablePrefix)
_, err = c.db.Exec(q, username, metakey) _, err = c.db.Exec(q, u, metakey)
} else { } else {
q := fmt.Sprintf(`insert into %s_user_metadata (user_id, meta_key, meta_value) VALUES q := fmt.Sprintf(`insert into %s_user_metadata (user_id, meta_key, meta_value) VALUES
((select userid from %s_auth where username ILIKE $1), $2, $3)`, c.TablePrefix, c.TablePrefix) ((select userid from %s_auth where username = $1), $2, $3)`, c.TablePrefix, c.TablePrefix)
_, err = c.db.Exec(q, username, metakey, metavalue) _, err = c.db.Exec(q, u, metakey, metavalue)
} }
if err != nil { if err != nil {
log.Printf("scsusers.SetMeta: %s %s %s %s\n", username, metakey, metavalue, err.Error()) log.Printf("scsusers.SetMeta: %s %s %s %s\n", username, metakey, metavalue, err.Error())
} }
} }
func RecoverByUsername(u string) { func RecoverByUsername(username string) {
var username, email string var email string
q := fmt.Sprintf("select username, email from %s_auth where username ILIKE $1", c.TablePrefix) u := strings.ToLower(username)
row := c.db.QueryRow(q, u)
err := row.Scan(&username, &email) q := fmt.Sprintf("select email from %s_auth where username = $1", c.TablePrefix)
err := c.db.Get(&email, q, u)
if err != sql.ErrNoRows { if err != sql.ErrNoRows {
recoverycode := randBytes(16) recoverycode := randBytes(16)
qq := fmt.Sprintf("update %s_auth set recoverycode=$1, recoverytime=NOW() where username ILIKE $2", c.TablePrefix) qq := fmt.Sprintf("update %s_auth set recoverycode=$1, recoverytime=NOW() where username = $2", c.TablePrefix)
_, err := c.db.Exec(qq, recoverycode, username) _, err := c.db.Exec(qq, recoverycode, u)
if err == nil { if err == nil {
sendRecoveryEmail(email, username, string(recoverycode)) sendRecoveryEmail(email, username, string(recoverycode))
} }
@ -268,12 +289,11 @@ func RecoverByUsername(u string) {
func RecoverByEmail(e string) { func RecoverByEmail(e string) {
var username, email string var username, email string
q := fmt.Sprintf("select username, email from %s_auth where email=$1", c.TablePrefix) q := fmt.Sprintf("select username from %s_auth where email ILIKE $1", c.TablePrefix)
row := c.db.QueryRow(q, e) err := c.db.Get(&username, q, e)
err := row.Scan(&username, &email)
if err != sql.ErrNoRows { if err != sql.ErrNoRows {
recoverycode := randBytes(16) recoverycode := randBytes(16)
qq := fmt.Sprintf("update %s_auth set recoverycode=$1, recoverytime=NOW() where username ILIKE $2", c.TablePrefix) qq := fmt.Sprintf("update %s_auth set recoverycode=$1, recoverytime=NOW() where username = $2", c.TablePrefix)
_, err := c.db.Exec(qq, recoverycode, username) _, err := c.db.Exec(qq, recoverycode, username)
if err == nil { if err == nil {
sendRecoveryEmail(email, username, string(recoverycode)) sendRecoveryEmail(email, username, string(recoverycode))
@ -336,7 +356,7 @@ func sendAlertEmail(username, recipient, message string) bool {
return false return false
} }
subject := fmt.Sprintf("New activity on %s", c.SiteName) subject := fmt.Sprintf("new Activity Notification on %s", c.SiteName)
err = SendMail(c.SMTPServer, c.FromEmail, subject, body.String(), recipient) err = SendMail(c.SMTPServer, c.FromEmail, subject, body.String(), recipient)
if err != nil { if err != nil {
log.Printf("scsusers.sendAlertEmail: Error sending mail to %s: %s\n", recipient, err.Error()) log.Printf("scsusers.sendAlertEmail: Error sending mail to %s: %s\n", recipient, err.Error())