A web blog and personal homepage engine written in Go.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

106 lines
2.6 KiB

package models
import (
"errors"
"fmt"
"strings"
"git.kirsle.net/apps/gophertype/pkg/console"
"git.kirsle.net/apps/gophertype/pkg/constants"
"github.com/jinzhu/gorm"
"golang.org/x/crypto/bcrypt"
)
// User account for the site.
type User struct {
gorm.Model
Email string `json:"email" gorm:"unique_index"`
Name string `json:"name"`
HashedPassword string `json:"-"`
IsAdmin bool `json:"isAdmin" gorm:"index"`
}
// Validate the User object has everything filled in. Fixes what it can,
// returns an error if something is wrong. Ensures the HashedPassword is hashed.
func (u *User) Validate() error {
u.Email = strings.TrimSpace(strings.ToLower(u.Email))
u.Name = strings.TrimSpace(u.Name)
if len(u.Email) == 0 {
return errors.New("Email is required")
}
return nil
}
// AuthenticateUser checks a login for an email and password.
func AuthenticateUser(email string, password string) (User, error) {
user, err := GetUserByEmail(email)
if err != nil {
console.Error("AuthenticateUser: email %s not found: %s", email, err)
return User{}, errors.New("incorrect email or password")
}
if user.VerifyPassword(password) {
return user, nil
}
return User{}, errors.New("incorrect email or password")
}
// GetUserByID looks up a user by their ID.
func GetUserByID(id int) (User, error) {
var user User
r := DB.First(&user, id)
return user, r.Error
}
// GetUserByEmail looks up a user by their email address.
func GetUserByEmail(email string) (User, error) {
var user User
r := DB.Where("email = ?", strings.ToLower(email)).First(&user)
return user, r.Error
}
// SetPassword stores the hashed password for a user.
func (u *User) SetPassword(password string) error {
hash, err := bcrypt.GenerateFromPassword([]byte(password), constants.BcryptCost)
if err != nil {
return fmt.Errorf("SetPassword: %s", err)
}
u.HashedPassword = string(hash)
return nil
}
// VerifyPassword checks if the password matches the user's hashed password.
func (u *User) VerifyPassword(password string) bool {
if u.HashedPassword == "" {
console.Error("ERROR: VerifyPassword: user %s has no HashedPassword", u.Email)
return false
}
err := bcrypt.CompareHashAndPassword([]byte(u.HashedPassword), []byte(password))
if err == nil {
return true
}
console.Error("VerifyPassword: %s", err)
return false
}
// FirstAdmin returns the admin user with the lowest ID number.
func FirstAdmin() (User, error) {
var user User
r := DB.First(&user, "is_admin", true)
return user, r.Error
}
// CreateUser adds a new user to the database.
func CreateUser(u User) error {
if err := u.Validate(); err != nil {
return err
}
r := DB.Create(&u)
return r.Error
}