Initial perseus rewrite

6 files changed, 241 insertions, 0 deletions

diff --git a/account/addtoken.go b/account/addtoken.go
new file mode 100644
index 0000000..1c36ad8
--- /dev/null
+++ b/account/addtoken.go
@@ -0,0 +1,56 @@
+package account
+
+import (
+	"log"
+	"time"
+
+	"tildegit.org/andinus/perseus/password"
+	"tildegit.org/andinus/perseus/storage"
+)
+
+// addToken will generate a random token, add it to database and
+// return the token.
+func (u *User) addToken(db *storage.DB) error {
+	u.Token = password.RandStr(64)
+
+	// Set user id from username.
+	err := u.GetID(db)
+	if err != nil {
+		log.Printf("account/addtoken.go: %s\n",
+			"failed to get id from username")
+		return err
+	}
+
+	// Acquire write lock on the database.
+	db.Mu.Lock()
+	defer db.Mu.Unlock()
+
+	// Start the transaction
+	tx, err := db.Conn.Begin()
+	defer tx.Rollback()
+	if err != nil {
+		log.Printf("account/addtoken.go: %s\n",
+			"failed to begin transaction")
+		return err
+	}
+
+	stmt, err := db.Conn.Prepare(`
+INSERT INTO access(id, token, genTime) values(?, ?, ?)`)
+	if err != nil {
+		log.Printf("account/addtoken.go: %s\n",
+			"failed to prepare statement")
+		return err
+	}
+	defer stmt.Close()
+
+	_, err = stmt.Exec(u.ID, u.Token, time.Now().UTC())
+	if err != nil {
+		log.Printf("account/addtoken.go: %s\n",
+			"failed to execute statement")
+		return err
+	}
+
+	tx.Commit()
+	return err
+
+}
diff --git a/account/adduser.go b/account/adduser.go
new file mode 100644
index 0000000..8a8734f
--- /dev/null
+++ b/account/adduser.go
@@ -0,0 +1,43 @@
+package account
+
+import (
+	"log"
+	"time"
+
+	"tildegit.org/andinus/perseus/storage"
+)
+
+// addUser adds the user to record.
+func (u *User) addUser(db *storage.DB) error {
+	// Acquire write lock on the database.
+	db.Mu.Lock()
+	defer db.Mu.Unlock()
+
+	// Start the transaction
+	tx, err := db.Conn.Begin()
+	defer tx.Rollback()
+	if err != nil {
+		log.Printf("account/adduser.go: %s\n",
+			"failed to begin transaction")
+		return err
+	}
+
+	stmt, err := db.Conn.Prepare(`
+INSERT INTO accounts(id, username, hash, regTime) values(?, ?, ?, ?)`)
+	if err != nil {
+		log.Printf("account/adduser.go: %s\n",
+			"failed to prepare statement")
+		return err
+	}
+	defer stmt.Close()
+
+	_, err = stmt.Exec(u.ID, u.Username, u.Hash, time.Now().UTC())
+	if err != nil {
+		log.Printf("account/adduser.go: %s\n",
+			"failed to execute statement")
+		return err
+	}
+
+	tx.Commit()
+	return err
+}
diff --git a/account/getid.go b/account/getid.go
new file mode 100644
index 0000000..4f6da69
--- /dev/null
+++ b/account/getid.go
@@ -0,0 +1,33 @@
+package account
+
+import (
+	"log"
+
+	"tildegit.org/andinus/perseus/storage"
+)
+
+// GetID returns id from username.
+func (u *User) GetID(db *storage.DB) error {
+	// Acquire read lock on database.
+	db.Mu.RLock()
+	defer db.Mu.RUnlock()
+
+	// Get password for this user from the database.
+	stmt, err := db.Conn.Prepare("SELECT id FROM accounts WHERE username = ?")
+	if err != nil {
+		log.Printf("account/getid.go: %s\n",
+			"failed to prepare statement")
+		return err
+	}
+	defer stmt.Close()
+
+	var id string
+	err = stmt.QueryRow(u.Username).Scan(&id)
+	if err != nil {
+		log.Printf("account/getid.go: %s\n",
+			"query failed")
+	}
+	u.ID = id
+
+	return err
+}
diff --git a/account/login.go b/account/login.go
new file mode 100644
index 0000000..c81fcbd
--- /dev/null
+++ b/account/login.go
@@ -0,0 +1,50 @@
+package account
+
+import (
+	"log"
+
+	"tildegit.org/andinus/perseus/password"
+	"tildegit.org/andinus/perseus/storage"
+)
+
+// Login takes in login details and returns an error. If error doesn't
+// equal nil then consider login failed. It will also set the u.Token
+// field.
+func (u *User) Login(db *storage.DB) error {
+	// Acquire read lock on the database.
+	db.Mu.RLock()
+
+	// Get password for this user from the database.
+	stmt, err := db.Conn.Prepare("SELECT hash FROM accounts WHERE username = ?")
+	if err != nil {
+		log.Printf("account/login.go: %s\n",
+			"failed to prepare statement")
+		return err
+	}
+	defer stmt.Close()
+
+	var hash string
+	err = stmt.QueryRow(u.Username).Scan(&hash)
+	if err != nil {
+		log.Printf("account/login.go: %s\n",
+			"query failed")
+		return err
+	}
+	u.Hash = hash
+
+	// Check user's password.
+	err = password.Check(u.Password, u.Hash)
+	if err != nil {
+		log.Printf("account/login.go: %s%s\n",
+			"user login failed, username: ", u.Username)
+		return err
+	}
+	db.Mu.RUnlock()
+
+	err = u.addToken(db)
+	if err != nil {
+		log.Printf("account/login.go: %s\n",
+			"addtoken failed")
+	}
+	return err
+}
diff --git a/account/register.go b/account/register.go
new file mode 100644
index 0000000..e008370
--- /dev/null
+++ b/account/register.go
@@ -0,0 +1,49 @@
+package account
+
+import (
+	"errors"
+	"log"
+	"regexp"
+	"strings"
+
+	"tildegit.org/andinus/perseus/password"
+	"tildegit.org/andinus/perseus/storage"
+)
+
+// Register takes in registration details and returns an error. If
+// error doesn't equal nil then the registration was unsuccessful.
+func (u User) Register(db *storage.DB) error {
+	var err error
+	u.ID = password.RandStr(64)
+	u.Username = strings.ToLower(u.Username)
+
+	// Validate username. It must be alphanumeric and less than
+	// 128 characters.
+	re := regexp.MustCompile("^[a-zA-Z0-9]*$")
+	if !re.MatchString(u.Username) {
+		return errors.New("account/register.go: invalid username")
+	}
+	if len(u.Username) > 128 {
+		return errors.New("account/register.go: username too long")
+	}
+
+	// Validate password
+	if len(u.Password) < 8 {
+		return errors.New("account/register.go: password too short")
+	}
+
+	u.Hash, err = password.Hash(u.Password)
+	if err != nil {
+		log.Printf("account/register.go: %s\n",
+			"password.Hash func failed")
+		return err
+	}
+
+	err = u.addUser(db)
+	if err != nil {
+		log.Printf("account/register.go: %s\n",
+			"addUser func failed")
+	}
+	return err
+
+}
diff --git a/account/user.go b/account/user.go
new file mode 100644
index 0000000..769e8fc
--- /dev/null
+++ b/account/user.go
@@ -0,0 +1,10 @@
+package account
+
+// User holds information about the user.
+type User struct {
+	ID       string
+	Username string
+	Password string
+	Hash     string
+	Token    string
+}