refactor: user auth via Store

2025-01-20 15:29:28 +01:00 · 2021-05-06 17:41:31 +05:00 · 2021-05-06 17:41:31 +05:00 · 82c3b62660
commit 82c3b62660
parent d21b32fe6c
4 changed files with 38 additions and 18 deletions
--- a/api/login.go
+++ b/api/login.go
@ -2,19 +2,16 @@ package api

 import (
 	"crypto/tls"
-	"database/sql"
 	"fmt"
 	"github.com/ansible-semaphore/semaphore/api/helpers"
 	"github.com/ansible-semaphore/semaphore/db"
 	"net/http"
-	"net/mail"
 	"strings"
 	"time"

 	log "github.com/Sirupsen/logrus"
 	"github.com/ansible-semaphore/semaphore/util"

-	sq "github.com/masterminds/squirrel"
 	"golang.org/x/crypto/bcrypt"
 	"gopkg.in/ldap.v2"
 )
@ -128,24 +125,15 @@ func login(w http.ResponseWriter, r *http.Request) {
 		}
 	}

-	var user db.User
-	q := sq.Select("*").
-		From("user")

-	// determine if login.Auth is email or username
-	if _, err := mail.ParseAddress(login.Auth); err == nil {
-		q = q.Where("email=?", login.Auth)
-	} else {
-		q = q.Where("username=?", login.Auth)
-	}
+	user, err := helpers.Store(r).GetUserByLoginOrEmail(login.Auth, login.Auth)

-	query, args, err := q.ToSql()
-	util.LogWarning(err)
-	if err = helpers.Store(r).Sql().SelectOne(&user, query, args...); err != nil && err == sql.ErrNoRows {
+	if err != nil && err == db.ErrNotFound {
 		if ldapUser != nil {
 			// create new LDAP user
 			user = *ldapUser
-			if err = helpers.Store(r).Sql().Insert(&user); err != nil {
+			_, err = helpers.Store(r).CreateUserWithoutPassword(user)
+			if err != nil {
 				panic(err)
 			}
 		} else {
--- a/db/Store.go
+++ b/db/Store.go
@ -32,6 +32,10 @@ var ErrNotFound = errors.New("sql: no rows in result set")
 var ErrInvalidOperation = errors.New("sql: no rows in result set")
 var Forbidden = errors.New("sql: no rows in result set")

+func ValidateUsername(login string) error {
+	return nil
+}
+
 type Store interface {
 	Connect() error
 	Close() error
@ -73,6 +77,7 @@ type Store interface {
 	DeleteGlobalAccessKeySoft(accessKeyID int) error

 	GetUsers(params RetrieveQueryParams) ([]User, error)
+	CreateUserWithoutPassword(user User) (User, error)
 	CreateUser(user UserWithPwd) (User, error)
 	DeleteUser(userID int) error
 	UpdateUser(user UserWithPwd) error
--- a/db/User.go
+++ b/db/User.go
@ -11,13 +11,13 @@ type User struct {
 	Username string    `db:"username" json:"username" binding:"required"`
 	Name     string    `db:"name" json:"name" binding:"required"`
 	Email    string    `db:"email" json:"email" binding:"required"`
-	Password string    `db:"password" json:"-"`
+	Password string    `db:"password" json:"-"` // password hash
 	Admin    bool      `db:"admin" json:"admin"`
 	External bool      `db:"external" json:"external"`
 	Alert    bool      `db:"alert" json:"alert"`
 }

 type UserWithPwd struct {
-	Pwd string    `db:"-" json:"password"`
+	Pwd string    `db:"-" json:"password"` // raw password from JSON
 	User
 }
--- a/db/sql/user.go
+++ b/db/sql/user.go
@ -8,7 +8,34 @@ import (
 	"time"
 )

+
+func (d *SqlDb) CreateUserWithoutPassword(user db.User) (newUser db.User, err error) {
+
+	err = db.ValidateUsername(user.Username)
+	if err != nil {
+		return
+	}
+
+	user.Password = ""
+	user.Created = db.GetParsedTime(time.Now())
+
+	err = d.sql.Insert(&user)
+
+	if err != nil {
+		return
+	}
+
+	newUser = user
+	return
+}
+
 func (d *SqlDb) CreateUser(user db.UserWithPwd) (newUser db.User, err error) {
+
+	err = db.ValidateUsername(user.Username)
+	if err != nil {
+		return
+	}
+
 	pwdHash, err := bcrypt.GenerateFromPassword([]byte(user.Pwd), 11)

 	if err != nil {