vfs/alfheim-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

git-svn-id: svn://losandesgames.com/alfheim-website@12 15359d88-9307-4e75-a9c1-e5686e5897df

Browse Source
This commit is contained in:
Vicente Ferrari Smith 2024-05-20 11:41:22 +00:00
parent f4862b4f5d
commit e66a5aa872
3 changed files with 285 additions and 266 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

253
handlers.go
View File

@ -2,275 +2,282 @@
// Created by vfs on 02.05.2024.
//
package main
package main;
import "fmt"
import "log"
import "net/http"
import "html/template"
//import "strconv"
import "strings"
import "unicode/utf8"
import "errors"
import "runtime/debug"
import "fmt";
import "log";
import "net/http";
import "html/template";
//import "strconv";
import "strings";
import "unicode/utf8";
import "errors";
import "runtime/debug";
type templatedata struct {
AuthenticatedUser int32
FormErrors map[string]string
Account Account
AuthenticatedUser int32;
FormErrors map[string]string;
Account Account;
}
func favicon(w http.ResponseWriter, r *http.Request) {
http.ServeFile(w, r, "favicon.ico")
http.ServeFile(w, r, "favicon.ico");
}
func authenticated_user(r *http.Request) int32 {
session, err := store.Get(r, "id")
session, err := store.Get(r, "id");
if err != nil {
fmt.Println(err)
return 0
fmt.Println(err);
return 0;
}
id, ok := session.Values["id"].(int32)
id, ok := session.Values["id"].(int32);
if !ok {
trace := fmt.Sprintf("%s\n%s", errors.New("type assertion to int32 failed").Error(), debug.Stack())
_ = trace
//log.Println(trace)
return 0
trace := fmt.Sprintf("%s\n%s", errors.New("type assertion to int32 failed").Error(), debug.Stack());
_ = trace;
//log.Println(trace);
return 0;
}
return id
return id;
}
func home(w http.ResponseWriter, r *http.Request) {
if r.URL.Path != "/" {
http.NotFound(w, r);
return
return;
}
id := authenticated_user(r)
account, err := users.Get_account(id)
id := authenticated_user(r);
account, err := users.Get_account(id);
text, err := template.ParseFiles("ui/base.html", "ui/index.html")
text, err := template.ParseFiles("ui/base.html", "ui/index.html");
if err != nil {
http.Error(w, "Internal Server Error", 500)
log.Fatal(err)
http.Error(w, "Internal Server Error", 500);
log.Fatal(err);
}
switch r.Method {
case http.MethodGet:
err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account})
err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account});
if err != nil {
log.Fatal(err)
http.Error(w, "Internal Server Error", 500)
log.Fatal(err);
http.Error(w, "Internal Server Error", 500);
}
case http.MethodPost:
err := text.Execute(w, templatedata{})
err := text.Execute(w, templatedata{});
if err != nil {
log.Fatal(err)
http.Error(w, "Internal Server Error", 500)
log.Fatal(err);
http.Error(w, "Internal Server Error", 500);
}
}
}
func login(w http.ResponseWriter, r *http.Request) {
text, err := template.ParseFiles("ui/base.html", "ui/login.html")
text, err := template.ParseFiles("ui/base.html", "ui/login.html");
if err != nil {
http.Error(w, "Internal Server Error", 500)
log.Fatal(err)
http.Error(w, "Internal Server Error", 500);
log.Fatal(err);
}
switch r.Method {
case http.MethodGet:
err := text.Execute(w, templatedata{})
err := text.Execute(w, templatedata{});
if err != nil {
log.Fatal(err)
http.Error(w, "Internal Server Error", 500)
log.Fatal(err);
http.Error(w, "Internal Server Error", 500);
}
case http.MethodPost:
session, _ := store.Get(r, "id");
password := r.FormValue("password")
username := r.FormValue("username")
errors := make(map[string]string)
session, _ := store.Get(r, "id");;
password := r.FormValue("password");
username := r.FormValue("username");
errors := make(map[string]string);
if strings.TrimSpace(username) == "" {
errors["username"] = "This field cannot be blank"
errors["username"] = "This field cannot be blank";
} else if utf8.RuneCountInString(username) > 20 {
errors["username"] = "This field is too long (the maximum is 20 characters)"
errors["username"] = "This field is too long (the maximum is 20 characters)";
}
if strings.TrimSpace(password) == "" {
errors["password"] = "This field cannot be blank"
errors["password"] = "This field cannot be blank";
} else if utf8.RuneCountInString(password) < 8 {
errors["password"] = "This field is too short (the minimum is 8 characters)"
errors["password"] = "This field is too short (the minimum is 8 characters)";
}
if len(errors) > 0 {
err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors})
err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors});
if err != nil {
log.Fatal(err)
http.Error(w, "Internal Server Error", 500)
log.Fatal(err);
http.Error(w, "Internal Server Error", 500);
}
return
return;
}
id, err := users.Authenticate(username, password)
id, err := users.Authenticate(username, password);
if err == ErrInvalidCredentials {
errors["generic"] = "Email or Password is incorrect"
err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors})
errors["generic"] = "Email or Password is incorrect";
err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors});
if err != nil {
log.Fatal(err)
http.Error(w, "Internal Server Error", 500)
log.Fatal(err);
http.Error(w, "Internal Server Error", 500);
}
return
return;
}
if id > 0 {
session.Values["id"] = id
fmt.Println("Logged in with id:", id)
session.Save(r, w)
http.Redirect(w, r, "/account", http.StatusSeeOther)
session.Values["id"] = id;
fmt.Println("Logged in with id:", id);
session.Save(r, w);
http.Redirect(w, r, "/account", http.StatusSeeOther);
}
}
}
func logout(w http.ResponseWriter, r *http.Request) {
text, err := template.ParseFiles("ui/base.html", "ui/logout.html")
text, err := template.ParseFiles("ui/base.html", "ui/logout.html");
if err != nil {
http.Error(w, "Internal Server Error", 500)
log.Fatal(err)
http.Error(w, "Internal Server Error", 500);
log.Fatal(err);
}
id := authenticated_user(r)
account, err := users.Get_account(id)
id := authenticated_user(r);
account, err := users.Get_account(id);
switch r.Method {
case http.MethodGet:
err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account})
err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account});
if err != nil {
log.Fatal(err)
http.Error(w, "Internal Server Error", 500)
log.Fatal(err);
http.Error(w, "Internal Server Error", 500);
}
case http.MethodPost:
session, _ := store.Get(r, "id");
session, _ := store.Get(r, "id");;
session.Values["id"] = 0;
session.Save(r, w)
http.Redirect(w, r, "/", http.StatusSeeOther)
session.Values["id"] = 0;;
session.Save(r, w);
http.Redirect(w, r, "/", http.StatusSeeOther);
}
}
func register(w http.ResponseWriter, r *http.Request) {
text, err := template.ParseFiles("ui/base.html", "ui/register.html")
text, err := template.ParseFiles("ui/base.html", "ui/register.html");
if err != nil {
http.Error(w, "Internal Server Error", 500)
log.Fatal(err)
http.Error(w, "Internal Server Error", 500);
log.Fatal(err);
}
id := authenticated_user(r)
account, err := users.Get_account(id)
id := authenticated_user(r);
account, err := users.Get_account(id);
switch r.Method {
case http.MethodGet:
err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account})
err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account});
if err != nil {
log.Fatal(err)
http.Error(w, "Internal Server Error", 500)
log.Fatal(err);
http.Error(w, "Internal Server Error", 500);
}
case http.MethodPost:
account := Account{Username: r.FormValue("username"), Password: []byte(r.FormValue("password")), Firstname: r.FormValue("firstname"), Lastname: r.FormValue("lastname"), Email: r.FormValue("email")}
account := Account{Username: r.FormValue("username"), Password: []byte(r.FormValue("password")), Firstname: r.FormValue("firstname"), Lastname: r.FormValue("lastname"), Email: r.FormValue("email")};
errors := make(map[string]string)
errors := make(map[string]string);
if strings.TrimSpace(account.Username) == "" {
errors["username"] = "This field cannot be blank"
errors["username"] = "This field cannot be blank";
} else if utf8.RuneCountInString(account.Username) > 20 {
errors["username"] = "This field is too long (the maximum is 20 characters)"
errors["username"] = "This field is too long (the maximum is 20 characters)";
}
if strings.TrimSpace(string(account.Password)) == "" {
errors["password"] = "This field cannot be blank"
errors["password"] = "This field cannot be blank";
} else if utf8.RuneCountInString(string(account.Password)) < 8 {
errors["password"] = "This field is too short (the minimum is 8 characters)"
errors["password"] = "This field is too short (the minimum is 8 characters)";
}
if len(errors) > 0 {
err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors})
err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors});
if err != nil {
log.Fatal(err)
http.Error(w, "Internal Server Error", 500)
log.Fatal(err);
http.Error(w, "Internal Server Error", 500);
}
}
users.Insert(account.Username, string(account.Password), account.Firstname, account.Lastname, account.Email)
http.Redirect(w, r, "/login", http.StatusSeeOther)
err := users.Insert(account.Username, string(account.Password), account.Firstname, account.Lastname, account.Email);
if err == ErrDuplicateEmail || err == ErrDuplicateUsername {
} else if err != nil {
}
http.Redirect(w, r, "/login", http.StatusSeeOther);
}
}
func account(w http.ResponseWriter, r *http.Request) {
//id, err := strconv.Atoi(r.URL.Query().Get("id"))
//if err != nil || id < 1 {
// http.NotFound(w, r)
// return
//}
//account, err := users.Get_account(int32(id));
//if err != nil {
// log.Fatal(err);
//}
//id, err := strconv.Atoi(r.URL.Query().Get("id"));
//if err != nil || id < 1 {;
// http.NotFound(w, r);
// return;
//};
//account, err := users.Get_account(int32(id));;
//if err != nil {;
// log.Fatal(err);;
//};
id := authenticated_user(r)
account, err := users.Get_account(id)
id := authenticated_user(r);
account, err := users.Get_account(id);
text, err := template.ParseFiles("ui/base.html", "ui/account.html")
text, err := template.ParseFiles("ui/base.html", "ui/account.html");
if err != nil {
http.Error(w, "Internal Server Error", 500)
log.Fatal(err)
http.Error(w, "Internal Server Error", 500);
log.Fatal(err);
}
switch r.Method {
case http.MethodGet:
err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account})
err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account});
if err != nil {
log.Fatal(err)
http.Error(w, "Internal Server Error", 500)
log.Fatal(err);
http.Error(w, "Internal Server Error", 500);
}
}
//case http.MethodPost:
// text.Execute(w, false)
// if err != nil {
// log.Fatal(err)
// http.Error(w, "Internal Server Error", 500)
// }
//case http.MethodPost:;
// text.Execute(w, false);
// if err != nil {;
// log.Fatal(err);
// http.Error(w, "Internal Server Error", 500);
// };
}
func deleteaccount(w http.ResponseWriter, r *http.Request) {
func deleteaccount(w http.ResponseWriter, r *http.Request) {;
id := authenticated_user(r)
id := authenticated_user(r);
switch r.Method {
case http.MethodPost:
fmt.Println("Deleting account with id ", id)
users.Delete(id)
fmt.Println("Deleting account with id ", id);
users.Delete(id);
session, _ := store.Get(r, "id");
session.Values["id"] = 0;
session.Save(r, w)
session.Save(r, w);
http.Redirect(w, r, "/", http.StatusSeeOther)
http.Redirect(w, r, "/", http.StatusSeeOther);
}
}

164
main.go
View File

@ -2,126 +2,118 @@
// Created by vfs on 02.05.2024.
//
package main
package main;
import "fmt"
import "log"
import "flag"
import "net/http"
import _ "github.com/lib/pq"
import "database/sql"
import "github.com/gorilla/sessions"
import "regexp"
import "golang.org/x/crypto/bcrypt"
import "fmt";
import "log";
import "flag";
import "net/http";
import _ "github.com/lib/pq";
import "database/sql";
import "github.com/gorilla/sessions";
import "regexp";
//import "golang.org/x/crypto/bcrypt";
import "github.com/stripe/stripe-go/v78"
import "github.com/stripe/stripe-go/v78/customer"
import "github.com/stripe/stripe-go/v78";
//import "github.com/stripe/stripe-go/v78/customer";
var users *Usermodel
var users *Usermodel;
var key = []byte("super-secret-key")
var store = sessions.NewCookieStore(key)
var key = []byte("super-secret-key");
var store = sessions.NewCookieStore(key);
var emailrx = regexp.MustCompile("/^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/")
var emailrx = regexp.MustCompile("/^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/");
func secure_headers(next http.Handler) http.Handler {
fn := func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("X-XSS-Protection", "1; mode=block")
w.Header().Set("X-Frame-Options", "deny")
func secure_headers(next http.Handler) http.Handler {;
fn := func(w http.ResponseWriter, r *http.Request) {;
w.Header().Set("X-XSS-Protection", "1; mode=block");
w.Header().Set("X-Frame-Options", "deny");
next.ServeHTTP(w, r)
next.ServeHTTP(w, r);
}
return http.HandlerFunc(fn)
return http.HandlerFunc(fn);
}
func require_authenticated_user(next http.HandlerFunc) http.HandlerFunc {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// If the user is not authenticated, redirect them to the login page and
// return from the middleware chain so that no subsequent handlers in
// the chain are executed.
// If the user is not authenticated, redirect them to the login page and;
// return from the middleware chain so that no subsequent handlers in;
// the chain are executed.;
if authenticated_user(r) == 0 {
http.Redirect(w, r, "/login", http.StatusSeeOther)
return
http.Redirect(w, r, "/login", http.StatusSeeOther);
return;
}
// Otherwise call the next handler in the chain.
next.ServeHTTP(w, r)
})
// Otherwise call the next handler in the chain.;
next.ServeHTTP(w, r);
});
}
func main() {
addr := flag.String("addr", ":8080", "HTTP network address")
flag.Parse()
fmt.Println("Hello, Sailor!")
addr := flag.String("addr", ":8080", "HTTP network address");
flag.Parse();
fmt.Println("Hello, Sailor!");
h, _ := bcrypt.GenerateFromPassword([]byte("password"), 12)
stripe.Key = "sk_test_51PGebgKUHKCjyTmc97rfDPcvew6EhqDz2qp3U7XoAMIilAU9IVo2NO4P7ylkTvbBafFVr94trha1VYY32jRWMw2K00Yq7YJXFf";
fmt.Println(string(h))
store.MaxAge(0);
stripe.Key = "sk_test_51PGebgKUHKCjyTmc97rfDPcvew6EhqDz2qp3U7XoAMIilAU9IVo2NO4P7ylkTvbBafFVr94trha1VYY32jRWMw2K00Yq7YJXFf"
c, _ := customer.Get("cus_Q7am78hLcLUvGQ", nil)
fmt.Println(c)
store.MaxAge(0)
db, err := sql.Open("postgres", "postgres://elves_database:iK2SoVbDhdCki5n3LxGyP6zKpLspt4@80.240.25.87/elves_database")
db, err := sql.Open("postgres", "postgres://elves_database:iK2SoVbDhdCki5n3LxGyP6zKpLspt4@80.240.25.87/elves_database");
if err != nil {
log.Fatal(err)
log.Fatal(err);
}
defer db.Close()
defer db.Close();
users = &Usermodel{db}
users = &Usermodel{db};
mux := http.NewServeMux()
mux := http.NewServeMux();
//rows, err := db.Query("SELECT * FROM accounts")
//if err != nil {
// log.Fatal(err)
//}
//defer rows.Close()
//rows, err := db.Query("SELECT * FROM accounts");
//if err != nil {;
// log.Fatal(err);
//};
//defer rows.Close();
//accounts := make([]*Account, 0)
//for rows.Next() {
// acc := new(Account)
// err := rows.Scan(&acc.id, &acc.Username, &acc.password, &acc.Color)
// if err != nil {
// log.Fatal(err)
// }
// accounts = append(accounts, acc)
//}
//accounts := make([]*Account, 0);
//for rows.Next() {;
// acc := new(Account);
// err := rows.Scan(&acc.id, &acc.Username, &acc.password, &acc.Color);
// if err != nil {;
// log.Fatal(err);
// };
// accounts = append(accounts, acc);
//};
//if err = rows.Err(); err != nil {
// log.Fatal(err)
//}
//if err = rows.Err(); err != nil {;
// log.Fatal(err);
//};
//for _, acc := range accounts {
// fmt.Println(acc)
//}
//for _, acc := range accounts {;
// fmt.Println(acc);
//};
mux.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("static"))))
mux.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("static"))));
mux.HandleFunc("/favicon.ico", favicon)
mux.HandleFunc("/favicon.ico", favicon);
mux.HandleFunc("/", home)
mux.HandleFunc("/login", login)
mux.HandleFunc("/logout", logout)
mux.HandleFunc("/register", register)
mux.HandleFunc("/account", require_authenticated_user(account))
mux.HandleFunc("/deleteaccount", require_authenticated_user(deleteaccount))
mux.HandleFunc("/", home);
mux.HandleFunc("/login", login);
mux.HandleFunc("/logout", logout);
mux.HandleFunc("/register", register);
mux.HandleFunc("/account", require_authenticated_user(account));
mux.HandleFunc("/deleteaccount", require_authenticated_user(deleteaccount));
log.Fatal(http.ListenAndServe(*addr, secure_headers(mux)))
log.Fatal(http.ListenAndServe(*addr, secure_headers(mux)));
}
//cookie := http.Cookie{
// Name: "exampleCookie",
// Value: "Hello world!",
// Path: "/",
// HttpOnly: true,
// Secure: true,
// SameSite: http.SameSiteLaxMode,
//}
//http.SetCookie(w, &cookie)
//cookie := http.Cookie{;
// Name: "exampleCookie",;
// Value: "Hello world!",;
// Path: "/",;
// HttpOnly: true,;
// Secure: true,;
// SameSite: http.SameSiteLaxMode,;
//};
//http.SetCookie(w, &cookie);

134
models.go
View File

@ -2,110 +2,130 @@
// Created by vfs on 02.05.2024.
//
package main
package main;
import "errors"
import "time"
import "golang.org/x/crypto/bcrypt"
import "database/sql"
import _ "github.com/lib/pq"
import "fmt"
import "errors";
import "time";
import "golang.org/x/crypto/bcrypt";
import "database/sql";
import _ "github.com/lib/pq";
import "fmt";
import "github.com/stripe/stripe-go/v78"
import "github.com/stripe/stripe-go/v78/customer"
import "github.com/stripe/stripe-go/v78";
import "github.com/stripe/stripe-go/v78/customer";
var ErrRoRecord = errors.New("no matching record found")
var ErrInvalidCredentials = errors.New("invalid credentials")
var ErrDuplicateEmail = errors.New("duplicate email")
var ErrRoRecord = errors.New("no matching record found");
var ErrInvalidCredentials = errors.New("invalid credentials");
var ErrDuplicateEmail = errors.New("duplicate email");
var ErrDuplicateUsername = errors.New("duplicate username");
type Account struct {
Id int32
Username string
Password []byte
Color int32
Firstname string
Lastname string
Email string
Created time.Time
StripeID string
Id int32;
Username string;
Password []byte;
Color int32;
Firstname string;
Lastname string;
Email string;
Created time.Time;
StripeID string;
}
type Usermodel struct {
DB *sql.DB
DB *sql.DB;
}
func (m *Usermodel) Insert(username string, password string, firstname string, lastname string, email string) error {
hashedpassword, err := bcrypt.GenerateFromPassword([]byte(password), 12);
stmt := `INSERT INTO accounts (username, password, firstname, lastname, email, created) VALUES ($1, $2, $3, $4, $5, NOW()) RETURNING id;`;
var insertid int32;
row := m.DB.QueryRow(stmt, username, string(hashedpassword), firstname, lastname, email);
if row.Err() != nil {
fmt.Println(err);
return err;
}
err = row.Scan(&insertid);
params := &stripe.CustomerParams{
Name: stripe.String(fmt.Sprintf("%s %s", firstname, lastname)),
Email: stripe.String(email),
}
customer, err := customer.New(params)
};
customer, err := customer.New(params);
hashedpassword, err := bcrypt.GenerateFromPassword([]byte(password), 12)
stmt := `INSERT INTO accounts (username, password, firstname, lastname, email, created, stripe_id) VALUES ($1, $2, $3, $4, $5, NOW(), $6);`
stmt = `UPDATE accounts SET stripe_id = $1 WHERE id = $2;`;
_, err = m.DB.Exec(stmt, username, string(hashedpassword), firstname, lastname, email, customer.ID)
fmt.Println(customer.ID, insertid);
_, err = m.DB.Exec(stmt, customer.ID, insertid);
if err != nil {
fmt.Println(err)
fmt.Println(err);
return err;
}
return nil
return nil;
}
func (m *Usermodel) Delete(id int32) error {
account, err := users.Get_account(id)
result, err := customer.Del(account.StripeID, nil)
if err != nil {
fmt.Println(err)
}
fmt.Println(result)
stmt := `DELETE FROM accounts WHERE id = $1;`
account, err := users.Get_account(id);
_, err = m.DB.Exec(stmt, id)
if account.StripeID != "" {
result, err := customer.Del(account.StripeID, nil);
if err != nil {
fmt.Println(err);
}
fmt.Println(result);
}
stmt := `DELETE FROM accounts WHERE id = $1;`;
_, err = m.DB.Exec(stmt, id);
if err != nil {
fmt.Println(err)
fmt.Println(err);
}
return nil
return nil;
}
func (m *Usermodel) Get_account(id int32) (Account, error) {
if id == 0 {
return Account{}, nil
return Account{}, nil;
}
stmt := `SELECT id, username, password, color, firstname, lastname, email, created, stripe_id FROM accounts WHERE id = $1;`
row := m.DB.QueryRow(stmt, id)
stmt := `SELECT id, username, password, color, firstname, lastname, email, created, stripe_id FROM accounts WHERE id = $1;`;
row := m.DB.QueryRow(stmt, id);
var account Account
err := row.Scan(&account.Id, &account.Username, &account.Password, &account.Color, &account.Firstname, &account.Lastname, &account.Email, &account.Created, &account.StripeID)
var account Account;
err := row.Scan(&account.Id, &account.Username, &account.Password, &account.Color, &account.Firstname, &account.Lastname, &account.Email, &account.Created, &account.StripeID);
if err == sql.ErrNoRows {
return Account{}, sql.ErrNoRows
return Account{}, sql.ErrNoRows;
} else if err != nil {
return Account{}, err
return Account{}, err;
}
return account, nil
return account, nil;
}
func (m *Usermodel) Authenticate(username string, password string) (int32, error) {
var id int32
var hashedpassword []byte
row := m.DB.QueryRow("SELECT id, password FROM accounts WHERE username = $1", username)
err := row.Scan(&id, &hashedpassword)
var id int32;
var hashedpassword []byte;
row := m.DB.QueryRow("SELECT id, password FROM accounts WHERE username = $1", username);
err := row.Scan(&id, &hashedpassword);
if err == sql.ErrNoRows {
return 0, ErrInvalidCredentials
return 0, ErrInvalidCredentials;
}
err = bcrypt.CompareHashAndPassword(hashedpassword, []byte(password))
err = bcrypt.CompareHashAndPassword(hashedpassword, []byte(password));
if err == bcrypt.ErrMismatchedHashAndPassword {
return 0, ErrInvalidCredentials
return 0, ErrInvalidCredentials;
} else if err != nil {
return 0, err
return 0, err;
}
return id, nil
return id, nil;
}