From e66a5aa87272346afc3c08093d1a71be30b60b21 Mon Sep 17 00:00:00 2001 From: Vicente Ferrari Smith Date: Mon, 20 May 2024 11:41:22 +0000 Subject: [PATCH] git-svn-id: svn://losandesgames.com/alfheim-website@12 15359d88-9307-4e75-a9c1-e5686e5897df --- handlers.go | 253 +++++++++++++++++++++++++++------------------------- main.go | 164 ++++++++++++++++------------------ models.go | 134 ++++++++++++++++------------ 3 files changed, 285 insertions(+), 266 deletions(-) diff --git a/handlers.go b/handlers.go index 0748edd..d97edb2 100644 --- a/handlers.go +++ b/handlers.go @@ -2,275 +2,282 @@ // Created by vfs on 02.05.2024. // -package main +package main; -import "fmt" -import "log" -import "net/http" -import "html/template" -//import "strconv" -import "strings" -import "unicode/utf8" -import "errors" -import "runtime/debug" +import "fmt"; +import "log"; +import "net/http"; +import "html/template"; +//import "strconv"; +import "strings"; +import "unicode/utf8"; +import "errors"; +import "runtime/debug"; type templatedata struct { - AuthenticatedUser int32 - FormErrors map[string]string - Account Account + AuthenticatedUser int32; + FormErrors map[string]string; + Account Account; } func favicon(w http.ResponseWriter, r *http.Request) { - http.ServeFile(w, r, "favicon.ico") + http.ServeFile(w, r, "favicon.ico"); } func authenticated_user(r *http.Request) int32 { - session, err := store.Get(r, "id") + session, err := store.Get(r, "id"); if err != nil { - fmt.Println(err) - return 0 + fmt.Println(err); + return 0; } - id, ok := session.Values["id"].(int32) + id, ok := session.Values["id"].(int32); if !ok { - trace := fmt.Sprintf("%s\n%s", errors.New("type assertion to int32 failed").Error(), debug.Stack()) - _ = trace - //log.Println(trace) - return 0 + trace := fmt.Sprintf("%s\n%s", errors.New("type assertion to int32 failed").Error(), debug.Stack()); + _ = trace; + //log.Println(trace); + return 0; } - return id + return id; } func home(w http.ResponseWriter, r *http.Request) { if r.URL.Path != "/" { http.NotFound(w, r); - return + return; } - id := authenticated_user(r) - account, err := users.Get_account(id) + id := authenticated_user(r); + account, err := users.Get_account(id); - text, err := template.ParseFiles("ui/base.html", "ui/index.html") + text, err := template.ParseFiles("ui/base.html", "ui/index.html"); if err != nil { - http.Error(w, "Internal Server Error", 500) - log.Fatal(err) + http.Error(w, "Internal Server Error", 500); + log.Fatal(err); } switch r.Method { case http.MethodGet: - err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account}) + err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account}); if err != nil { - log.Fatal(err) - http.Error(w, "Internal Server Error", 500) + log.Fatal(err); + http.Error(w, "Internal Server Error", 500); } case http.MethodPost: - err := text.Execute(w, templatedata{}) + err := text.Execute(w, templatedata{}); if err != nil { - log.Fatal(err) - http.Error(w, "Internal Server Error", 500) + log.Fatal(err); + http.Error(w, "Internal Server Error", 500); } } } func login(w http.ResponseWriter, r *http.Request) { - text, err := template.ParseFiles("ui/base.html", "ui/login.html") + text, err := template.ParseFiles("ui/base.html", "ui/login.html"); if err != nil { - http.Error(w, "Internal Server Error", 500) - log.Fatal(err) + http.Error(w, "Internal Server Error", 500); + log.Fatal(err); } switch r.Method { case http.MethodGet: - err := text.Execute(w, templatedata{}) + err := text.Execute(w, templatedata{}); if err != nil { - log.Fatal(err) - http.Error(w, "Internal Server Error", 500) + log.Fatal(err); + http.Error(w, "Internal Server Error", 500); } case http.MethodPost: - session, _ := store.Get(r, "id"); - password := r.FormValue("password") - username := r.FormValue("username") - errors := make(map[string]string) + session, _ := store.Get(r, "id");; + password := r.FormValue("password"); + username := r.FormValue("username"); + errors := make(map[string]string); if strings.TrimSpace(username) == "" { - errors["username"] = "This field cannot be blank" + errors["username"] = "This field cannot be blank"; } else if utf8.RuneCountInString(username) > 20 { - errors["username"] = "This field is too long (the maximum is 20 characters)" + errors["username"] = "This field is too long (the maximum is 20 characters)"; } if strings.TrimSpace(password) == "" { - errors["password"] = "This field cannot be blank" + errors["password"] = "This field cannot be blank"; } else if utf8.RuneCountInString(password) < 8 { - errors["password"] = "This field is too short (the minimum is 8 characters)" + errors["password"] = "This field is too short (the minimum is 8 characters)"; } if len(errors) > 0 { - err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors}) + err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors}); if err != nil { - log.Fatal(err) - http.Error(w, "Internal Server Error", 500) + log.Fatal(err); + http.Error(w, "Internal Server Error", 500); } - return + return; } - id, err := users.Authenticate(username, password) + id, err := users.Authenticate(username, password); if err == ErrInvalidCredentials { - errors["generic"] = "Email or Password is incorrect" - err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors}) + errors["generic"] = "Email or Password is incorrect"; + err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors}); if err != nil { - log.Fatal(err) - http.Error(w, "Internal Server Error", 500) + log.Fatal(err); + http.Error(w, "Internal Server Error", 500); } - return + return; } if id > 0 { - session.Values["id"] = id - fmt.Println("Logged in with id:", id) - session.Save(r, w) - http.Redirect(w, r, "/account", http.StatusSeeOther) + session.Values["id"] = id; + fmt.Println("Logged in with id:", id); + session.Save(r, w); + http.Redirect(w, r, "/account", http.StatusSeeOther); } } } func logout(w http.ResponseWriter, r *http.Request) { - text, err := template.ParseFiles("ui/base.html", "ui/logout.html") + text, err := template.ParseFiles("ui/base.html", "ui/logout.html"); if err != nil { - http.Error(w, "Internal Server Error", 500) - log.Fatal(err) + http.Error(w, "Internal Server Error", 500); + log.Fatal(err); } - id := authenticated_user(r) - account, err := users.Get_account(id) + id := authenticated_user(r); + account, err := users.Get_account(id); switch r.Method { case http.MethodGet: - err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account}) + err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account}); if err != nil { - log.Fatal(err) - http.Error(w, "Internal Server Error", 500) + log.Fatal(err); + http.Error(w, "Internal Server Error", 500); } case http.MethodPost: - session, _ := store.Get(r, "id"); + session, _ := store.Get(r, "id");; - session.Values["id"] = 0; - session.Save(r, w) - http.Redirect(w, r, "/", http.StatusSeeOther) + session.Values["id"] = 0;; + session.Save(r, w); + http.Redirect(w, r, "/", http.StatusSeeOther); } } func register(w http.ResponseWriter, r *http.Request) { - text, err := template.ParseFiles("ui/base.html", "ui/register.html") + text, err := template.ParseFiles("ui/base.html", "ui/register.html"); if err != nil { - http.Error(w, "Internal Server Error", 500) - log.Fatal(err) + http.Error(w, "Internal Server Error", 500); + log.Fatal(err); } - id := authenticated_user(r) - account, err := users.Get_account(id) + id := authenticated_user(r); + account, err := users.Get_account(id); switch r.Method { case http.MethodGet: - err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account}) + err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account}); if err != nil { - log.Fatal(err) - http.Error(w, "Internal Server Error", 500) + log.Fatal(err); + http.Error(w, "Internal Server Error", 500); } case http.MethodPost: - account := Account{Username: r.FormValue("username"), Password: []byte(r.FormValue("password")), Firstname: r.FormValue("firstname"), Lastname: r.FormValue("lastname"), Email: r.FormValue("email")} + account := Account{Username: r.FormValue("username"), Password: []byte(r.FormValue("password")), Firstname: r.FormValue("firstname"), Lastname: r.FormValue("lastname"), Email: r.FormValue("email")}; - errors := make(map[string]string) + errors := make(map[string]string); if strings.TrimSpace(account.Username) == "" { - errors["username"] = "This field cannot be blank" + errors["username"] = "This field cannot be blank"; } else if utf8.RuneCountInString(account.Username) > 20 { - errors["username"] = "This field is too long (the maximum is 20 characters)" + errors["username"] = "This field is too long (the maximum is 20 characters)"; } if strings.TrimSpace(string(account.Password)) == "" { - errors["password"] = "This field cannot be blank" + errors["password"] = "This field cannot be blank"; } else if utf8.RuneCountInString(string(account.Password)) < 8 { - errors["password"] = "This field is too short (the minimum is 8 characters)" + errors["password"] = "This field is too short (the minimum is 8 characters)"; } if len(errors) > 0 { - err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors}) + err := text.Execute(w, templatedata{AuthenticatedUser: authenticated_user(r), FormErrors: errors}); if err != nil { - log.Fatal(err) - http.Error(w, "Internal Server Error", 500) + log.Fatal(err); + http.Error(w, "Internal Server Error", 500); } } - users.Insert(account.Username, string(account.Password), account.Firstname, account.Lastname, account.Email) - http.Redirect(w, r, "/login", http.StatusSeeOther) + err := users.Insert(account.Username, string(account.Password), account.Firstname, account.Lastname, account.Email); + + if err == ErrDuplicateEmail || err == ErrDuplicateUsername { + + } else if err != nil { + + } + + http.Redirect(w, r, "/login", http.StatusSeeOther); } } func account(w http.ResponseWriter, r *http.Request) { - //id, err := strconv.Atoi(r.URL.Query().Get("id")) - //if err != nil || id < 1 { - // http.NotFound(w, r) - // return - //} - //account, err := users.Get_account(int32(id)); - //if err != nil { - // log.Fatal(err); - //} + //id, err := strconv.Atoi(r.URL.Query().Get("id")); + //if err != nil || id < 1 {; + // http.NotFound(w, r); + // return; + //}; + //account, err := users.Get_account(int32(id));; + //if err != nil {; + // log.Fatal(err);; + //}; - id := authenticated_user(r) - account, err := users.Get_account(id) + id := authenticated_user(r); + account, err := users.Get_account(id); - text, err := template.ParseFiles("ui/base.html", "ui/account.html") + text, err := template.ParseFiles("ui/base.html", "ui/account.html"); if err != nil { - http.Error(w, "Internal Server Error", 500) - log.Fatal(err) + http.Error(w, "Internal Server Error", 500); + log.Fatal(err); } switch r.Method { case http.MethodGet: - err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account}) + err := text.Execute(w, templatedata{AuthenticatedUser: id, Account: account}); if err != nil { - log.Fatal(err) - http.Error(w, "Internal Server Error", 500) + log.Fatal(err); + http.Error(w, "Internal Server Error", 500); } } - //case http.MethodPost: - // text.Execute(w, false) - // if err != nil { - // log.Fatal(err) - // http.Error(w, "Internal Server Error", 500) - // } + //case http.MethodPost:; + // text.Execute(w, false); + // if err != nil {; + // log.Fatal(err); + // http.Error(w, "Internal Server Error", 500); + // }; } -func deleteaccount(w http.ResponseWriter, r *http.Request) { +func deleteaccount(w http.ResponseWriter, r *http.Request) {; - id := authenticated_user(r) + id := authenticated_user(r); switch r.Method { case http.MethodPost: - fmt.Println("Deleting account with id ", id) - users.Delete(id) + fmt.Println("Deleting account with id ", id); + users.Delete(id); session, _ := store.Get(r, "id"); session.Values["id"] = 0; - session.Save(r, w) + session.Save(r, w); - http.Redirect(w, r, "/", http.StatusSeeOther) + http.Redirect(w, r, "/", http.StatusSeeOther); } } diff --git a/main.go b/main.go index 23b0ea0..9d90857 100644 --- a/main.go +++ b/main.go @@ -2,126 +2,118 @@ // Created by vfs on 02.05.2024. // -package main +package main; -import "fmt" -import "log" -import "flag" -import "net/http" -import _ "github.com/lib/pq" -import "database/sql" -import "github.com/gorilla/sessions" -import "regexp" -import "golang.org/x/crypto/bcrypt" +import "fmt"; +import "log"; +import "flag"; +import "net/http"; +import _ "github.com/lib/pq"; +import "database/sql"; +import "github.com/gorilla/sessions"; +import "regexp"; +//import "golang.org/x/crypto/bcrypt"; -import "github.com/stripe/stripe-go/v78" -import "github.com/stripe/stripe-go/v78/customer" +import "github.com/stripe/stripe-go/v78"; +//import "github.com/stripe/stripe-go/v78/customer"; -var users *Usermodel +var users *Usermodel; -var key = []byte("super-secret-key") -var store = sessions.NewCookieStore(key) +var key = []byte("super-secret-key"); +var store = sessions.NewCookieStore(key); -var emailrx = regexp.MustCompile("/^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/") +var emailrx = regexp.MustCompile("/^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/"); -func secure_headers(next http.Handler) http.Handler { - fn := func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("X-XSS-Protection", "1; mode=block") - w.Header().Set("X-Frame-Options", "deny") +func secure_headers(next http.Handler) http.Handler {; + fn := func(w http.ResponseWriter, r *http.Request) {; + w.Header().Set("X-XSS-Protection", "1; mode=block"); + w.Header().Set("X-Frame-Options", "deny"); - next.ServeHTTP(w, r) + next.ServeHTTP(w, r); } - return http.HandlerFunc(fn) + return http.HandlerFunc(fn); } func require_authenticated_user(next http.HandlerFunc) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - // If the user is not authenticated, redirect them to the login page and - // return from the middleware chain so that no subsequent handlers in - // the chain are executed. + // If the user is not authenticated, redirect them to the login page and; + // return from the middleware chain so that no subsequent handlers in; + // the chain are executed.; if authenticated_user(r) == 0 { - http.Redirect(w, r, "/login", http.StatusSeeOther) - return + http.Redirect(w, r, "/login", http.StatusSeeOther); + return; } - // Otherwise call the next handler in the chain. - next.ServeHTTP(w, r) - }) + // Otherwise call the next handler in the chain.; + next.ServeHTTP(w, r); + }); } func main() { - addr := flag.String("addr", ":8080", "HTTP network address") - flag.Parse() - fmt.Println("Hello, Sailor!") + addr := flag.String("addr", ":8080", "HTTP network address"); + flag.Parse(); + fmt.Println("Hello, Sailor!"); - h, _ := bcrypt.GenerateFromPassword([]byte("password"), 12) + stripe.Key = "sk_test_51PGebgKUHKCjyTmc97rfDPcvew6EhqDz2qp3U7XoAMIilAU9IVo2NO4P7ylkTvbBafFVr94trha1VYY32jRWMw2K00Yq7YJXFf"; - fmt.Println(string(h)) + store.MaxAge(0); - stripe.Key = "sk_test_51PGebgKUHKCjyTmc97rfDPcvew6EhqDz2qp3U7XoAMIilAU9IVo2NO4P7ylkTvbBafFVr94trha1VYY32jRWMw2K00Yq7YJXFf" - - c, _ := customer.Get("cus_Q7am78hLcLUvGQ", nil) - - fmt.Println(c) - - store.MaxAge(0) - - db, err := sql.Open("postgres", "postgres://elves_database:iK2SoVbDhdCki5n3LxGyP6zKpLspt4@80.240.25.87/elves_database") + db, err := sql.Open("postgres", "postgres://elves_database:iK2SoVbDhdCki5n3LxGyP6zKpLspt4@80.240.25.87/elves_database"); if err != nil { - log.Fatal(err) + log.Fatal(err); } - defer db.Close() + defer db.Close(); - users = &Usermodel{db} + users = &Usermodel{db}; - mux := http.NewServeMux() + mux := http.NewServeMux(); - //rows, err := db.Query("SELECT * FROM accounts") - //if err != nil { - // log.Fatal(err) - //} - //defer rows.Close() + //rows, err := db.Query("SELECT * FROM accounts"); + //if err != nil {; + // log.Fatal(err); + //}; + //defer rows.Close(); - //accounts := make([]*Account, 0) - //for rows.Next() { - // acc := new(Account) - // err := rows.Scan(&acc.id, &acc.Username, &acc.password, &acc.Color) - // if err != nil { - // log.Fatal(err) - // } - // accounts = append(accounts, acc) - //} + //accounts := make([]*Account, 0); + //for rows.Next() {; + // acc := new(Account); + // err := rows.Scan(&acc.id, &acc.Username, &acc.password, &acc.Color); + // if err != nil {; + // log.Fatal(err); + // }; + // accounts = append(accounts, acc); + //}; - //if err = rows.Err(); err != nil { - // log.Fatal(err) - //} + //if err = rows.Err(); err != nil {; + // log.Fatal(err); + //}; - //for _, acc := range accounts { - // fmt.Println(acc) - //} + //for _, acc := range accounts {; + // fmt.Println(acc); + //}; - mux.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("static")))) + mux.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("static")))); - mux.HandleFunc("/favicon.ico", favicon) + mux.HandleFunc("/favicon.ico", favicon); - mux.HandleFunc("/", home) - mux.HandleFunc("/login", login) - mux.HandleFunc("/logout", logout) - mux.HandleFunc("/register", register) - mux.HandleFunc("/account", require_authenticated_user(account)) - mux.HandleFunc("/deleteaccount", require_authenticated_user(deleteaccount)) + mux.HandleFunc("/", home); + mux.HandleFunc("/login", login); + mux.HandleFunc("/logout", logout); + mux.HandleFunc("/register", register); + mux.HandleFunc("/account", require_authenticated_user(account)); + mux.HandleFunc("/deleteaccount", require_authenticated_user(deleteaccount)); - log.Fatal(http.ListenAndServe(*addr, secure_headers(mux))) + log.Fatal(http.ListenAndServe(*addr, secure_headers(mux))); } -//cookie := http.Cookie{ -// Name: "exampleCookie", -// Value: "Hello world!", -// Path: "/", -// HttpOnly: true, -// Secure: true, -// SameSite: http.SameSiteLaxMode, -//} -//http.SetCookie(w, &cookie) +//cookie := http.Cookie{; +// Name: "exampleCookie",; +// Value: "Hello world!",; +// Path: "/",; +// HttpOnly: true,; +// Secure: true,; +// SameSite: http.SameSiteLaxMode,; +//}; +//http.SetCookie(w, &cookie); diff --git a/models.go b/models.go index 953a678..1b05f97 100644 --- a/models.go +++ b/models.go @@ -2,110 +2,130 @@ // Created by vfs on 02.05.2024. // -package main +package main; -import "errors" -import "time" -import "golang.org/x/crypto/bcrypt" -import "database/sql" -import _ "github.com/lib/pq" -import "fmt" +import "errors"; +import "time"; +import "golang.org/x/crypto/bcrypt"; +import "database/sql"; +import _ "github.com/lib/pq"; +import "fmt"; -import "github.com/stripe/stripe-go/v78" -import "github.com/stripe/stripe-go/v78/customer" +import "github.com/stripe/stripe-go/v78"; +import "github.com/stripe/stripe-go/v78/customer"; -var ErrRoRecord = errors.New("no matching record found") -var ErrInvalidCredentials = errors.New("invalid credentials") -var ErrDuplicateEmail = errors.New("duplicate email") +var ErrRoRecord = errors.New("no matching record found"); +var ErrInvalidCredentials = errors.New("invalid credentials"); +var ErrDuplicateEmail = errors.New("duplicate email"); +var ErrDuplicateUsername = errors.New("duplicate username"); type Account struct { - Id int32 - Username string - Password []byte - Color int32 - Firstname string - Lastname string - Email string - Created time.Time - StripeID string + Id int32; + Username string; + Password []byte; + Color int32; + Firstname string; + Lastname string; + Email string; + Created time.Time; + StripeID string; } type Usermodel struct { - DB *sql.DB + DB *sql.DB; } func (m *Usermodel) Insert(username string, password string, firstname string, lastname string, email string) error { + + hashedpassword, err := bcrypt.GenerateFromPassword([]byte(password), 12); + stmt := `INSERT INTO accounts (username, password, firstname, lastname, email, created) VALUES ($1, $2, $3, $4, $5, NOW()) RETURNING id;`; + + var insertid int32; + + row := m.DB.QueryRow(stmt, username, string(hashedpassword), firstname, lastname, email); + if row.Err() != nil { + fmt.Println(err); + return err; + } + + err = row.Scan(&insertid); + params := &stripe.CustomerParams{ Name: stripe.String(fmt.Sprintf("%s %s", firstname, lastname)), Email: stripe.String(email), - } - customer, err := customer.New(params) + }; + customer, err := customer.New(params); - hashedpassword, err := bcrypt.GenerateFromPassword([]byte(password), 12) - stmt := `INSERT INTO accounts (username, password, firstname, lastname, email, created, stripe_id) VALUES ($1, $2, $3, $4, $5, NOW(), $6);` + stmt = `UPDATE accounts SET stripe_id = $1 WHERE id = $2;`; - _, err = m.DB.Exec(stmt, username, string(hashedpassword), firstname, lastname, email, customer.ID) + fmt.Println(customer.ID, insertid); + + _, err = m.DB.Exec(stmt, customer.ID, insertid); if err != nil { - fmt.Println(err) + fmt.Println(err); + return err; } - - return nil + return nil; } func (m *Usermodel) Delete(id int32) error { - account, err := users.Get_account(id) - result, err := customer.Del(account.StripeID, nil) - if err != nil { - fmt.Println(err) - } - fmt.Println(result) - stmt := `DELETE FROM accounts WHERE id = $1;` + account, err := users.Get_account(id); - _, err = m.DB.Exec(stmt, id) + if account.StripeID != "" { + result, err := customer.Del(account.StripeID, nil); + if err != nil { + fmt.Println(err); + } + fmt.Println(result); + } + + stmt := `DELETE FROM accounts WHERE id = $1;`; + + _, err = m.DB.Exec(stmt, id); if err != nil { - fmt.Println(err) + fmt.Println(err); } - return nil + return nil; } func (m *Usermodel) Get_account(id int32) (Account, error) { if id == 0 { - return Account{}, nil + return Account{}, nil; } - stmt := `SELECT id, username, password, color, firstname, lastname, email, created, stripe_id FROM accounts WHERE id = $1;` - row := m.DB.QueryRow(stmt, id) + stmt := `SELECT id, username, password, color, firstname, lastname, email, created, stripe_id FROM accounts WHERE id = $1;`; + row := m.DB.QueryRow(stmt, id); - var account Account - err := row.Scan(&account.Id, &account.Username, &account.Password, &account.Color, &account.Firstname, &account.Lastname, &account.Email, &account.Created, &account.StripeID) + var account Account; + err := row.Scan(&account.Id, &account.Username, &account.Password, &account.Color, &account.Firstname, &account.Lastname, &account.Email, &account.Created, &account.StripeID); if err == sql.ErrNoRows { - return Account{}, sql.ErrNoRows + return Account{}, sql.ErrNoRows; } else if err != nil { - return Account{}, err + return Account{}, err; } - return account, nil + return account, nil; } func (m *Usermodel) Authenticate(username string, password string) (int32, error) { - var id int32 - var hashedpassword []byte - row := m.DB.QueryRow("SELECT id, password FROM accounts WHERE username = $1", username) - err := row.Scan(&id, &hashedpassword) + var id int32; + var hashedpassword []byte; + row := m.DB.QueryRow("SELECT id, password FROM accounts WHERE username = $1", username); + err := row.Scan(&id, &hashedpassword); if err == sql.ErrNoRows { - return 0, ErrInvalidCredentials + return 0, ErrInvalidCredentials; } - err = bcrypt.CompareHashAndPassword(hashedpassword, []byte(password)) + err = bcrypt.CompareHashAndPassword(hashedpassword, []byte(password)); if err == bcrypt.ErrMismatchedHashAndPassword { - return 0, ErrInvalidCredentials + return 0, ErrInvalidCredentials; } else if err != nil { - return 0, err + return 0, err; } - return id, nil + return id, nil; }