2017-11-20 06:10:04 +01:00
|
|
|
// Copyright 2017 Frédéric Guillot. All rights reserved.
|
|
|
|
|
// Use of this source code is governed by the Apache 2.0
|
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
2018-08-25 06:51:50 +02:00
|
|
|
package storage // import "miniflux.app/storage"
|
2017-11-20 06:10:04 +01:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"database/sql"
|
|
|
|
|
"fmt"
|
|
|
|
|
"strings"
|
|
|
|
|
|
2020-07-29 05:28:02 +02:00
|
|
|
"miniflux.app/logger"
|
2018-08-25 06:51:50 +02:00
|
|
|
"miniflux.app/model"
|
2017-11-23 07:22:33 +01:00
|
|
|
|
2020-12-22 06:14:10 +01:00
|
|
|
"github.com/lib/pq"
|
2017-11-20 06:10:04 +01:00
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
|
)
|
|
|
|
|
|
2020-09-28 01:01:06 +02:00
|
|
|
// CountUsers returns the total number of users.
|
|
|
|
|
func (s *Storage) CountUsers() int {
|
|
|
|
|
var result int
|
|
|
|
|
err := s.db.QueryRow(`SELECT count(*) FROM users`).Scan(&result)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return 0
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return result
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-28 06:30:04 +01:00
|
|
|
// SetLastLogin updates the last login date of a user.
|
2017-11-20 06:10:04 +01:00
|
|
|
func (s *Storage) SetLastLogin(userID int64) error {
|
2019-10-30 06:48:07 +01:00
|
|
|
query := `UPDATE users SET last_login_at=now() WHERE id=$1`
|
2017-11-20 06:10:04 +01:00
|
|
|
_, err := s.db.Exec(query, userID)
|
|
|
|
|
if err != nil {
|
2019-10-30 06:48:07 +01:00
|
|
|
return fmt.Errorf(`store: unable to update last login date: %v`, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-28 06:30:04 +01:00
|
|
|
// UserExists checks if a user exists by using the given username.
|
2017-11-20 06:10:04 +01:00
|
|
|
func (s *Storage) UserExists(username string) bool {
|
2019-10-30 06:48:07 +01:00
|
|
|
var result bool
|
|
|
|
|
s.db.QueryRow(`SELECT true FROM users WHERE username=LOWER($1)`, username).Scan(&result)
|
|
|
|
|
return result
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
2017-11-28 06:30:04 +01:00
|
|
|
// AnotherUserExists checks if another user exists with the given username.
|
2017-11-20 06:10:04 +01:00
|
|
|
func (s *Storage) AnotherUserExists(userID int64, username string) bool {
|
2019-10-30 06:48:07 +01:00
|
|
|
var result bool
|
|
|
|
|
s.db.QueryRow(`SELECT true FROM users WHERE id != $1 AND username=LOWER($2)`, userID, username).Scan(&result)
|
|
|
|
|
return result
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
2017-11-28 06:30:04 +01:00
|
|
|
// CreateUser creates a new user.
|
2017-11-23 07:22:33 +01:00
|
|
|
func (s *Storage) CreateUser(user *model.User) (err error) {
|
2020-12-22 06:14:10 +01:00
|
|
|
hashedPassword := ""
|
2017-11-23 07:22:33 +01:00
|
|
|
if user.Password != "" {
|
2020-12-22 06:14:10 +01:00
|
|
|
hashedPassword, err = hashPassword(user.Password)
|
2017-11-23 07:22:33 +01:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
2019-04-29 03:20:46 +02:00
|
|
|
query := `
|
|
|
|
|
INSERT INTO users
|
2020-12-22 06:14:10 +01:00
|
|
|
(username, password, is_admin, google_id, openid_connect_id)
|
2017-11-25 19:40:23 +01:00
|
|
|
VALUES
|
2020-12-22 06:14:10 +01:00
|
|
|
(LOWER($1), $2, $3, $4, $5)
|
2019-04-29 03:20:46 +02:00
|
|
|
RETURNING
|
2020-12-22 06:14:10 +01:00
|
|
|
id,
|
|
|
|
|
username,
|
|
|
|
|
is_admin,
|
|
|
|
|
language,
|
|
|
|
|
theme,
|
|
|
|
|
timezone,
|
|
|
|
|
entry_direction,
|
|
|
|
|
entries_per_page,
|
|
|
|
|
keyboard_shortcuts,
|
|
|
|
|
show_reading_time,
|
|
|
|
|
entry_swipe,
|
|
|
|
|
stylesheet,
|
|
|
|
|
google_id,
|
|
|
|
|
openid_connect_id
|
2019-04-29 03:20:46 +02:00
|
|
|
`
|
2017-11-25 19:40:23 +01:00
|
|
|
|
2020-12-23 00:33:15 +01:00
|
|
|
tx, err := s.db.Begin()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf(`store: unable to start transaction: %v`, err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = tx.QueryRow(query, user.Username, hashedPassword, user.IsAdmin, user.GoogleID, user.OpenIDConnectID).Scan(
|
2017-11-25 19:40:23 +01:00
|
|
|
&user.ID,
|
2017-12-29 23:55:16 +01:00
|
|
|
&user.Username,
|
|
|
|
|
&user.IsAdmin,
|
2017-11-25 19:40:23 +01:00
|
|
|
&user.Language,
|
|
|
|
|
&user.Theme,
|
|
|
|
|
&user.Timezone,
|
2017-12-25 03:04:34 +01:00
|
|
|
&user.EntryDirection,
|
2020-07-09 01:24:54 +02:00
|
|
|
&user.EntriesPerPage,
|
2019-04-29 03:20:46 +02:00
|
|
|
&user.KeyboardShortcuts,
|
2020-07-17 04:46:24 +02:00
|
|
|
&user.ShowReadingTime,
|
2020-09-27 16:41:04 +02:00
|
|
|
&user.EntrySwipe,
|
2020-12-22 06:14:10 +01:00
|
|
|
&user.Stylesheet,
|
|
|
|
|
&user.GoogleID,
|
|
|
|
|
&user.OpenIDConnectID,
|
2017-11-25 19:40:23 +01:00
|
|
|
)
|
2017-11-20 06:10:04 +01:00
|
|
|
if err != nil {
|
2020-12-23 00:33:15 +01:00
|
|
|
tx.Rollback()
|
2019-10-30 06:48:07 +01:00
|
|
|
return fmt.Errorf(`store: unable to create user: %v`, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
2020-12-23 00:33:15 +01:00
|
|
|
_, err = tx.Exec(`INSERT INTO categories (user_id, title) VALUES ($1, $2)`, user.ID, "All")
|
|
|
|
|
if err != nil {
|
|
|
|
|
tx.Rollback()
|
|
|
|
|
return fmt.Errorf(`store: unable to create user default category: %v`, err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_, err = tx.Exec(`INSERT INTO integrations (user_id) VALUES ($1)`, user.ID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
tx.Rollback()
|
|
|
|
|
return fmt.Errorf(`store: unable to create integration row: %v`, err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := tx.Commit(); err != nil {
|
|
|
|
|
return fmt.Errorf(`store: unable to commit transaction: %v`, err)
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-20 06:10:04 +01:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-28 06:30:04 +01:00
|
|
|
// UpdateUser updates a user.
|
2017-11-20 06:10:04 +01:00
|
|
|
func (s *Storage) UpdateUser(user *model.User) error {
|
|
|
|
|
if user.Password != "" {
|
|
|
|
|
hashedPassword, err := hashPassword(user.Password)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-29 03:20:46 +02:00
|
|
|
query := `
|
|
|
|
|
UPDATE users SET
|
|
|
|
|
username=LOWER($1),
|
|
|
|
|
password=$2,
|
|
|
|
|
is_admin=$3,
|
|
|
|
|
theme=$4,
|
|
|
|
|
language=$5,
|
|
|
|
|
timezone=$6,
|
|
|
|
|
entry_direction=$7,
|
2020-07-09 01:24:54 +02:00
|
|
|
entries_per_page=$8,
|
2020-07-17 04:46:24 +02:00
|
|
|
keyboard_shortcuts=$9,
|
2020-09-27 16:41:04 +02:00
|
|
|
show_reading_time=$10,
|
2020-12-22 06:14:10 +01:00
|
|
|
entry_swipe=$11,
|
|
|
|
|
stylesheet=$12,
|
|
|
|
|
google_id=$13,
|
|
|
|
|
openid_connect_id=$14
|
2019-04-29 03:20:46 +02:00
|
|
|
WHERE
|
2020-12-22 06:14:10 +01:00
|
|
|
id=$15
|
2019-04-29 03:20:46 +02:00
|
|
|
`
|
2017-12-03 02:04:01 +01:00
|
|
|
|
|
|
|
|
_, err = s.db.Exec(
|
|
|
|
|
query,
|
|
|
|
|
user.Username,
|
|
|
|
|
hashedPassword,
|
|
|
|
|
user.IsAdmin,
|
|
|
|
|
user.Theme,
|
|
|
|
|
user.Language,
|
|
|
|
|
user.Timezone,
|
|
|
|
|
user.EntryDirection,
|
2020-07-09 01:24:54 +02:00
|
|
|
user.EntriesPerPage,
|
2019-04-29 03:20:46 +02:00
|
|
|
user.KeyboardShortcuts,
|
2020-07-17 04:46:24 +02:00
|
|
|
user.ShowReadingTime,
|
2020-09-27 16:41:04 +02:00
|
|
|
user.EntrySwipe,
|
2020-12-22 06:14:10 +01:00
|
|
|
user.Stylesheet,
|
|
|
|
|
user.GoogleID,
|
|
|
|
|
user.OpenIDConnectID,
|
2017-12-03 02:04:01 +01:00
|
|
|
user.ID,
|
|
|
|
|
)
|
2017-11-20 06:10:04 +01:00
|
|
|
if err != nil {
|
2019-10-30 06:48:07 +01:00
|
|
|
return fmt.Errorf(`store: unable to update user: %v`, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
} else {
|
2019-04-29 03:20:46 +02:00
|
|
|
query := `
|
|
|
|
|
UPDATE users SET
|
|
|
|
|
username=LOWER($1),
|
|
|
|
|
is_admin=$2,
|
|
|
|
|
theme=$3,
|
|
|
|
|
language=$4,
|
|
|
|
|
timezone=$5,
|
|
|
|
|
entry_direction=$6,
|
2020-07-09 01:24:54 +02:00
|
|
|
entries_per_page=$7,
|
2020-07-17 04:46:24 +02:00
|
|
|
keyboard_shortcuts=$8,
|
2020-09-27 16:41:04 +02:00
|
|
|
show_reading_time=$9,
|
2020-12-22 06:14:10 +01:00
|
|
|
entry_swipe=$10,
|
|
|
|
|
stylesheet=$11,
|
|
|
|
|
google_id=$12,
|
|
|
|
|
openid_connect_id=$13
|
2019-04-29 03:20:46 +02:00
|
|
|
WHERE
|
2020-12-22 06:14:10 +01:00
|
|
|
id=$14
|
2019-04-29 03:20:46 +02:00
|
|
|
`
|
2017-12-03 02:04:01 +01:00
|
|
|
|
|
|
|
|
_, err := s.db.Exec(
|
|
|
|
|
query,
|
|
|
|
|
user.Username,
|
|
|
|
|
user.IsAdmin,
|
|
|
|
|
user.Theme,
|
|
|
|
|
user.Language,
|
|
|
|
|
user.Timezone,
|
|
|
|
|
user.EntryDirection,
|
2020-07-09 01:24:54 +02:00
|
|
|
user.EntriesPerPage,
|
2019-04-29 03:20:46 +02:00
|
|
|
user.KeyboardShortcuts,
|
2020-07-17 04:46:24 +02:00
|
|
|
user.ShowReadingTime,
|
2020-09-27 16:41:04 +02:00
|
|
|
user.EntrySwipe,
|
2020-12-22 06:14:10 +01:00
|
|
|
user.Stylesheet,
|
|
|
|
|
user.GoogleID,
|
|
|
|
|
user.OpenIDConnectID,
|
2017-12-03 02:04:01 +01:00
|
|
|
user.ID,
|
|
|
|
|
)
|
|
|
|
|
|
2017-11-20 06:10:04 +01:00
|
|
|
if err != nil {
|
2019-10-30 06:48:07 +01:00
|
|
|
return fmt.Errorf(`store: unable to update user: %v`, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
2020-04-26 05:18:10 +02:00
|
|
|
}
|
2020-03-31 01:54:02 +02:00
|
|
|
|
2017-11-20 06:10:04 +01:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-28 06:08:32 +01:00
|
|
|
// UserLanguage returns the language of the given user.
|
2018-10-15 06:43:48 +02:00
|
|
|
func (s *Storage) UserLanguage(userID int64) (language string) {
|
|
|
|
|
err := s.db.QueryRow(`SELECT language FROM users WHERE id = $1`, userID).Scan(&language)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "en_US"
|
2018-02-28 06:08:32 +01:00
|
|
|
}
|
2018-10-15 06:43:48 +02:00
|
|
|
|
|
|
|
|
return language
|
2018-02-28 06:08:32 +01:00
|
|
|
}
|
|
|
|
|
|
2017-11-28 06:30:04 +01:00
|
|
|
// UserByID finds a user by the ID.
|
|
|
|
|
func (s *Storage) UserByID(userID int64) (*model.User, error) {
|
2019-04-29 03:20:46 +02:00
|
|
|
query := `
|
|
|
|
|
SELECT
|
2019-10-30 06:48:07 +01:00
|
|
|
id,
|
|
|
|
|
username,
|
|
|
|
|
is_admin,
|
|
|
|
|
theme,
|
|
|
|
|
language,
|
|
|
|
|
timezone,
|
|
|
|
|
entry_direction,
|
2020-07-09 01:24:54 +02:00
|
|
|
entries_per_page,
|
2019-10-30 06:48:07 +01:00
|
|
|
keyboard_shortcuts,
|
2020-07-17 04:46:24 +02:00
|
|
|
show_reading_time,
|
2020-09-27 16:41:04 +02:00
|
|
|
entry_swipe,
|
2019-10-30 06:48:07 +01:00
|
|
|
last_login_at,
|
2020-12-22 06:14:10 +01:00
|
|
|
stylesheet,
|
|
|
|
|
google_id,
|
|
|
|
|
openid_connect_id
|
2019-04-29 03:20:46 +02:00
|
|
|
FROM
|
|
|
|
|
users
|
|
|
|
|
WHERE
|
|
|
|
|
id = $1
|
|
|
|
|
`
|
2017-12-29 22:53:02 +01:00
|
|
|
return s.fetchUser(query, userID)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
2017-11-28 06:30:04 +01:00
|
|
|
// UserByUsername finds a user by the username.
|
|
|
|
|
func (s *Storage) UserByUsername(username string) (*model.User, error) {
|
2019-04-29 03:20:46 +02:00
|
|
|
query := `
|
|
|
|
|
SELECT
|
2019-10-30 06:48:07 +01:00
|
|
|
id,
|
|
|
|
|
username,
|
|
|
|
|
is_admin,
|
|
|
|
|
theme,
|
|
|
|
|
language,
|
|
|
|
|
timezone,
|
|
|
|
|
entry_direction,
|
2020-07-09 01:24:54 +02:00
|
|
|
entries_per_page,
|
2019-10-30 06:48:07 +01:00
|
|
|
keyboard_shortcuts,
|
2020-07-17 04:46:24 +02:00
|
|
|
show_reading_time,
|
2020-09-27 16:41:04 +02:00
|
|
|
entry_swipe,
|
2019-10-30 06:48:07 +01:00
|
|
|
last_login_at,
|
2020-12-22 06:14:10 +01:00
|
|
|
stylesheet,
|
|
|
|
|
google_id,
|
|
|
|
|
openid_connect_id
|
2019-04-29 03:20:46 +02:00
|
|
|
FROM
|
|
|
|
|
users
|
|
|
|
|
WHERE
|
|
|
|
|
username=LOWER($1)
|
|
|
|
|
`
|
2017-12-29 22:53:02 +01:00
|
|
|
return s.fetchUser(query, username)
|
2017-11-23 07:22:33 +01:00
|
|
|
}
|
|
|
|
|
|
2020-12-22 06:14:10 +01:00
|
|
|
// UserByField finds a user by a field value.
|
|
|
|
|
func (s *Storage) UserByField(field, value string) (*model.User, error) {
|
2019-04-29 03:20:46 +02:00
|
|
|
query := `
|
|
|
|
|
SELECT
|
2019-10-30 06:48:07 +01:00
|
|
|
id,
|
|
|
|
|
username,
|
|
|
|
|
is_admin,
|
|
|
|
|
theme,
|
|
|
|
|
language,
|
|
|
|
|
timezone,
|
|
|
|
|
entry_direction,
|
2020-07-09 01:24:54 +02:00
|
|
|
entries_per_page,
|
2019-10-30 06:48:07 +01:00
|
|
|
keyboard_shortcuts,
|
2020-07-17 04:46:24 +02:00
|
|
|
show_reading_time,
|
2020-09-27 16:41:04 +02:00
|
|
|
entry_swipe,
|
2019-10-30 06:48:07 +01:00
|
|
|
last_login_at,
|
2020-12-22 06:14:10 +01:00
|
|
|
stylesheet,
|
|
|
|
|
google_id,
|
|
|
|
|
openid_connect_id
|
2019-04-29 03:20:46 +02:00
|
|
|
FROM
|
|
|
|
|
users
|
|
|
|
|
WHERE
|
2020-12-22 06:14:10 +01:00
|
|
|
%s=$1
|
2019-04-29 03:20:46 +02:00
|
|
|
`
|
2020-12-22 06:14:10 +01:00
|
|
|
return s.fetchUser(fmt.Sprintf(query, pq.QuoteIdentifier(field)), value)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// AnotherUserWithFieldExists returns true if a user has the value set for the given field.
|
|
|
|
|
func (s *Storage) AnotherUserWithFieldExists(userID int64, field, value string) bool {
|
|
|
|
|
var result bool
|
|
|
|
|
s.db.QueryRow(fmt.Sprintf(`SELECT true FROM users WHERE id <> $1 AND %s=$2`, pq.QuoteIdentifier(field)), userID, value).Scan(&result)
|
|
|
|
|
return result
|
2017-12-29 22:53:02 +01:00
|
|
|
}
|
|
|
|
|
|
2020-03-02 02:38:29 +01:00
|
|
|
// UserByAPIKey returns a User from an API Key.
|
|
|
|
|
func (s *Storage) UserByAPIKey(token string) (*model.User, error) {
|
|
|
|
|
query := `
|
|
|
|
|
SELECT
|
|
|
|
|
u.id,
|
|
|
|
|
u.username,
|
|
|
|
|
u.is_admin,
|
|
|
|
|
u.theme,
|
|
|
|
|
u.language,
|
|
|
|
|
u.timezone,
|
|
|
|
|
u.entry_direction,
|
2020-07-09 01:24:54 +02:00
|
|
|
u.entries_per_page,
|
2020-03-02 02:38:29 +01:00
|
|
|
u.keyboard_shortcuts,
|
2020-07-17 04:46:24 +02:00
|
|
|
u.show_reading_time,
|
2020-09-27 16:41:04 +02:00
|
|
|
u.entry_swipe,
|
2020-03-02 02:38:29 +01:00
|
|
|
u.last_login_at,
|
2020-12-22 06:14:10 +01:00
|
|
|
u.stylesheet,
|
|
|
|
|
u.google_id,
|
|
|
|
|
u.openid_connect_id
|
2020-03-02 02:38:29 +01:00
|
|
|
FROM
|
|
|
|
|
users u
|
|
|
|
|
LEFT JOIN
|
|
|
|
|
api_keys ON api_keys.user_id=u.id
|
|
|
|
|
WHERE
|
|
|
|
|
api_keys.token = $1
|
|
|
|
|
`
|
|
|
|
|
return s.fetchUser(query, token)
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-29 22:53:02 +01:00
|
|
|
func (s *Storage) fetchUser(query string, args ...interface{}) (*model.User, error) {
|
|
|
|
|
user := model.NewUser()
|
|
|
|
|
err := s.db.QueryRow(query, args...).Scan(
|
2017-12-03 02:04:01 +01:00
|
|
|
&user.ID,
|
|
|
|
|
&user.Username,
|
|
|
|
|
&user.IsAdmin,
|
|
|
|
|
&user.Theme,
|
|
|
|
|
&user.Language,
|
|
|
|
|
&user.Timezone,
|
|
|
|
|
&user.EntryDirection,
|
2020-07-09 01:24:54 +02:00
|
|
|
&user.EntriesPerPage,
|
2019-04-29 03:20:46 +02:00
|
|
|
&user.KeyboardShortcuts,
|
2020-07-17 04:46:24 +02:00
|
|
|
&user.ShowReadingTime,
|
2020-09-27 16:41:04 +02:00
|
|
|
&user.EntrySwipe,
|
2017-12-29 22:53:02 +01:00
|
|
|
&user.LastLoginAt,
|
2020-12-22 06:14:10 +01:00
|
|
|
&user.Stylesheet,
|
|
|
|
|
&user.GoogleID,
|
|
|
|
|
&user.OpenIDConnectID,
|
2017-12-03 02:04:01 +01:00
|
|
|
)
|
2017-12-29 22:53:02 +01:00
|
|
|
|
2017-11-23 07:22:33 +01:00
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
|
return nil, nil
|
|
|
|
|
} else if err != nil {
|
2019-10-30 06:48:07 +01:00
|
|
|
return nil, fmt.Errorf(`store: unable to fetch user: %v`, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
2017-12-29 22:53:02 +01:00
|
|
|
return user, nil
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
2017-11-28 06:30:04 +01:00
|
|
|
// RemoveUser deletes a user.
|
2017-11-20 06:10:04 +01:00
|
|
|
func (s *Storage) RemoveUser(userID int64) error {
|
2020-12-23 00:33:15 +01:00
|
|
|
tx, err := s.db.Begin()
|
2017-11-20 06:10:04 +01:00
|
|
|
if err != nil {
|
2019-11-18 07:13:16 +01:00
|
|
|
return fmt.Errorf(`store: unable to start transaction: %v`, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
2020-12-23 00:33:15 +01:00
|
|
|
if _, err := tx.Exec(`DELETE FROM users WHERE id=$1`, userID); err != nil {
|
|
|
|
|
tx.Rollback()
|
2019-11-18 07:13:16 +01:00
|
|
|
return fmt.Errorf(`store: unable to remove user #%d: %v`, userID, err)
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-23 00:33:15 +01:00
|
|
|
if _, err := tx.Exec(`DELETE FROM integrations WHERE user_id=$1`, userID); err != nil {
|
|
|
|
|
tx.Rollback()
|
2019-11-18 07:13:16 +01:00
|
|
|
return fmt.Errorf(`store: unable to remove integration settings for user #%d: %v`, userID, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
2020-12-23 00:33:15 +01:00
|
|
|
if err := tx.Commit(); err != nil {
|
2019-11-18 07:13:16 +01:00
|
|
|
return fmt.Errorf(`store: unable to commit transaction: %v`, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-29 05:28:02 +02:00
|
|
|
// RemoveUserAsync deletes user data without locking the database.
|
|
|
|
|
func (s *Storage) RemoveUserAsync(userID int64) {
|
|
|
|
|
go func() {
|
|
|
|
|
deleteUserFeeds(s.db, userID)
|
|
|
|
|
s.db.Exec(`DELETE FROM users WHERE id=$1`, userID)
|
|
|
|
|
s.db.Exec(`DELETE FROM integrations WHERE user_id=$1`, userID)
|
|
|
|
|
}()
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-28 06:30:04 +01:00
|
|
|
// Users returns all users.
|
|
|
|
|
func (s *Storage) Users() (model.Users, error) {
|
2017-12-29 22:53:02 +01:00
|
|
|
query := `
|
|
|
|
|
SELECT
|
2019-10-30 06:48:07 +01:00
|
|
|
id,
|
|
|
|
|
username,
|
|
|
|
|
is_admin,
|
|
|
|
|
theme,
|
|
|
|
|
language,
|
|
|
|
|
timezone,
|
|
|
|
|
entry_direction,
|
2020-07-09 01:24:54 +02:00
|
|
|
entries_per_page,
|
2019-10-30 06:48:07 +01:00
|
|
|
keyboard_shortcuts,
|
2020-07-17 04:46:24 +02:00
|
|
|
show_reading_time,
|
2020-09-27 16:41:04 +02:00
|
|
|
entry_swipe,
|
2019-10-30 06:48:07 +01:00
|
|
|
last_login_at,
|
2020-12-22 06:14:10 +01:00
|
|
|
stylesheet,
|
|
|
|
|
google_id,
|
|
|
|
|
openid_connect_id
|
2019-04-29 03:20:46 +02:00
|
|
|
FROM
|
|
|
|
|
users
|
|
|
|
|
ORDER BY username ASC
|
|
|
|
|
`
|
2017-12-03 02:04:01 +01:00
|
|
|
rows, err := s.db.Query(query)
|
2017-11-20 06:10:04 +01:00
|
|
|
if err != nil {
|
2019-10-30 06:48:07 +01:00
|
|
|
return nil, fmt.Errorf(`store: unable to fetch users: %v`, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
defer rows.Close()
|
|
|
|
|
|
2017-12-03 02:04:01 +01:00
|
|
|
var users model.Users
|
2017-11-20 06:10:04 +01:00
|
|
|
for rows.Next() {
|
2017-12-29 22:53:02 +01:00
|
|
|
user := model.NewUser()
|
2017-11-20 06:10:04 +01:00
|
|
|
err := rows.Scan(
|
|
|
|
|
&user.ID,
|
|
|
|
|
&user.Username,
|
|
|
|
|
&user.IsAdmin,
|
|
|
|
|
&user.Theme,
|
|
|
|
|
&user.Language,
|
|
|
|
|
&user.Timezone,
|
2017-12-29 22:53:02 +01:00
|
|
|
&user.EntryDirection,
|
2020-07-09 01:24:54 +02:00
|
|
|
&user.EntriesPerPage,
|
2019-04-29 03:20:46 +02:00
|
|
|
&user.KeyboardShortcuts,
|
2020-07-17 04:46:24 +02:00
|
|
|
&user.ShowReadingTime,
|
2020-09-27 16:41:04 +02:00
|
|
|
&user.EntrySwipe,
|
2017-11-20 06:10:04 +01:00
|
|
|
&user.LastLoginAt,
|
2020-12-22 06:14:10 +01:00
|
|
|
&user.Stylesheet,
|
|
|
|
|
&user.GoogleID,
|
|
|
|
|
&user.OpenIDConnectID,
|
2017-11-20 06:10:04 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
2019-10-30 06:48:07 +01:00
|
|
|
return nil, fmt.Errorf(`store: unable to fetch users row: %v`, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
2017-12-29 22:53:02 +01:00
|
|
|
users = append(users, user)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return users, nil
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-28 06:30:04 +01:00
|
|
|
// CheckPassword validate the hashed password.
|
2017-11-20 06:10:04 +01:00
|
|
|
func (s *Storage) CheckPassword(username, password string) error {
|
|
|
|
|
var hash string
|
|
|
|
|
username = strings.ToLower(username)
|
|
|
|
|
|
|
|
|
|
err := s.db.QueryRow("SELECT password FROM users WHERE username=$1", username).Scan(&hash)
|
|
|
|
|
if err == sql.ErrNoRows {
|
2019-10-30 06:48:07 +01:00
|
|
|
return fmt.Errorf(`store: unable to find this user: %s`, username)
|
2017-11-20 06:10:04 +01:00
|
|
|
} else if err != nil {
|
2019-10-30 06:48:07 +01:00
|
|
|
return fmt.Errorf(`store: unable to fetch user: %v`, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)); err != nil {
|
2019-10-30 06:48:07 +01:00
|
|
|
return fmt.Errorf(`store: invalid password for "%s" (%v)`, username, err)
|
2017-11-20 06:10:04 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-30 02:04:23 +02:00
|
|
|
// HasPassword returns true if the given user has a password defined.
|
|
|
|
|
func (s *Storage) HasPassword(userID int64) (bool, error) {
|
|
|
|
|
var result bool
|
|
|
|
|
query := `SELECT true FROM users WHERE id=$1 AND password <> ''`
|
|
|
|
|
|
|
|
|
|
err := s.db.QueryRow(query, userID).Scan(&result)
|
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
|
return false, nil
|
|
|
|
|
} else if err != nil {
|
2019-10-30 06:48:07 +01:00
|
|
|
return false, fmt.Errorf(`store: unable to execute query: %v`, err)
|
2018-04-30 02:04:23 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if result {
|
|
|
|
|
return true, nil
|
|
|
|
|
}
|
|
|
|
|
return false, nil
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-20 06:10:04 +01:00
|
|
|
func hashPassword(password string) (string, error) {
|
|
|
|
|
bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
|
|
|
|
return string(bytes), err
|
|
|
|
|
}
|
2020-07-29 05:28:02 +02:00
|
|
|
|
|
|
|
|
func deleteUserFeeds(db *sql.DB, userID int64) {
|
|
|
|
|
query := `SELECT id FROM feeds WHERE user_id=$1`
|
|
|
|
|
rows, err := db.Query(query, userID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Error(`store: unable to get user feeds: %v`, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
defer rows.Close()
|
|
|
|
|
|
|
|
|
|
var feedIDs []int64
|
|
|
|
|
for rows.Next() {
|
|
|
|
|
var feedID int64
|
|
|
|
|
rows.Scan(&feedID)
|
|
|
|
|
feedIDs = append(feedIDs, feedID)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
worker := func(jobs <-chan int64, results chan<- bool) {
|
|
|
|
|
for feedID := range jobs {
|
|
|
|
|
deleteUserEntries(db, userID, feedID)
|
|
|
|
|
db.Exec(`DELETE FROM feeds WHERE id=$1`, feedID)
|
|
|
|
|
results <- true
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const numWorkers = 3
|
|
|
|
|
numJobs := len(feedIDs)
|
|
|
|
|
jobs := make(chan int64, numJobs)
|
|
|
|
|
results := make(chan bool, numJobs)
|
|
|
|
|
|
|
|
|
|
for w := 0; w < numWorkers; w++ {
|
|
|
|
|
go worker(jobs, results)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for j := 0; j < numJobs; j++ {
|
|
|
|
|
jobs <- feedIDs[j]
|
|
|
|
|
}
|
|
|
|
|
close(jobs)
|
|
|
|
|
|
|
|
|
|
for a := 1; a <= numJobs; a++ {
|
|
|
|
|
<-results
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func deleteUserEntries(db *sql.DB, userID int64, feedID int64) {
|
|
|
|
|
query := `SELECT id FROM entries WHERE user_id=$1 AND feed_id=$2`
|
|
|
|
|
rows, err := db.Query(query, userID, feedID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Error(`store: unable to get user feed entries: %v`, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
defer rows.Close()
|
|
|
|
|
|
|
|
|
|
for rows.Next() {
|
|
|
|
|
var entryID int64
|
|
|
|
|
rows.Scan(&entryID)
|
|
|
|
|
deleteUserEnclosures(db, userID, entryID)
|
|
|
|
|
db.Exec(`DELETE FROM entries WHERE id=$1`, entryID)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func deleteUserEnclosures(db *sql.DB, userID int64, entryID int64) {
|
|
|
|
|
query := `SELECT id FROM enclosures WHERE user_id=$1 AND entry_id=$2`
|
|
|
|
|
rows, err := db.Query(query, userID, entryID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Error(`store: unable to get user entry enclosures: %v`, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
defer rows.Close()
|
|
|
|
|
|
|
|
|
|
for rows.Next() {
|
|
|
|
|
var enclosureID int64
|
|
|
|
|
rows.Scan(&enclosureID)
|
|
|
|
|
go func() {
|
|
|
|
|
db.Exec(`DELETE FROM enclosures WHERE id=$1`, enclosureID)
|
|
|
|
|
}()
|
|
|
|
|
}
|
|
|
|
|
}
|
