1// SPDX-FileCopyrightText: Amolith <amolith@secluded.site>
2//
3// SPDX-License-Identifier: Apache-2.0
4
5package db
6
7import (
8 "database/sql"
9 "fmt"
10 "time"
11)
12
13// DeleteUser deletes specific user from the database and returns an error if it
14// fails.
15func DeleteUser(db *sql.DB, user string) error {
16 mutex.Lock()
17 defer mutex.Unlock()
18
19 _, err := db.Exec("DELETE FROM users WHERE username = ?", user)
20 if err != nil {
21 return fmt.Errorf("failed to execute SQL: %w", err)
22 }
23
24 return nil
25}
26
27// CreateUser creates a new user in the database and returns an error if it fails.
28func CreateUser(db *sql.DB, username, hash, salt string) error {
29 mutex.Lock()
30 defer mutex.Unlock()
31
32 _, err := db.Exec("INSERT INTO users (username, hash, salt) VALUES (?, ?, ?)", username, hash, salt)
33 if err != nil {
34 return fmt.Errorf("failed to execute SQL: %w", err)
35 }
36
37 return nil
38}
39
40// GetUser returns a user's hash and salt from the database as strings and
41// returns an error if it fails.
42func GetUser(db *sql.DB, username string) (string, string, error) {
43 var hash, salt string
44
45 err := db.QueryRow("SELECT hash, salt FROM users WHERE username = ?", username).Scan(&hash, &salt)
46 if err != nil {
47 return "", "", fmt.Errorf("failed to scan row: %w", err)
48 }
49
50 return hash, salt, nil
51}
52
53// GetUsers returns a list of all users in the database as a slice of strings
54// and returns an error if it fails.
55func GetUsers(db *sql.DB) ([]string, error) {
56 rows, err := db.Query("SELECT username FROM users")
57 if err != nil {
58 return nil, fmt.Errorf("failed to query database: %w", err)
59 }
60 defer rows.Close()
61
62 var users []string
63 for rows.Next() {
64 var user string
65
66 err = rows.Scan(&user)
67 if err != nil {
68 return nil, fmt.Errorf("failed to scan row: %w", err)
69 }
70
71 users = append(users, user)
72 }
73
74 return users, nil
75}
76
77// GetSession accepts a session ID and returns the username associated with it
78// and an error.
79func GetSession(db *sql.DB, session string) (string, time.Time, error) {
80 var (
81 username string
82 expiresString string
83 )
84
85 err := db.QueryRow("SELECT username, expires FROM sessions WHERE token = ?", session).Scan(&username, &expiresString)
86 if err != nil {
87 return "", time.Time{}, fmt.Errorf("failed to scan row: %w", err)
88 }
89
90 expires, err := time.Parse(time.RFC3339, expiresString)
91 if err != nil {
92 return "", time.Time{}, fmt.Errorf("failed to parse time: %w", err)
93 }
94
95 return username, expires, nil
96}
97
98// InvalidateSession invalidates a session by setting the expiration date to the
99// provided time.
100func InvalidateSession(db *sql.DB, session string, expiry time.Time) error {
101 mutex.Lock()
102 defer mutex.Unlock()
103
104 _, err := db.Exec("UPDATE sessions SET expires = ? WHERE token = ?", expiry.Format(time.RFC3339), session)
105 if err != nil {
106 return fmt.Errorf("failed to execute SQL: %w", err)
107 }
108
109 return nil
110}
111
112// CreateSession creates a new session in the database and returns an error if
113// it fails.
114func CreateSession(db *sql.DB, username, token string, expiry time.Time) error {
115 mutex.Lock()
116 defer mutex.Unlock()
117
118 _, err := db.Exec("INSERT INTO sessions (token, username, expires) VALUES (?, ?, ?)", token, username, expiry.Format(time.RFC3339))
119 if err != nil {
120 return fmt.Errorf("failed to execute SQL: %w", err)
121 }
122
123 return nil
124}