1// SPDX-FileCopyrightText: Amolith <amolith@secluded.site>
  2//
  3// SPDX-License-Identifier: Apache-2.0
  4
  5package db
  6
  7import (
  8	"database/sql"
  9	"time"
 10)
 11
 12// DeleteUser deletes specific user from the database and returns an error if it
 13// fails.
 14func DeleteUser(db *sql.DB, user string) error {
 15	mutex.Lock()
 16	defer mutex.Unlock()
 17
 18	_, err := db.Exec("DELETE FROM users WHERE username = ?", user)
 19
 20	return err
 21}
 22
 23// CreateUser creates a new user in the database and returns an error if it fails.
 24func CreateUser(db *sql.DB, username, hash, salt string) error {
 25	mutex.Lock()
 26	defer mutex.Unlock()
 27
 28	_, err := db.Exec("INSERT INTO users (username, hash, salt) VALUES (?, ?, ?)", username, hash, salt)
 29
 30	return err
 31}
 32
 33// GetUser returns a user's hash and salt from the database as strings and
 34// returns an error if it fails.
 35func GetUser(db *sql.DB, username string) (string, string, error) {
 36	var hash, salt string
 37
 38	err := db.QueryRow("SELECT hash, salt FROM users WHERE username = ?", username).Scan(&hash, &salt)
 39
 40	return hash, salt, err
 41}
 42
 43// GetUsers returns a list of all users in the database as a slice of strings
 44// and returns an error if it fails.
 45func GetUsers(db *sql.DB) ([]string, error) {
 46	rows, err := db.Query("SELECT username FROM users")
 47	if err != nil {
 48		return nil, err
 49	}
 50	defer rows.Close()
 51
 52	var users []string
 53	for rows.Next() {
 54		var user string
 55
 56		err = rows.Scan(&user)
 57		if err != nil {
 58			return nil, err
 59		}
 60
 61		users = append(users, user)
 62	}
 63
 64	return users, nil
 65}
 66
 67// GetSession accepts a session ID and returns the username associated with it
 68// and an error.
 69func GetSession(db *sql.DB, session string) (string, time.Time, error) {
 70	var (
 71		username      string
 72		expiresString string
 73	)
 74
 75	err := db.QueryRow("SELECT username, expires FROM sessions WHERE token = ?", session).Scan(&username, &expiresString)
 76	if err != nil {
 77		return "", time.Time{}, err
 78	}
 79
 80	expires, err := time.Parse(time.RFC3339, expiresString)
 81	if err != nil {
 82		return "", time.Time{}, err
 83	}
 84
 85	return username, expires, nil
 86}
 87
 88// InvalidateSession invalidates a session by setting the expiration date to the
 89// provided time.
 90func InvalidateSession(db *sql.DB, session string, expiry time.Time) error {
 91	mutex.Lock()
 92	defer mutex.Unlock()
 93
 94	_, err := db.Exec("UPDATE sessions SET expires = ? WHERE token = ?", expiry.Format(time.RFC3339), session)
 95
 96	return err
 97}
 98
 99// CreateSession creates a new session in the database and returns an error if
100// it fails.
101func CreateSession(db *sql.DB, username, token string, expiry time.Time) error {
102	mutex.Lock()
103	defer mutex.Unlock()
104
105	_, err := db.Exec("INSERT INTO sessions (token, username, expires) VALUES (?, ?, ?)", token, username, expiry.Format(time.RFC3339))
106
107	return err
108}