From e6a62bfeb159f02c279854afea206c3aa1c5b52b Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Sat, 10 Oct 2020 19:06:49 +0200 Subject: [PATCH] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20Simplify=20user=20storage?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- store.go | 145 +++++++++++++++++++++++--------------------------- store_test.go | 2 +- 2 files changed, 68 insertions(+), 79 deletions(-) diff --git a/store.go b/store.go index 3aa562b..19661a3 100644 --- a/store.go +++ b/store.go @@ -26,6 +26,7 @@ package main import ( + "encoding/json" "errors" "fmt" "strings" @@ -64,9 +65,10 @@ const ( ) type User struct { - Username string - Password string - Role GlobalRole + Username string + Password string `json:"-"` + PasswordHash string `json:"Password"` + Role GlobalRole } type Share struct { @@ -96,18 +98,6 @@ func (u User) key() string { return usersPrefix + u.Username } -func (u User) prefix() string { - return fmt.Sprintf("user:%s", u.Username) -} - -func (u User) roleKey() string { - return u.prefix() + ":role" -} - -func (u User) passwordKey() string { - return u.prefix() + ":password" -} - func NewDBStore(filename string) (*DBStore, error) { db, err := buntdb.Open(filename) if err != nil { @@ -128,24 +118,21 @@ var ErrUserExists = errors.New("user already exists") var ErrUserNotFound = errors.New("user not found") var ErrInvalidUsername = errors.New("invalid username") -func (store *DBStore) setUserValues(tx *buntdb.Tx, user User) (exists bool, err error) { - pwString, err := buildPassword(user.Username, user.Password) - if err != nil { - return false, fmt.Errorf("cannot hash password: %w", err) +func (u User) merge(updates User) (User, error) { + merged := u + + if updates.Password != "" { + pwHash, err := hashPassword(updates.Password) + if err != nil { + return u, fmt.Errorf("cannot hash password: %w", err) + } + merged.PasswordHash = pwHash + } + if updates.Role != "" { + merged.Role = updates.Role } - if _, replaced, err := tx.Set(user.roleKey(), string(user.Role), nil); err != nil { - return false, err - } else if replaced { - exists = true - } - if _, replaced, err := tx.Set(user.passwordKey(), pwString, nil); err != nil { - return false, err - } else if replaced { - exists = true - } - - return exists, nil + return merged, nil } func (store *DBStore) AddUser(user User) (err error) { @@ -153,17 +140,17 @@ func (store *DBStore) AddUser(user User) (err error) { return ErrInvalidUsername } if err = store.db.Update(func(tx *buntdb.Tx) error { - if _, exists, err := tx.Set(user.key(), "", nil); err != nil { + userBytes, err := json.Marshal(user) + if err != nil { + return fmt.Errorf("cannot marshal user: %w", err) + } + + if _, exists, err := tx.Set(user.key(), string(userBytes), nil); err != nil { return err } else if exists { return ErrUserExists } - if exists, err := store.setUserValues(tx, user); err != nil { - return err - } else if exists { - return ErrUserExists - } return nil }); err != nil { return err @@ -175,22 +162,16 @@ func (store *DBStore) GetUser(username string) (user User, err error) { if strings.Contains(username, ":") { return user, ErrInvalidUsername } - user.Username = username if err := store.db.View(func(tx *buntdb.Tx) error { - if val, err := tx.Get(user.roleKey()); err != nil && err != buntdb.ErrNotFound { + user.Username = username + if val, err := tx.Get(user.key()); err != nil && err != buntdb.ErrNotFound { return err } else if err == buntdb.ErrNotFound { return ErrUserNotFound - } else { - user.Role = GlobalRole(val) - } - if val, err := tx.Get(user.passwordKey()); err != nil && err != buntdb.ErrNotFound { - return err - } else if err == buntdb.ErrNotFound { - return ErrUserNotFound - } else { - user.Password = val + } else if err := json.Unmarshal([]byte(val), &user); err != nil { + return fmt.Errorf("cannot unmarshal user: %w", err) } + return nil }); err != nil { return user, err @@ -200,24 +181,26 @@ func (store *DBStore) GetUser(username string) (user User, err error) { func (store *DBStore) GetUsers() (users []User, err error) { err = store.db.View(func(tx *buntdb.Tx) error { - if err := tx.AscendKeys(usersPrefix+"*", func(key, value string) bool { + var processingError error + + if err := tx.AscendKeys(userPrefix+"*", func(key, value string) bool { var user User - user.Username = strings.TrimPrefix(key, usersPrefix) + + if err := json.Unmarshal([]byte(value), &user); err != nil { + processingError = err + return false + } + + // Just in case ... + user.Username = strings.TrimPrefix(key, userPrefix) + users = append(users, user) return true }); err != nil { return err } - for i := range users { - if roleString, err := tx.Get(users[i].roleKey()); err != nil { - return err - } else { - users[i].Role = GlobalRole(roleString) - } - } - - return nil + return processingError }) return users, err @@ -228,7 +211,29 @@ func (store *DBStore) Update(user User) error { return ErrInvalidUsername } return store.db.Update(func(tx *buntdb.Tx) error { - _, err := store.setUserValues(tx, user) + var existingUser User + + if val, err := tx.Get(user.key()); err != nil && err != buntdb.ErrNotFound { + return err + } else if err == buntdb.ErrNotFound { + return ErrUserNotFound + } else if err := json.Unmarshal([]byte(val), &existingUser); err != nil { + return fmt.Errorf("cannot unmarshal user: %w", err) + } + + mergedUser, err := existingUser.merge(user) + if err != nil { + return fmt.Errorf("cannot merge user: %w", err) + } + mergedUser.Username = user.Username + + userBytes, err := json.Marshal(mergedUser) + if err != nil { + return fmt.Errorf("cannot marshal user: %w", err) + } + + _, _, err = tx.Set(mergedUser.key(), string(userBytes), nil) + return err }) } @@ -239,35 +244,19 @@ func (store *DBStore) RemoveUser(username string) (err error) { } return store.db.Update(func(tx *buntdb.Tx) error { user := User{Username: username} - - // Delete the main key first. This is a good indicator if the user generally exists. if _, err := tx.Delete(user.key()); err == buntdb.ErrNotFound { return ErrUserNotFound } else if err != nil { return err } - - // Now get all attributes and delete them as well. One by one. - var keys []string - if err := tx.AscendKeys(user.prefix()+":*", func(key, value string) bool { - keys = append(keys, key) - return true - }); err != nil { - return fmt.Errorf("cannot iterate keys: %w", err) - } - for _, key := range keys { - if _, err := tx.Delete(key); err != nil { - return fmt.Errorf("cannot remove key: %w", err) - } - } return nil }) } -func buildPassword(username string, password string) (string, error) { +func hashPassword(password string) (string, error) { hash, err := bcrypt.GenerateFromPassword([]byte(password), 0) if err != nil { return "", err } - return fmt.Sprintf("%s:%s", username, hash), nil + return string(hash), nil } diff --git a/store_test.go b/store_test.go index 0d42e2f..b33b2af 100644 --- a/store_test.go +++ b/store_test.go @@ -31,7 +31,7 @@ func TestStoreUserHandling(t *testing.T) { }) t.Run("adding users should work", func(t *testing.T) { - if err := store.AddUser(User{"myuser", "mypass", GlobalRoleUser}); err != nil { + if err := store.AddUser(User{Username: "myuser", Password: "mypass", Role: GlobalRoleUser}); err != nil { t.Errorf("cannot add user: %v", err) }