server: implement working db transaction with users

server/api/api.go

@@ -21,5 +21,13 @@ func Start() {
 		r.Get("/", Whoami)
 	})
 
+	r.Route("/users", func(r chi.Router) {
+		r.Get("/", ListUsers)
+	})
+
+	r.Route("/register", func(r chi.Router) {
+		r.Post("/", NewUser)
+	})
+
 	http.ListenAndServe(":3000", r)
 }

server/api/auth.go

@@ -0,0 +1,13 @@
+package api
+
+import "golang.org/x/crypto/bcrypt"
+
+func hashPassword(password string) (string, error) {
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password),
+		bcrypt.DefaultCost)
+	return string(hashedPassword), err
+}
+
+func validatePassword(hashedPassword, password string) error {
+	return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
+}

server/api/db.go

@@ -0,0 +1,88 @@
+package api
+
+import (
+	"errors"
+	"fmt"
+	"log/slog"
+
+	"git.dubyatp.xyz/dubyatp/scannerbot/server/db"
+	"github.com/gocql/gocql"
+)
+
+func dbGetUser(id string) (*User, error) {
+	query := `SELECT id, name, password FROM users WHERE id = ?`
+	var user User
+	var gid gocql.UUID
+	err := db.Session.Query(query, id).Scan(&gid, &user.Name, &user.Password)
+	user.ID = [16]byte(gid)
+
+	if err == gocql.ErrNotFound {
+		slog.Debug("db: user not found", "userid", id)
+		return nil, errors.New("User not found")
+	} else if err != nil {
+		slog.Error("db: failed to query user", "error", err)
+		return nil, fmt.Errorf("failed to query user")
+	}
+
+	slog.Debug("db: user found", "userid", user.ID, "username", user.Name)
+	return &user, nil
+}
+
+func dbGetUserByName(username string) (*User, error) {
+	query := `SELECT id, name, password FROM users WHERE name = ?`
+	var user User
+	var gid gocql.UUID
+	err := db.Session.Query(query, username).Scan(&gid, &user.Name, &user.Password)
+	user.ID = [16]byte(gid)
+
+	if err == gocql.ErrNotFound {
+		slog.Debug("db: user not found", "username", username)
+		return nil, errors.New("User not found")
+	} else if err != nil {
+		slog.Error("db: failed to query user", "error", err)
+		return nil, fmt.Errorf("failed to query user")
+	}
+
+	slog.Debug("db: user found", "userid", user.ID, "username", user.Name)
+	return &user, nil
+}
+
+func dbGetAllUsers() ([]*User, error) {
+	query := `SELECT id, name, password FROM users`
+	iter := db.Session.Query(query).Iter()
+	defer iter.Close()
+
+	var users []*User
+	for {
+		user := &User{}
+		var gid gocql.UUID
+		if !iter.Scan(&gid, &user.Name, &user.Password) {
+			break
+		}
+		user.ID = [16]byte(gid)
+		users = append(users, user)
+	}
+	if err := iter.Close(); err != nil {
+		slog.Error("db: failed to iterate users", "error", err)
+		return nil, fmt.Errorf("failed to iterate users")
+	}
+	if len(users) == 0 {
+		slog.Debug("db: no users found")
+		return nil, errors.New("no users found")
+	}
+
+	slog.Debug("db: user list returned")
+	return users, nil
+}
+
+func dbAddUser(user *User) error {
+	query := `INSERT INTO users (id, name, password) VALUES (?, ?, ?)`
+	err := db.Session.Query(query, gocql.UUID(user.ID), user.Name, user.Password).Exec()
+	if err != nil {
+		slog.Error("db: failed to add user", "error", err, "userid", user.ID, "username", user.Name)
+		return fmt.Errorf("failed to add user")
+	}
+
+	slog.Debug("db: user added", "userid", user.ID, "username", user.Name)
+	return nil
+}

server/api/error.go

@@ -0,0 +1,41 @@
+package api
+
+import (
+	"net/http"
+
+	"github.com/go-chi/render"
+)
+
+type ErrResponse struct {
+	Err            error `json:"-"`
+	HTTPStatusCode int   `json:"-"`
+
+	StatusText string `json:"status"`
+	AppCode    int64  `json:"code,omitempty"`
+	ErrorText  string `json:"error,omitempty"`
+}
+
+func (e *ErrResponse) Render(w http.ResponseWriter, r *http.Request) error {
+	render.Status(r, e.HTTPStatusCode)
+	return nil
+}
+
+func ErrInvalidRequest(err error) render.Renderer {
+	return &ErrResponse{
+		Err:            err,
+		HTTPStatusCode: 400,
+		StatusText:     "Invalid request.",
+		ErrorText:      err.Error(),
+	}
+}
+
+func ErrRender(err error) render.Renderer {
+	return &ErrResponse{
+		Err:            err,
+		HTTPStatusCode: 422,
+		StatusText:     "Error rendering response.",
+		ErrorText:      err.Error(),
+	}
+}
+
+var ErrNotFound = &ErrResponse{HTTPStatusCode: 404, StatusText: "Resource not found."}

server/api/response.go

@@ -0,0 +1,23 @@
+package api
+
+import (
+	"net/http"
+
+	"github.com/go-chi/render"
+)
+
+func NewUserPayloadResponse(user *User) *UserPayload {
+	return &UserPayload{User: user}
+}
+
+func NewUserListResponse(users []*User) []render.Renderer {
+	list := []render.Renderer{}
+	for _, user := range users {
+		list = append(list, NewUserPayloadResponse(user))
+	}
+	return list
+}
+
+func (u *UserPayload) Render(w http.ResponseWriter, r *http.Request) error {
+	return nil
+}

server/api/user.go

@@ -4,6 +4,7 @@ import (
 	"log/slog"
 	"net/http"
 
+	"github.com/go-chi/render"
 	"github.com/google/uuid"
 )
 
@@ -17,6 +18,70 @@ func Whoami(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func ListUsers(w http.ResponseWriter, r *http.Request) {
+	slog.Debug("user: entering ListUsers handler")
+	dbUsers, err := dbGetAllUsers()
+	if err != nil {
+		slog.Error("user: failed to fetch users", "error", err)
+		render.Render(w, r, ErrRender(err))
+		return
+	}
+
+	slog.Debug("user: successfully fetched users", "count", len(dbUsers))
+	if err := render.RenderList(w, r, NewUserListResponse(dbUsers)); err != nil {
+		slog.Error("user: failed to render user list response", "error", err)
+		render.Render(w, r, ErrRender(err))
+		return
+	}
+}
+
+func newUserID() uuid.UUID {
+	return uuid.New()
+}
+
+func NewUser(w http.ResponseWriter, r *http.Request) {
+	slog.Debug("user: entering NewUser handler")
+	err := r.ParseMultipartForm(64 << 10)
+	if err != nil {
+		slog.Error("user: failed to parse multipartform", "error", err)
+		http.Error(w, "Unable to parse form", http.StatusBadRequest)
+		return
+	}
+
+	newUserName := r.FormValue("name")
+	password := r.FormValue("password")
+	if newUserName == "" || password == "" {
+		slog.Error("user: username or password is empty")
+		http.Error(w, "Username and password cannot be empty", http.StatusBadRequest)
+		return
+	}
+
+	slog.Debug("user: hashing password for new user", "userName", newUserName)
+	hashedPassword, err := hashPassword(password)
+	if err != nil {
+		slog.Error("user: failed to hash password", "error", err)
+		http.Error(w, "Unable to hash password", http.StatusInternalServerError)
+		return
+	}
+
+	newUser := User{
+		ID:       newUserID(),
+		Name:     newUserName,
+		Password: hashedPassword,
+	}
+
+	slog.Debug("user: adding new user to database", "userID", newUser.ID, "userName", newUser.Name)
+	err = dbAddUser(&newUser)
+	if err != nil {
+		slog.Error("user: failed to add new user", "userID", newUser.ID, "userName", newUser.Name, "error", err)
+		render.Render(w, r, ErrRender(err))
+		return
+	}
+
+	slog.Debug("user: successfully added new user", "userID", newUser.ID, "userName", newUser.Name)
+	render.Render(w, r, NewUserPayloadResponse(&newUser))
+}
+
 type User struct {
 	ID       uuid.UUID `json:"id"`
 	Name     string    `json:"name"`