server: implement working db transaction with users

server/api/api.go

@@ -21,5 +21,13 @@ func Start() {
 		r.Get("/", Whoami)
 	})
 
+	r.Route("/users", func(r chi.Router) {
+		r.Get("/", ListUsers)
+	})
+
+	r.Route("/register", func(r chi.Router) {
+		r.Post("/", NewUser)
+	})
+
 	http.ListenAndServe(":3000", r)
 }

server/api/auth.go

@@ -0,0 +1,13 @@
+package api
+
+import "golang.org/x/crypto/bcrypt"
+
+func hashPassword(password string) (string, error) {
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password),
+		bcrypt.DefaultCost)
+	return string(hashedPassword), err
+}
+
+func validatePassword(hashedPassword, password string) error {
+	return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
+}

server/api/db.go

@@ -0,0 +1,88 @@
+package api
+
+import (
+	"errors"
+	"fmt"
+	"log/slog"
+
+	"git.dubyatp.xyz/dubyatp/scannerbot/server/db"
+	"github.com/gocql/gocql"
+)
+
+func dbGetUser(id string) (*User, error) {
+	query := `SELECT id, name, password FROM users WHERE id = ?`
+	var user User
+	var gid gocql.UUID
+	err := db.Session.Query(query, id).Scan(&gid, &user.Name, &user.Password)
+	user.ID = [16]byte(gid)
+
+	if err == gocql.ErrNotFound {
+		slog.Debug("db: user not found", "userid", id)
+		return nil, errors.New("User not found")
+	} else if err != nil {
+		slog.Error("db: failed to query user", "error", err)
+		return nil, fmt.Errorf("failed to query user")
+	}
+
+	slog.Debug("db: user found", "userid", user.ID, "username", user.Name)
+	return &user, nil
+}
+
+func dbGetUserByName(username string) (*User, error) {
+	query := `SELECT id, name, password FROM users WHERE name = ?`
+	var user User
+	var gid gocql.UUID
+	err := db.Session.Query(query, username).Scan(&gid, &user.Name, &user.Password)
+	user.ID = [16]byte(gid)
+
+	if err == gocql.ErrNotFound {
+		slog.Debug("db: user not found", "username", username)
+		return nil, errors.New("User not found")
+	} else if err != nil {
+		slog.Error("db: failed to query user", "error", err)
+		return nil, fmt.Errorf("failed to query user")
+	}
+
+	slog.Debug("db: user found", "userid", user.ID, "username", user.Name)
+	return &user, nil
+}
+
+func dbGetAllUsers() ([]*User, error) {
+	query := `SELECT id, name, password FROM users`
+	iter := db.Session.Query(query).Iter()
+	defer iter.Close()
+
+	var users []*User
+	for {
+		user := &User{}
+		var gid gocql.UUID
+		if !iter.Scan(&gid, &user.Name, &user.Password) {
+			break
+		}
+		user.ID = [16]byte(gid)
+		users = append(users, user)
+	}
+	if err := iter.Close(); err != nil {
+		slog.Error("db: failed to iterate users", "error", err)
+		return nil, fmt.Errorf("failed to iterate users")
+	}
+	if len(users) == 0 {
+		slog.Debug("db: no users found")
+		return nil, errors.New("no users found")
+	}
+
+	slog.Debug("db: user list returned")
+	return users, nil
+}
+
+func dbAddUser(user *User) error {
+	query := `INSERT INTO users (id, name, password) VALUES (?, ?, ?)`
+	err := db.Session.Query(query, gocql.UUID(user.ID), user.Name, user.Password).Exec()
+	if err != nil {
+		slog.Error("db: failed to add user", "error", err, "userid", user.ID, "username", user.Name)
+		return fmt.Errorf("failed to add user")
+	}
+
+	slog.Debug("db: user added", "userid", user.ID, "username", user.Name)
+	return nil
+}

server/api/error.go

@@ -0,0 +1,41 @@
+package api
+
+import (
+	"net/http"
+
+	"github.com/go-chi/render"
+)
+
+type ErrResponse struct {
+	Err            error `json:"-"`
+	HTTPStatusCode int   `json:"-"`
+
+	StatusText string `json:"status"`
+	AppCode    int64  `json:"code,omitempty"`
+	ErrorText  string `json:"error,omitempty"`
+}
+
+func (e *ErrResponse) Render(w http.ResponseWriter, r *http.Request) error {
+	render.Status(r, e.HTTPStatusCode)
+	return nil
+}
+
+func ErrInvalidRequest(err error) render.Renderer {
+	return &ErrResponse{
+		Err:            err,
+		HTTPStatusCode: 400,
+		StatusText:     "Invalid request.",
+		ErrorText:      err.Error(),
+	}
+}
+
+func ErrRender(err error) render.Renderer {
+	return &ErrResponse{
+		Err:            err,
+		HTTPStatusCode: 422,
+		StatusText:     "Error rendering response.",
+		ErrorText:      err.Error(),
+	}
+}
+
+var ErrNotFound = &ErrResponse{HTTPStatusCode: 404, StatusText: "Resource not found."}

server/api/response.go

@@ -0,0 +1,23 @@
+package api
+
+import (
+	"net/http"
+
+	"github.com/go-chi/render"
+)
+
+func NewUserPayloadResponse(user *User) *UserPayload {
+	return &UserPayload{User: user}
+}
+
+func NewUserListResponse(users []*User) []render.Renderer {
+	list := []render.Renderer{}
+	for _, user := range users {
+		list = append(list, NewUserPayloadResponse(user))
+	}
+	return list
+}
+
+func (u *UserPayload) Render(w http.ResponseWriter, r *http.Request) error {
+	return nil
+}

server/api/user.go

@@ -4,6 +4,7 @@ import (
 	"log/slog"
 	"net/http"
 
+	"github.com/go-chi/render"
 	"github.com/google/uuid"
 )
 
@@ -17,6 +18,70 @@ func Whoami(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func ListUsers(w http.ResponseWriter, r *http.Request) {
+	slog.Debug("user: entering ListUsers handler")
+	dbUsers, err := dbGetAllUsers()
+	if err != nil {
+		slog.Error("user: failed to fetch users", "error", err)
+		render.Render(w, r, ErrRender(err))
+		return
+	}
+
+	slog.Debug("user: successfully fetched users", "count", len(dbUsers))
+	if err := render.RenderList(w, r, NewUserListResponse(dbUsers)); err != nil {
+		slog.Error("user: failed to render user list response", "error", err)
+		render.Render(w, r, ErrRender(err))
+		return
+	}
+}
+
+func newUserID() uuid.UUID {
+	return uuid.New()
+}
+
+func NewUser(w http.ResponseWriter, r *http.Request) {
+	slog.Debug("user: entering NewUser handler")
+	err := r.ParseMultipartForm(64 << 10)
+	if err != nil {
+		slog.Error("user: failed to parse multipartform", "error", err)
+		http.Error(w, "Unable to parse form", http.StatusBadRequest)
+		return
+	}
+
+	newUserName := r.FormValue("name")
+	password := r.FormValue("password")
+	if newUserName == "" || password == "" {
+		slog.Error("user: username or password is empty")
+		http.Error(w, "Username and password cannot be empty", http.StatusBadRequest)
+		return
+	}
+
+	slog.Debug("user: hashing password for new user", "userName", newUserName)
+	hashedPassword, err := hashPassword(password)
+	if err != nil {
+		slog.Error("user: failed to hash password", "error", err)
+		http.Error(w, "Unable to hash password", http.StatusInternalServerError)
+		return
+	}
+
+	newUser := User{
+		ID:       newUserID(),
+		Name:     newUserName,
+		Password: hashedPassword,
+	}
+
+	slog.Debug("user: adding new user to database", "userID", newUser.ID, "userName", newUser.Name)
+	err = dbAddUser(&newUser)
+	if err != nil {
+		slog.Error("user: failed to add new user", "userID", newUser.ID, "userName", newUser.Name, "error", err)
+		render.Render(w, r, ErrRender(err))
+		return
+	}
+
+	slog.Debug("user: successfully added new user", "userID", newUser.ID, "userName", newUser.Name)
+	render.Render(w, r, NewUserPayloadResponse(&newUser))
+}
+
 type User struct {
 	ID       uuid.UUID `json:"id"`
 	Name     string    `json:"name"`

server/go.mod

@@ -3,11 +3,14 @@ module git.dubyatp.xyz/dubyatp/scannerbot/server
 go 1.26.3
 
 require (
+	github.com/ajg/form v1.5.1 // indirect
 	github.com/go-chi/chi/v5 v5.2.5 // indirect
+	github.com/go-chi/render v1.0.3 // indirect
 	github.com/gocql/gocql v1.7.0 // indirect
 	github.com/golang/snappy v0.0.3 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed // indirect
 	github.com/joho/godotenv v1.5.1 // indirect
+	golang.org/x/crypto v0.51.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 )

server/go.sum

@@ -1,8 +1,12 @@
+github.com/ajg/form v1.5.1 h1:t9c7v8JUKu/XxOGBU0yjNpaMloxGEJhUkqFRq0ibGeU=
+github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY=
 github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k=
 github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/go-chi/chi/v5 v5.2.5 h1:Eg4myHZBjyvJmAFjFvWgrqDTXFyOzjj7YIm3L3mu6Ug=
 github.com/go-chi/chi/v5 v5.2.5/go.mod h1:X7Gx4mteadT3eDOMTsXzmI4/rwUpOwBHLpAfupzFJP0=
+github.com/go-chi/render v1.0.3 h1:AsXqd2a1/INaIfUSKq3G5uA8weYx20FOsM7uSoCyyt4=
+github.com/go-chi/render v1.0.3/go.mod h1:/gr3hVkmYR0YlEy3LxCuVRFzEu9Ruok+gFqbIofjao0=
 github.com/gocql/gocql v1.7.0 h1:O+7U7/1gSN7QTEAaMEsJc1Oq2QHXvCWoF3DFK9HDHus=
 github.com/gocql/gocql v1.7.0/go.mod h1:vnlvXyFZeLBF0Wy+RS8hrOdbn0UWsWtdg07XJnFxZ+4=
 github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA=
@@ -19,5 +23,7 @@ github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+golang.org/x/crypto v0.51.0 h1:IBPXwPfKxY7cWQZ38ZCIRPI50YLeevDLlLnyC5wRGTI=
+golang.org/x/crypto v0.51.0/go.mod h1:8AdwkbraGNABw2kOX6YFPs3WM22XqI4EXEd8g+x7Oc8=
 gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
 gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=