From 66d4312695e62c41dcf2f77e88c7374becf8be6a Mon Sep 17 00:00:00 2001
From: kekskurse <git@ekskurse.de>
Date: Thu, 13 Mar 2025 16:32:37 +0100
Subject: [PATCH] test: check pw is hashed and not unique

---
 .../migrations/1741770848_init.up.sql         | 13 ++++++-
 pkg/userstore/migrations/schema.sql           | 11 +++++-
 pkg/userstore/users.go                        | 15 +++++---
 pkg/userstore/users_test.go                   | 35 ++++++++++++++++---
 4 files changed, 62 insertions(+), 12 deletions(-)

diff --git a/pkg/userstore/migrations/1741770848_init.up.sql b/pkg/userstore/migrations/1741770848_init.up.sql
index b02971c..64c8d2d 100644
--- a/pkg/userstore/migrations/1741770848_init.up.sql
+++ b/pkg/userstore/migrations/1741770848_init.up.sql
@@ -4,5 +4,16 @@ CREATE TABLE users (
   created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
   updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
   username TEXT NOT NULL UNIQUE,
-  password TEXT NOT NULL UNIQUE
+  password TEXT NOT NULL
 );
+
+CREATE TABLE mail (
+  id INTEGER PRIMARY KEY AUTOINCREMENT,
+  created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+  updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+  mail TEXT NOT NULL UNIQUE,
+  validationCode TEXT NOT NULL UNIQUE,
+  isValidated BOOLEAN NOT NULL DEFAULT 0,
+  isPrimary BOOLEAN NOT NULL DEFAULT 0
+)
+
diff --git a/pkg/userstore/migrations/schema.sql b/pkg/userstore/migrations/schema.sql
index 01b2c42..5b55afe 100644
--- a/pkg/userstore/migrations/schema.sql
+++ b/pkg/userstore/migrations/schema.sql
@@ -9,6 +9,15 @@ CREATE TABLE users (
   created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
   updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
   username TEXT NOT NULL UNIQUE,
-  password TEXT NOT NULL UNIQUE
+  password TEXT NOT NULL
 );
 CREATE TABLE sqlite_sequence(name,seq);
+CREATE TABLE mail (
+  id INTEGER PRIMARY KEY AUTOINCREMENT,
+  created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+  updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+  mail TEXT NOT NULL UNIQUE,
+  validationCode TEXT NOT NULL UNIQUE,
+  isValidated BOOLEAN NOT NULL DEFAULT 0,
+  isPrimary BOOLEAN NOT NULL DEFAULT 0
+);
\ No newline at end of file
diff --git a/pkg/userstore/users.go b/pkg/userstore/users.go
index fc429d0..513ae21 100644
--- a/pkg/userstore/users.go
+++ b/pkg/userstore/users.go
@@ -5,18 +5,23 @@ import (
 	"golang.org/x/crypto/bcrypt"
 )
 
-func (s Store) UserWrite(username, password string) error {
+func (s Store) UserWrite(username, password string) (int64, error) {
 	query := "INSERT INTO users (username, password) VALUES (?, ?);"
 	log := s.log.With().Str("query", query).Str("username", username).Logger()
 
 	pwHash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
 	if err != nil {
-		return utils.WrapError(ErrCantEncryptPassword, err, log)
+		return 0, utils.WrapError(ErrCantEncryptPassword, err, log)
 	}
 
-	_, err = s.db.Exec(query, username, string(pwHash))
+	res, err := s.db.Exec(query, username, string(pwHash))
 	if err != nil {
-		return utils.WrapError(ErrCantExecuteQuery, err, log)
+		return 0, utils.WrapError(ErrCantExecuteQuery, err, log)
 	}
-	return nil
+
+	id, err := res.LastInsertId()
+	if err != nil {
+		return 0, utils.WrapError(ErrCantExecuteQuery, err, log)
+	}
+	return id, nil
 }
diff --git a/pkg/userstore/users_test.go b/pkg/userstore/users_test.go
index 9313d36..3e6a346 100644
--- a/pkg/userstore/users_test.go
+++ b/pkg/userstore/users_test.go
@@ -16,12 +16,14 @@ func TestWriteUser(t *testing.T) {
 		password        string
 		exptError       error
 		exptErrorString string
+		exptUserId      int64
 	}{
 		{
-			name:      "successfull-insert-first-user",
-			username:  "kekskurse",
-			password:  "kekskurse",
-			exptError: nil,
+			name:       "successfull-insert-first-user",
+			username:   "kekskurse",
+			password:   "kekskurse",
+			exptError:  nil,
+			exptUserId: 1,
 		},
 		{
 			name:            "failed-username-alreadey-used",
@@ -29,6 +31,14 @@ func TestWriteUser(t *testing.T) {
 			password:        "kekskurse",
 			exptError:       ErrCantExecuteQuery,
 			exptErrorString: "cant execute query: constraint failed: UNIQUE constraint failed: users.username (2067)",
+			exptUserId:      0,
+		},
+		{
+			name:       "successfull-insert-first-user",
+			username:   "kekskurse2",
+			password:   "kekskurse",
+			exptError:  nil,
+			exptUserId: 2,
 		},
 	}
 
@@ -36,7 +46,8 @@ func TestWriteUser(t *testing.T) {
 	initDabase(t, store)
 	for _, tt := range tts {
 		t.Run(tt.name, func(t *testing.T) {
-			err := store.UserWrite(tt.username, tt.password)
+			id, err := store.UserWrite(tt.username, tt.password)
+			assert.Equal(t, tt.exptUserId, id, "should return right user id")
 			if tt.exptError == nil {
 				assert.Nil(t, err, "should store user without error")
 			} else {
@@ -45,6 +56,20 @@ func TestWriteUser(t *testing.T) {
 			}
 		})
 	}
+
+	// TODO: Check if pw hash are not unique
+	var pw1 string
+	var pw2 string
+	err := store.db.QueryRow("SELECT password FROM users WHERE id = 1").Scan(&pw1)
+	assert.Nil(t, err, "should be abel to query pw1")
+	err = store.db.QueryRow("SELECT password FROM users WHERE id = 2").Scan(&pw2)
+	assert.Nil(t, err, "should be abel to query pw2")
+
+	assert.NotEmpty(t, pw1)
+	assert.NotEmpty(t, pw2)
+	assert.NotEqual(t, "kekskurse", pw1)
+	assert.NotEqual(t, "kekskurse", pw2)
+	assert.NotEqual(t, pw1, pw2, "passwords should not be equal")
 }
 
 func getTestStore(t *testing.T) Store {