kekskurse/miniauthold
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

test: check pw is hashed and not unique
All checks were successful
ci/woodpecker/push/test Pipeline was successful
Details
ci/woodpecker/push/playwright Pipeline was successful
Details
ci/woodpecker/push/deplyoment Pipeline was successful
Details

Browse source
This commit is contained in:
kekskurse 2025-03-13 16:32:37 +01:00
parent 66791d32a5
commit 66d4312695
4 changed files with 62 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
pkg/userstore/migrations/1741770848_init.up.sql
View file

@ -4,5 +4,16 @@ CREATE TABLE users (
created_at DATETIME DEFAULT CURRENT_TIMESTAMP, created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP, updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
username TEXT NOT NULL UNIQUE, username TEXT NOT NULL UNIQUE,
password TEXT NOT NULL UNIQUE password TEXT NOT NULL
); );
CREATE TABLE mail (
id INTEGER PRIMARY KEY AUTOINCREMENT,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
mail TEXT NOT NULL UNIQUE,
validationCode TEXT NOT NULL UNIQUE,
isValidated BOOLEAN NOT NULL DEFAULT 0,
isPrimary BOOLEAN NOT NULL DEFAULT 0
)

11
pkg/userstore/migrations/schema.sql
View file

@ -9,6 +9,15 @@ CREATE TABLE users (
created_at DATETIME DEFAULT CURRENT_TIMESTAMP, created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP, updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
username TEXT NOT NULL UNIQUE, username TEXT NOT NULL UNIQUE,
password TEXT NOT NULL UNIQUE password TEXT NOT NULL
); );
CREATE TABLE sqlite_sequence(name,seq); CREATE TABLE sqlite_sequence(name,seq);
CREATE TABLE mail (
id INTEGER PRIMARY KEY AUTOINCREMENT,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
mail TEXT NOT NULL UNIQUE,
validationCode TEXT NOT NULL UNIQUE,
isValidated BOOLEAN NOT NULL DEFAULT 0,
isPrimary BOOLEAN NOT NULL DEFAULT 0
);

15
pkg/userstore/users.go
View file

@ -5,18 +5,23 @@ import (
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
) )
func (s Store) UserWrite(username, password string) error { func (s Store) UserWrite(username, password string) (int64, error) {
query := "INSERT INTO users (username, password) VALUES (?, ?);" query := "INSERT INTO users (username, password) VALUES (?, ?);"
log := s.log.With().Str("query", query).Str("username", username).Logger() log := s.log.With().Str("query", query).Str("username", username).Logger()
pwHash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) pwHash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil { if err != nil {
return utils.WrapError(ErrCantEncryptPassword, err, log) return 0, utils.WrapError(ErrCantEncryptPassword, err, log)
} }
_, err = s.db.Exec(query, username, string(pwHash)) res, err := s.db.Exec(query, username, string(pwHash))
if err != nil { if err != nil {
return utils.WrapError(ErrCantExecuteQuery, err, log) return 0, utils.WrapError(ErrCantExecuteQuery, err, log)
} }
return nil
id, err := res.LastInsertId()
if err != nil {
return 0, utils.WrapError(ErrCantExecuteQuery, err, log)
}
return id, nil
} }

35
pkg/userstore/users_test.go
View file

@ -16,12 +16,14 @@ func TestWriteUser(t *testing.T) {
password string password string
exptError error exptError error
exptErrorString string exptErrorString string
exptUserId int64
}{ }{
{ {
name: "successfull-insert-first-user", name: "successfull-insert-first-user",
username: "kekskurse", username: "kekskurse",
password: "kekskurse", password: "kekskurse",
exptError: nil, exptError: nil,
exptUserId: 1,
}, },
{ {
name: "failed-username-alreadey-used", name: "failed-username-alreadey-used",
@ -29,6 +31,14 @@ func TestWriteUser(t *testing.T) {
password: "kekskurse", password: "kekskurse",
exptError: ErrCantExecuteQuery, exptError: ErrCantExecuteQuery,
exptErrorString: "cant execute query: constraint failed: UNIQUE constraint failed: users.username (2067)", exptErrorString: "cant execute query: constraint failed: UNIQUE constraint failed: users.username (2067)",
exptUserId: 0,
},
{
name: "successfull-insert-first-user",
username: "kekskurse2",
password: "kekskurse",
exptError: nil,
exptUserId: 2,
}, },
} }
@ -36,7 +46,8 @@ func TestWriteUser(t *testing.T) {
initDabase(t, store) initDabase(t, store)
for _, tt := range tts { for _, tt := range tts {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
err := store.UserWrite(tt.username, tt.password) id, err := store.UserWrite(tt.username, tt.password)
assert.Equal(t, tt.exptUserId, id, "should return right user id")
if tt.exptError == nil { if tt.exptError == nil {
assert.Nil(t, err, "should store user without error") assert.Nil(t, err, "should store user without error")
} else { } else {
@ -45,6 +56,20 @@ func TestWriteUser(t *testing.T) {
} }
}) })
} }
// TODO: Check if pw hash are not unique
var pw1 string
var pw2 string
err := store.db.QueryRow("SELECT password FROM users WHERE id = 1").Scan(&pw1)
assert.Nil(t, err, "should be abel to query pw1")
err = store.db.QueryRow("SELECT password FROM users WHERE id = 2").Scan(&pw2)
assert.Nil(t, err, "should be abel to query pw2")
assert.NotEmpty(t, pw1)
assert.NotEmpty(t, pw2)
assert.NotEqual(t, "kekskurse", pw1)
assert.NotEqual(t, "kekskurse", pw2)
assert.NotEqual(t, pw1, pw2, "passwords should not be equal")
} }
func getTestStore(t *testing.T) Store { func getTestStore(t *testing.T) Store {