add login test

1 files changed, 37 insertions, 0 deletions

diff --git a/src/guff/models/user.cr b/src/guff/models/user.cr
index 98ae10b..28e317e 100644
--- a/src/guff/models/user.cr
+++ b/src/guff/models/user.cr
@@ -20,6 +20,18 @@ class Guff::UserModel < Guff::Model
       INSERT INTO user_logins(user_id, email, pass_hash) VALUES
         (:user_id, :email, :pass_hash)
     ",
+
+    login: "
+      SELECT a.user_id,
+             a.pass_hash
+
+        FROM user_logins a
+        JOIN users b
+          ON (b.user_id = a.user_id AND
+              b.is_active)
+
+       WHERE a.email = :email
+    ",
   })
 
   def initialize(models : Models)
@@ -125,6 +137,7 @@ class Guff::UserModel < Guff::Model
 
     # hash password
     pass_hash = Crypto::Bcrypt::Password.create(password, cost: 10).to_s
+    # puts "user_id = #{user_id}, email = #{email}, password = #{password}, pass_hash = #{pass_hash}"
 
     transaction do
       # clear old credentials
@@ -138,4 +151,28 @@ class Guff::UserModel < Guff::Model
       }, nil)
     end
   end
+
+  def login(
+    email     : String,
+    password  : String
+  )
+    # map email to user id and pass hash
+    row = row(:login, {
+      "email": email,
+    }, nil)
+
+    raise "invalid login" unless row
+
+    # shut compiler up
+    row = row.not_nil!
+
+    # get pass hash from db
+    pass_hash = Crypto::Bcrypt::Password.new(row["pass_hash"].to_s)
+
+    # compare hash against password
+    raise "invalid login" unless pass_hash == password
+
+    # return user id
+    row["user_id"] as Int64
+  end
 end