diff options
Diffstat (limited to 'src/guff/models/user.cr')
| -rw-r--r-- | src/guff/models/user.cr | 111 |
1 files changed, 78 insertions, 33 deletions
diff --git a/src/guff/models/user.cr b/src/guff/models/user.cr index bdbb0de..d440c5c 100644 --- a/src/guff/models/user.cr +++ b/src/guff/models/user.cr @@ -23,7 +23,7 @@ class Guff::UserModel < Guff::Model INSERT INTO users(user_name) VALUES (:user_name) ", - update_user: " + edit_user: " UPDATE users SET %{sets} WHERE user_id = :user_id @@ -38,6 +38,12 @@ class Guff::UserModel < Guff::Model (:user_id, :email, :pass_hash) ", + edit_login: " + UPDATE user_logins + SET %{sets} + WHERE user_id = :user_id + ", + login: " SELECT a.user_id, a.pass_hash @@ -92,7 +98,7 @@ class Guff::UserModel < Guff::Model # set active and/or role if active || role - update_user(user_id, + edit_user(user_id, active: active, role: role, ) @@ -111,38 +117,46 @@ class Guff::UserModel < Guff::Model user_id end - def update_user( - user_id : Int64, - name : String? = nil, - active : Bool? = nil, - role : String? = nil, + def edit_user( + user_id : Int64, + name : String? = nil, + active : Bool? = nil, + role : String? = nil, + email : String? = nil, + password : String? = nil, ) - sets = [] of String - args = { "user_id": user_id.to_s } + transaction do + sets = [] of String + args = { "user_id": user_id.to_s } - if name != nil - args["name"] = name.not_nil! - sets << "user_name = :name" - end + if name != nil + args["name"] = name.not_nil! + sets << "user_name = :name" + end - if active != nil - args["is_active"] = active.not_nil! ? "1" : "0" - sets << "is_active = :is_active" - end + if active != nil + args["is_active"] = active.not_nil! ? "1" : "0" + sets << "is_active = :is_active" + end - if role != nil - args["role"] = role.not_nil! - sets << " - role_id = (SELECT role_id - FROM roles - WHERE role_name = :role) - " - end + if role != nil + args["role"] = role.not_nil! + sets << " + role_id = (SELECT role_id + FROM roles + WHERE role_name = :role) + " + end - # exec query - query(:update_user, args, { - "sets": sets.join(", "), - }) if sets.size > 0 + # exec query + query(:edit_user, args, { + "sets": sets.join(", "), + }) if sets.size > 0 + + if email != nil || password != nil + edit_login(user_id, email, password) + end + end end def delete_login(user_id : Int64) @@ -156,11 +170,8 @@ class Guff::UserModel < Guff::Model email : String, password : String, ) - # TODO: check password strength - raise "password too short" if password.size < 4 - # hash password - pass_hash = Crypto::Bcrypt::Password.create(password, cost: 10).to_s + pass_hash = hash_password(password) transaction do # clear old credentials @@ -175,6 +186,32 @@ class Guff::UserModel < Guff::Model end end + private def edit_login( + user_id : Int64, + email : String? = nil, + password : String? = nil, + ) + transaction do + sets = [] of String + args = { "user_id": user_id.to_s } + + if email != nil + args["email"] = email.not_nil! + sets << "email = :email" + end + + if password != nil + args["pass_hash"] = hash_password(password.not_nil!) + sets << "pass_hash = :pass_hash" + end + + # exec query + query(:edit_login, args, { + "sets": sets.join(", "), + }) if sets.size > 0 + end + end + def login( email : String, password : String @@ -198,4 +235,12 @@ class Guff::UserModel < Guff::Model # return user id row["user_id"] as Int64 end + + private def hash_password(password : String) + # TODO: check password strength + raise "password too short" if password.size < 4 + + # hash password + Crypto::Bcrypt::Password.create(password, cost: 10).to_s + end end |