From f6a068fdcef8b7650f010e4bb52f52a3b566e4bd Mon Sep 17 00:00:00 2001
From: Paul Duncan <pabs@pablotron.org>
Date: Fri, 1 Apr 2016 20:08:00 -0400
Subject: add login test

---
 src/guff/models/user.cr | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

(limited to 'src/guff/models/user.cr')

diff --git a/src/guff/models/user.cr b/src/guff/models/user.cr
index 98ae10b..28e317e 100644
--- a/src/guff/models/user.cr
+++ b/src/guff/models/user.cr
@@ -20,6 +20,18 @@ class Guff::UserModel < Guff::Model
       INSERT INTO user_logins(user_id, email, pass_hash) VALUES
         (:user_id, :email, :pass_hash)
     ",
+
+    login: "
+      SELECT a.user_id,
+             a.pass_hash
+
+        FROM user_logins a
+        JOIN users b
+          ON (b.user_id = a.user_id AND
+              b.is_active)
+
+       WHERE a.email = :email
+    ",
   })
 
   def initialize(models : Models)
@@ -125,6 +137,7 @@ class Guff::UserModel < Guff::Model
 
     # hash password
     pass_hash = Crypto::Bcrypt::Password.create(password, cost: 10).to_s
+    # puts "user_id = #{user_id}, email = #{email}, password = #{password}, pass_hash = #{pass_hash}"
 
     transaction do
       # clear old credentials
@@ -138,4 +151,28 @@ class Guff::UserModel < Guff::Model
       }, nil)
     end
   end
+
+  def login(
+    email     : String,
+    password  : String
+  )
+    # map email to user id and pass hash
+    row = row(:login, {
+      "email": email,
+    }, nil)
+
+    raise "invalid login" unless row
+
+    # shut compiler up
+    row = row.not_nil!
+
+    # get pass hash from db
+    pass_hash = Crypto::Bcrypt::Password.new(row["pass_hash"].to_s)
+
+    # compare hash against password
+    raise "invalid login" unless pass_hash == password
+
+    # return user id
+    row["user_id"] as Int64
+  end
 end
-- 
cgit v1.2.3