1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
package auth
import (
"bytes"
"context"
"encoding/json"
"errors"
"fmt"
"net/http"
"net/url"
"github.com/jackc/pgx/v5"
"golang.org/x/crypto/bcrypt"
"github.com/nsfisis/iosdc-japan-2024-albatross/backend/db"
)
var (
ErrInvalidRegistrationToken = errors.New("invalid registration token")
ErrNoRegistrationToken = errors.New("no registration token")
ErrForteeLoginFailed = errors.New("fortee login failed")
)
func Login(
ctx context.Context,
queries *db.Queries,
username string,
password string,
registrationToken *string,
) (int, error) {
userAuth, err := queries.GetUserAuthByUsername(ctx, username)
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
err := signup(ctx, queries, username, password, registrationToken)
if err != nil {
return 0, err
}
return Login(ctx, queries, username, password, nil)
}
return 0, err
}
if userAuth.AuthType == "password" {
passwordHash := userAuth.PasswordHash
if passwordHash == nil {
panic("inconsistant data")
}
err := bcrypt.CompareHashAndPassword([]byte(*passwordHash), []byte(password))
if err != nil {
return 0, err
}
return int(userAuth.UserID), nil
} else if userAuth.AuthType == "fortee" {
if err := verifyForteeAccount(ctx, username, password); err != nil {
return 0, err
}
return int(userAuth.UserID), nil
}
panic(fmt.Sprintf("unexpected auth type: %s", userAuth.AuthType))
}
func signup(
ctx context.Context,
queries *db.Queries,
username string,
password string,
registrationToken *string,
) error {
if err := verifyRegistrationToken(ctx, queries, registrationToken); err != nil {
return err
}
if err := verifyForteeAccount(ctx, username, password); err != nil {
return err
}
// TODO: transaction
userID, err := queries.CreateUser(ctx, username)
if err != nil {
return err
}
if err := queries.CreateUserAuth(ctx, db.CreateUserAuthParams{
UserID: userID,
AuthType: "fortee",
}); err != nil {
return err
}
return nil
}
func verifyRegistrationToken(ctx context.Context, queries *db.Queries, registrationToken *string) error {
if registrationToken == nil {
return ErrNoRegistrationToken
}
exists, err := queries.IsRegistrationTokenValid(ctx, *registrationToken)
if err != nil {
return err
}
if !exists {
return ErrInvalidRegistrationToken
}
return nil
}
func verifyForteeAccount(_ context.Context, username string, password string) error {
reqData := url.Values{}
reqData.Set("username", username)
reqData.Set("password", password)
reqBody := reqData.Encode()
req, err := http.NewRequest("POST", "https://fortee.jp/api/user/login", bytes.NewBufferString(reqBody))
if err != nil {
return fmt.Errorf("http.NewRequest failed: %w", err)
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Accept", "application/json")
client := &http.Client{}
res, err := client.Do(req)
if err != nil {
return fmt.Errorf("client.Do failed: %v", err)
}
defer res.Body.Close()
resData := struct {
LoggedIn bool `json:"loggedIn"`
}{}
if err := json.NewDecoder(res.Body).Decode(&resData); err != nil {
return fmt.Errorf("json.Decode failed: %v", err)
}
if !resData.LoggedIn {
return ErrForteeLoginFailed
}
return nil
}
|
