From ff881f063834c59401d0fd536ac0ed0408af789c Mon Sep 17 00:00:00 2001 From: SpeedReach <37238439+SpeedReach@users.noreply.github.com> Date: Mon, 20 May 2024 21:10:53 +0800 Subject: [PATCH 1/2] complete password --- Makefile | 5 +- internal/services/auth/login.go | 17 +++-- internal/services/auth/register.go | 15 ++-- internal/services/group/list_joined.go | 10 +++ migrations/2405200834_add_password.down.sql | 2 + migrations/2405200834_add_password.up.sql | 1 + protobuf/auth.pb.go | 76 +++++++++++++-------- protobuf/auth.proto | 2 + 8 files changed, 91 insertions(+), 37 deletions(-) create mode 100644 migrations/2405200834_add_password.down.sql create mode 100644 migrations/2405200834_add_password.up.sql diff --git a/Makefile b/Makefile index 4db68e8..7367148 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -SUB_DIRS = protobuf migrations +SUB_DIRS = protobuf PACKAGES ?= $(shell go list ./...) all: $(SUB_DIRS) @@ -6,6 +6,9 @@ all: $(SUB_DIRS) $(SUB_DIRS): make -C $@ +migrations: + make -C migrations + test: -mkdir build go test $(PACKAGES) -v -cover -failfast diff --git a/internal/services/auth/login.go b/internal/services/auth/login.go index d081213..121beee 100644 --- a/internal/services/auth/login.go +++ b/internal/services/auth/login.go @@ -3,9 +3,11 @@ package auth import ( "context" "database/sql" + "errors" "github.com/golang-jwt/jwt/v5" "github.com/google/uuid" "go.uber.org/zap" + "golang.org/x/crypto/bcrypt" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" "monify/internal/middlewares" @@ -13,9 +15,9 @@ import ( "time" ) -func findEmailUser(ctx context.Context, email string, db *sql.DB) (uuid.UUID, error) { +func matchEmailUser(ctx context.Context, email string, password string, db *sql.DB) (uuid.UUID, error) { query, err := db.QueryContext(ctx, ` - SELECT user_id + SELECT user_id, password FROM email_login WHERE email = $1`, email) defer query.Close() @@ -28,10 +30,17 @@ func findEmailUser(ctx context.Context, email string, db *sql.DB) (uuid.UUID, er } var userId uuid.UUID - err = query.Scan(&userId) + var hashedPassword string + err = query.Scan(&userId, &hashedPassword) if err != nil { return uuid.Nil, err } + + _ = bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password)) + if err != nil { + return uuid.Nil, errors.New("incorrect password") + } + return userId, nil } @@ -55,7 +64,7 @@ func (s Service) EmailLogin(ctx context.Context, req *monify.EmailLoginRequest) logger := ctx.Value(middlewares.LoggerContextKey{}).(*zap.Logger) db := ctx.Value(middlewares.StorageContextKey{}).(*sql.DB) - userId, err := findEmailUser(ctx, req.Email, db) + userId, err := matchEmailUser(ctx, req.Email, req.Password, db) if err != nil { logger.Error("", zap.Error(err)) return nil, status.Errorf(codes.Internal, "internal err.") diff --git a/internal/services/auth/register.go b/internal/services/auth/register.go index 57ea8e2..f27b288 100644 --- a/internal/services/auth/register.go +++ b/internal/services/auth/register.go @@ -5,6 +5,7 @@ import ( "database/sql" "github.com/google/uuid" "go.uber.org/zap" + "golang.org/x/crypto/bcrypt" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" "monify/internal/middlewares" @@ -24,15 +25,21 @@ func emailExists(ctx context.Context, email string, db *sql.DB) (bool, error) { return rows.Next(), nil } -func createUser(ctx context.Context, db *sql.DB, email string) (uuid.UUID, error) { +func createUser(ctx context.Context, db *sql.DB, email string, password string) (uuid.UUID, error) { + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) + if err != nil { + return [16]byte{}, err + } + userId := uuid.New() - _, err := db.ExecContext(ctx, ` + _, err = db.ExecContext(ctx, ` INSERT INTO user_identity (user_id) VALUES ($1) `, userId) if err != nil { return uuid.Nil, err } - _, err = db.ExecContext(ctx, `INSERT INTO email_login(email, user_id) VALUES ($1, $2)`, email, userId) + + _, err = db.ExecContext(ctx, `INSERT INTO email_login(email, user_id, password) VALUES ($1, $2, $3)`, email, userId, string(hashedPassword)) if err != nil { return uuid.Nil, err } @@ -51,7 +58,7 @@ func (s Service) EmailRegister(ctx context.Context, req *monify.EmailRegisterReq return nil, status.Error(codes.AlreadyExists, "Email already exists.") } - userId, err := createUser(ctx, db, req.Email) + userId, err := createUser(ctx, db, req.Email, req.Password) if err != nil { logger.Error("failed to create user", zap.Error(err)) return nil, status.Error(codes.Internal, "Internal err.") diff --git a/internal/services/group/list_joined.go b/internal/services/group/list_joined.go index 654521e..228430a 100644 --- a/internal/services/group/list_joined.go +++ b/internal/services/group/list_joined.go @@ -1 +1,11 @@ package group + +import ( + "context" + monify "monify/protobuf" +) + +func (g Service) ListJoinedGroups(context.Context, *monify.Empty) (*monify.ListJoinedGroupsResponse, error) { + panic("") + +} diff --git a/migrations/2405200834_add_password.down.sql b/migrations/2405200834_add_password.down.sql new file mode 100644 index 0000000..283fd2d --- /dev/null +++ b/migrations/2405200834_add_password.down.sql @@ -0,0 +1,2 @@ +ALTER TABLE email_login DROP COLUMN password; + diff --git a/migrations/2405200834_add_password.up.sql b/migrations/2405200834_add_password.up.sql new file mode 100644 index 0000000..5eb69b4 --- /dev/null +++ b/migrations/2405200834_add_password.up.sql @@ -0,0 +1 @@ +ALTER TABLE email_login ADD COLUMN password CHAR(255) NOT NULL; diff --git a/protobuf/auth.pb.go b/protobuf/auth.pb.go index f1a5f21..e76f235 100644 --- a/protobuf/auth.pb.go +++ b/protobuf/auth.pb.go @@ -25,7 +25,8 @@ type EmailLoginRequest struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + Password string `protobuf:"bytes,2,opt,name=password,proto3" json:"password,omitempty"` } func (x *EmailLoginRequest) Reset() { @@ -67,6 +68,13 @@ func (x *EmailLoginRequest) GetEmail() string { return "" } +func (x *EmailLoginRequest) GetPassword() string { + if x != nil { + return x.Password + } + return "" +} + type EmailLoginResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -135,7 +143,8 @@ type EmailRegisterRequest struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + Password string `protobuf:"bytes,2,opt,name=password,proto3" json:"password,omitempty"` } func (x *EmailRegisterRequest) Reset() { @@ -177,6 +186,13 @@ func (x *EmailRegisterRequest) GetEmail() string { return "" } +func (x *EmailRegisterRequest) GetPassword() string { + if x != nil { + return x.Password + } + return "" +} + type EmailRegisterResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -227,34 +243,38 @@ func (x *EmailRegisterResponse) GetUserId() string { var File_auth_proto protoreflect.FileDescriptor var file_auth_proto_rawDesc = []byte{ - 0x0a, 0x0a, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x29, 0x0a, 0x11, + 0x0a, 0x0a, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x45, 0x0a, 0x11, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x22, 0x74, 0x0a, 0x12, 0x45, 0x6d, 0x61, 0x69, 0x6c, - 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x16, 0x0a, - 0x06, 0x75, 0x73, 0x65, 0x72, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x75, - 0x73, 0x65, 0x72, 0x49, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, - 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, - 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, - 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x2c, 0x0a, - 0x14, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, - 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x22, 0x2f, 0x0a, 0x15, 0x45, - 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, - 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x75, 0x73, 0x65, 0x72, 0x49, 0x64, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x75, 0x73, 0x65, 0x72, 0x49, 0x64, 0x32, 0x88, 0x01, 0x0a, - 0x0b, 0x41, 0x75, 0x74, 0x68, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x37, 0x0a, 0x0a, - 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x12, 0x12, 0x2e, 0x45, 0x6d, 0x61, - 0x69, 0x6c, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x13, - 0x2e, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, - 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x40, 0x0a, 0x0d, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, - 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x12, 0x15, 0x2e, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, - 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, - 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x1e, 0x5a, 0x1c, 0x67, 0x69, 0x74, 0x68, 0x75, - 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x70, 0x65, 0x65, 0x64, 0x52, 0x65, 0x61, 0x63, 0x68, - 0x2f, 0x6d, 0x6f, 0x6e, 0x69, 0x66, 0x79, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, + 0x6f, 0x72, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, + 0x6f, 0x72, 0x64, 0x22, 0x74, 0x0a, 0x12, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x4c, 0x6f, 0x67, 0x69, + 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x75, 0x73, 0x65, + 0x72, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x75, 0x73, 0x65, 0x72, 0x49, + 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, + 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, + 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, + 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x66, + 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x48, 0x0a, 0x14, 0x45, 0x6d, 0x61, + 0x69, 0x6c, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, + 0x6f, 0x72, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, + 0x6f, 0x72, 0x64, 0x22, 0x2f, 0x0a, 0x15, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x67, 0x69, + 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x16, 0x0a, 0x06, + 0x75, 0x73, 0x65, 0x72, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x75, 0x73, + 0x65, 0x72, 0x49, 0x64, 0x32, 0x88, 0x01, 0x0a, 0x0b, 0x41, 0x75, 0x74, 0x68, 0x53, 0x65, 0x72, + 0x76, 0x69, 0x63, 0x65, 0x12, 0x37, 0x0a, 0x0a, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x4c, 0x6f, 0x67, + 0x69, 0x6e, 0x12, 0x12, 0x2e, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x13, 0x2e, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x4c, 0x6f, + 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x40, 0x0a, + 0x0d, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x12, 0x15, + 0x2e, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x67, + 0x69, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, + 0x1e, 0x5a, 0x1c, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x70, + 0x65, 0x65, 0x64, 0x52, 0x65, 0x61, 0x63, 0x68, 0x2f, 0x6d, 0x6f, 0x6e, 0x69, 0x66, 0x79, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/protobuf/auth.proto b/protobuf/auth.proto index df807ef..2242e1f 100644 --- a/protobuf/auth.proto +++ b/protobuf/auth.proto @@ -10,6 +10,7 @@ service AuthService{ message EmailLoginRequest{ string email = 1; + string password = 2; } @@ -22,6 +23,7 @@ message EmailLoginResponse{ message EmailRegisterRequest{ string email = 1; + string password = 2; } message EmailRegisterResponse{ From 6bfd971c412cf8ba17b600f2971aa5dce6854002 Mon Sep 17 00:00:00 2001 From: SpeedReach <37238439+SpeedReach@users.noreply.github.com> Date: Mon, 20 May 2024 21:13:30 +0800 Subject: [PATCH 2/2] complete password --- migrations/2405190114_add_group_invite_code.down.sql | 3 --- migrations/2405190114_add_group_invite_code.up.sql | 3 --- protobuf/Makefile | 1 - 3 files changed, 7 deletions(-) delete mode 100644 migrations/2405190114_add_group_invite_code.down.sql delete mode 100644 migrations/2405190114_add_group_invite_code.up.sql diff --git a/migrations/2405190114_add_group_invite_code.down.sql b/migrations/2405190114_add_group_invite_code.down.sql deleted file mode 100644 index 9400f25..0000000 --- a/migrations/2405190114_add_group_invite_code.down.sql +++ /dev/null @@ -1,3 +0,0 @@ - -ALTER TABLE "group" DROP COLUMN invite_code; -ALTER TABLE "group" DROP COLUMN invite_code_expires_at; \ No newline at end of file diff --git a/migrations/2405190114_add_group_invite_code.up.sql b/migrations/2405190114_add_group_invite_code.up.sql deleted file mode 100644 index cc754d3..0000000 --- a/migrations/2405190114_add_group_invite_code.up.sql +++ /dev/null @@ -1,3 +0,0 @@ -ALTER TABLE "group" ADD COLUMN "invite_code" CHAR(6) default ''; -ALTER TABLE "group" ADD COLUMN "invite_code_expires" TIMESTAMP default CURRENT_TIMESTAMP; - diff --git a/protobuf/Makefile b/protobuf/Makefile index 46bd070..4c578c2 100644 --- a/protobuf/Makefile +++ b/protobuf/Makefile @@ -1,4 +1,3 @@ - MODULES = $(wildcard *.proto) OUTPUT = $(MODULES:%.proto=%.pb.go)