feat(store): миграция sessions/password + методы users/sessions/projects
Фаза 2, Task 1: добавлена таблица sessions и nullable password_hash у users, sqlc-запросы и *Store-обёртки (CreateUser, GetUserByEmail, CreateProjectForUser, GetProjectOwned, GetUserProject, CreateSession, GetSessionUser, DeleteSession, RegisterUser в транзакции), интеграционные тесты на testcontainers. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01BwxdSt4reTm7Dj1oxRvpP3
This commit is contained in:
@@ -3,9 +3,11 @@ package store
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/jackc/pgx/v5"
|
||||
"github.com/jackc/pgx/v5/pgtype"
|
||||
|
||||
"github.com/vasyakrg/dns-autoresolver/internal/provider"
|
||||
"github.com/vasyakrg/dns-autoresolver/internal/store/db"
|
||||
@@ -222,3 +224,127 @@ func (s *Store) SetDomainTemplate(ctx context.Context, domainID, projectID uuid.
|
||||
}
|
||||
return domainFromDB(d), nil
|
||||
}
|
||||
|
||||
// User and Project are provider-neutral domain structs for the auth/tenant
|
||||
// layer (Фаза 2), mirroring the Account/Template/Domain wrappers above so
|
||||
// callers never need to import internal/store/db directly.
|
||||
|
||||
type User struct {
|
||||
ID uuid.UUID
|
||||
Email string
|
||||
PasswordHash string
|
||||
}
|
||||
|
||||
type Project struct {
|
||||
ID uuid.UUID
|
||||
UserID uuid.UUID
|
||||
Name string
|
||||
}
|
||||
|
||||
// ptr is a small helper for passing a Go string into a nullable text column
|
||||
// (password_hash) via sqlc's generated *string param type.
|
||||
func ptr(s string) *string { return &s }
|
||||
|
||||
// strFromPtr converts a nullable text column back into a plain string; a
|
||||
// nil password_hash never happens on the real registration flow (an argon2
|
||||
// hash is always supplied), but is handled defensively here.
|
||||
func strFromPtr(p *string) string {
|
||||
if p == nil {
|
||||
return ""
|
||||
}
|
||||
return *p
|
||||
}
|
||||
|
||||
func toUser(u db.User) User {
|
||||
return User{ID: u.ID, Email: u.Email, PasswordHash: strFromPtr(u.PasswordHash)}
|
||||
}
|
||||
|
||||
func toProject(p db.Project) Project {
|
||||
return Project{ID: p.ID, UserID: p.UserID, Name: p.Name}
|
||||
}
|
||||
|
||||
func (s *Store) CreateUser(ctx context.Context, email, passwordHash string) (User, error) {
|
||||
u, err := s.q.CreateUser(ctx, db.CreateUserParams{ID: uuid.New(), Email: email, PasswordHash: ptr(passwordHash)})
|
||||
if err != nil {
|
||||
return User{}, err
|
||||
}
|
||||
return toUser(u), nil
|
||||
}
|
||||
|
||||
func (s *Store) GetUserByEmail(ctx context.Context, email string) (User, error) {
|
||||
u, err := s.q.GetUserByEmail(ctx, email)
|
||||
if err != nil {
|
||||
return User{}, err
|
||||
}
|
||||
return toUser(u), nil
|
||||
}
|
||||
|
||||
func (s *Store) CreateProjectForUser(ctx context.Context, userID uuid.UUID, name string) (Project, error) {
|
||||
p, err := s.q.CreateProject(ctx, db.CreateProjectParams{ID: uuid.New(), UserID: userID, Name: name})
|
||||
if err != nil {
|
||||
return Project{}, err
|
||||
}
|
||||
return toProject(p), nil
|
||||
}
|
||||
|
||||
func (s *Store) GetProjectOwned(ctx context.Context, projectID, userID uuid.UUID) (Project, error) {
|
||||
p, err := s.q.GetProjectOwned(ctx, db.GetProjectOwnedParams{ID: projectID, UserID: userID})
|
||||
if err != nil {
|
||||
return Project{}, err
|
||||
}
|
||||
return toProject(p), nil
|
||||
}
|
||||
|
||||
func (s *Store) GetUserProject(ctx context.Context, userID uuid.UUID) (Project, error) {
|
||||
p, err := s.q.GetUserProject(ctx, userID)
|
||||
if err != nil {
|
||||
return Project{}, err
|
||||
}
|
||||
return toProject(p), nil
|
||||
}
|
||||
|
||||
func (s *Store) CreateSession(ctx context.Context, userID uuid.UUID, tokenHash string, expiresAt time.Time) error {
|
||||
return s.q.CreateSession(ctx, db.CreateSessionParams{
|
||||
ID: uuid.New(),
|
||||
UserID: userID,
|
||||
TokenHash: tokenHash,
|
||||
ExpiresAt: pgtype.Timestamptz{Time: expiresAt, Valid: true},
|
||||
})
|
||||
}
|
||||
|
||||
// GetSessionUser returns the owning user ID for a non-expired session token;
|
||||
// expired sessions are excluded by the query itself (expires_at > now()).
|
||||
func (s *Store) GetSessionUser(ctx context.Context, tokenHash string) (uuid.UUID, error) {
|
||||
return s.q.GetSessionUser(ctx, tokenHash)
|
||||
}
|
||||
|
||||
func (s *Store) DeleteSession(ctx context.Context, tokenHash string) error {
|
||||
return s.q.DeleteSession(ctx, tokenHash)
|
||||
}
|
||||
|
||||
// RegisterUser creates a user and their default project in one transaction,
|
||||
// mirroring the ImportDomains pattern above: if project creation fails, the
|
||||
// user insert is rolled back too, so a caller never observes a user without
|
||||
// a default project.
|
||||
func (s *Store) RegisterUser(ctx context.Context, email, passwordHash string) (User, Project, error) {
|
||||
tx, err := s.pool.Begin(ctx)
|
||||
if err != nil {
|
||||
return User{}, Project{}, err
|
||||
}
|
||||
defer tx.Rollback(ctx) // no-op once Commit has succeeded
|
||||
|
||||
q := s.q.WithTx(tx)
|
||||
uid := uuid.New()
|
||||
dbu, err := q.CreateUser(ctx, db.CreateUserParams{ID: uid, Email: email, PasswordHash: ptr(passwordHash)})
|
||||
if err != nil {
|
||||
return User{}, Project{}, err
|
||||
}
|
||||
dbp, err := q.CreateProject(ctx, db.CreateProjectParams{ID: uuid.New(), UserID: uid, Name: "default"})
|
||||
if err != nil {
|
||||
return User{}, Project{}, err
|
||||
}
|
||||
if err := tx.Commit(ctx); err != nil {
|
||||
return User{}, Project{}, err
|
||||
}
|
||||
return toUser(dbu), toProject(dbp), nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user