use queryrow, check if player exists before making

2022-06-22 21:20:15 -04:00 · 2022-06-22 21:20:15 -04:00 · a9ea786279
commit a9ea786279
parent e7cc5f4ba7
3 changed files with 103 additions and 89 deletions
--- a/db.go
+++ b/db.go
@ -57,18 +57,18 @@ func getAuthToken(username string, password string) (string, error) {
 	sqlStatement := `
 	SELECT auth_token FROM users WHERE username = ? AND password = ?;
 	`
-	rows, err := DB.Query(sqlStatement, username, password)
-	if err != nil {
-		return "", err
-	}
-	defer rows.Close()
+	row := DB.QueryRow(sqlStatement, username, password)

-	// check amount of rows
-	if rows.Next() {
 	// get auth token
 	var authToken string
-		rows.Scan(&authToken)
-		rows.Close()
+	err := row.Scan(&authToken)
+	if err != nil {
+		if err != sql.ErrNoRows {
+			return "", err
+		} else {
+			return "", &NotFoundError{}
+		}
+	}
 	if authToken == "" {
 		// generate new authToken
 		authToken = uuid.New().String()
@ -82,9 +82,6 @@ func getAuthToken(username string, password string) (string, error) {
 		}
 	}
 	return authToken, nil
-	} else {
-		return "", &NotFoundError{}
-	}
 }

 func checkClientToken(clientToken string, userName string) (string, error) {
@ -92,14 +89,14 @@ func checkClientToken(clientToken string, userName string) (string, error) {
 	sqlStatement := `
 	SELECT id FROM users WHERE client_token = ? AND username = ?;
 	`
-	rows, err := DB.Query(sqlStatement, clientToken, userName)
-	if err != nil {
+	var x string
+	err := DB.QueryRow(sqlStatement, clientToken, userName).Scan(&x)
+
+	// check if row exists
+	if err != nil && err != sql.ErrNoRows {
 		return "", err
 	}
-	defer rows.Close()
-
-	// check amount of rows
-	if rows.Next() {
+	if err == nil {
 		return clientToken, nil
 	} else {
 		clientToken = uuid.New().String()
@ -141,61 +138,71 @@ func clearAuthToken(username string) error {
 func createUser(username string, adminToken string) (string, error) {
 	// check if adminToken is valid
 	if validateAdminToken(adminToken) {
+		exists, err := playerExistsByUsername(username)
+		if err != nil {
+			return "", err
+		}
+		if !exists {
 			password := uuid.New().String()
 			insertUser(username, password)
 			return password, nil
+		} else {
+			return "", &AlreadyExistsError{}
+		}
 	} else {
 		return "", &InvalidCredentialsError{}
 	}
 }

+func playerExistsByUsername(username string) (bool, error) {
+	sqlStatement := `
+	SELECT username FROM users WHERE username = ?;
+	`
+	var x string
+	err := DB.QueryRow(sqlStatement, username).Scan(&x)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return false, nil
+		}
+		return false, err
+	}
+	return true, nil
+}
+
 func getPlayerUUID(username string) (string, error) {
 	sqlStatement := `
 	SELECT uuid FROM users WHERE username = ?;
 	`
-	rows, err := DB.Query(sqlStatement, username)
-	if err != nil {
-		return "", err
-	}
-	defer rows.Close()
+	row := DB.QueryRow(sqlStatement, username)

-	// check amount of rows
-	if rows.Next() {
-		// get uuid
 	var uuid string
-		err = rows.Scan(&uuid)
+	err := row.Scan(&uuid)
 	if err != nil {
 		return "", err
 	}
 	return uuid, nil
-	} else {
-		return "", &NotFoundError{}
-	}
 }

 func refreshTokens(refresh RefreshPayload) (RefreshPayload, error) {
 	sqlStatement := `
 	SELECT id FROM users WHERE auth_token = ? and client_token = ?;
 	`
-	rows, err := DB.Query(sqlStatement, refresh.AccessToken, refresh.ClientToken)
-	if err != nil {
-		return RefreshPayload{}, err
-	}
-	if rows.Next() {
+	row := DB.QueryRow(sqlStatement, refresh.AccessToken, refresh.ClientToken)
+
 	// get id
 	var id int
-		err = rows.Scan(&id)
-		rows.Close()
+	err := row.Scan(&id)
+
 	if err != nil {
 		return RefreshPayload{}, err
 	}
 	// generate new authToken
 	authToken := uuid.New().String()
 	// update authToken
-		sqlStatement := `
+	sqlStatement = `
 	UPDATE users SET auth_token = ? WHERE id = ?;
 	`
-		_, err := DB.Exec(sqlStatement, authToken, id)
+	_, err = DB.Exec(sqlStatement, authToken, id)
 	if err != nil {
 		return RefreshPayload{}, err
 	}
@ -212,24 +219,21 @@ func refreshTokens(refresh RefreshPayload) (RefreshPayload, error) {
 	refresh.AccessToken = authToken
 	refresh.ClientToken = clientToken
 	return refresh, nil
-	} else {
-		return refresh, nil
-	}
 }

 func validateTokens(authToken string, clientToken string) (bool, error) {
 	sqlStatement := `
 	SELECT id FROM users WHERE auth_token = ? and client_token = ?;
 	`
-	rows, err := DB.Query(sqlStatement, authToken, clientToken)
+	var x string
+	err := DB.QueryRow(sqlStatement, authToken, clientToken).Scan(&x)
 	if err != nil {
-		return false, err
-	}
-	if rows.Next() {
-		return true, nil
-	} else {
+		if err == sql.ErrNoRows {
 			return false, nil
 		}
+		return false, err
+	}
+	return true, nil
 }

 func invalidateTokens(authToken string, clientToken string) error {
--- a/types.go
+++ b/types.go
@ -63,3 +63,9 @@ type InvalidCredentialsError struct{}
 func (m *InvalidCredentialsError) Error() string {
 	return "Invalid credentials"
 }
+
+type AlreadyExistsError struct{}
+
+func (m *AlreadyExistsError) Error() string {
+	return "The specified item already exists"
+}
--- a/util.go
+++ b/util.go
@ -33,6 +33,10 @@ func handleError(w http.ResponseWriter, err error) {
 	switch err.Error() {
 	case "unexpected end of JSON input":
 		sendError(w, YggError{Code: 400, Error: "Bad Request", ErrorMessage: "The request data is malformed."})
+	case "The specified item already exists":
+		sendError(w, YggError{Code: 400, Error: "Bad Request", ErrorMessage: "The specified item already exists."})
+	case "Invalid credentials":
+		sendError(w, YggError{Code: 400, Error: "Bad Request", ErrorMessage: "Invalid credentials"})
 	default:
 		sendError(w, YggError{Code: 500, Error: "Unspecified error", ErrorMessage: "An error has occured handling your request."})
 	}