From 932edb8da7c9963d3b5da002feecb0ebd0cc7831 Mon Sep 17 00:00:00 2001 From: Dennis Schoepf Date: Sun, 28 Apr 2024 20:21:56 +0200 Subject: [PATCH] Uses uuid to avoid easy inferral of user ids --- go.mod | 2 +- go.sum | 2 ++ internal/api/user.go | 27 ++++++++++++++-------- internal/database/migrations/1_initial.sql | 2 +- internal/model/user.go | 2 +- 5 files changed, 23 insertions(+), 12 deletions(-) diff --git a/go.mod b/go.mod index 697fb92..e811521 100644 --- a/go.mod +++ b/go.mod @@ -31,7 +31,7 @@ require ( github.com/godror/knownpb v0.1.1 // indirect github.com/gofiber/fiber/v2 v2.52.4 // indirect github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe // indirect - github.com/google/uuid v1.5.0 // indirect + github.com/google/uuid v1.6.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/huandu/xstrings v1.4.0 // indirect diff --git a/go.sum b/go.sum index 4e24d83..4855395 100644 --- a/go.sum +++ b/go.sum @@ -74,6 +74,8 @@ github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU= github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= diff --git a/internal/api/user.go b/internal/api/user.go index c5e712e..7bf5fc2 100644 --- a/internal/api/user.go +++ b/internal/api/user.go @@ -4,27 +4,36 @@ import ( "freed/internal/model" "github.com/gofiber/fiber/v2" + "github.com/gofiber/fiber/v2/log" + "github.com/google/uuid" ) +var defaultUserError = fiber.NewError(fiber.ErrInternalServerError.Code, "Could not create user") + func (h *Handler) createUser(c *fiber.Ctx) error { user := new(model.User) - if err := c.BodyParser(user); err != nil { - return err + userId, idErr := uuid.NewRandom() + + if idErr != nil { + log.Warn(idErr) + return defaultUserError } - result, err := h.db.Exec("INSERT INTO user (first_name, email) VALUES (?, ?)", user.FirstName, user.Email) + user.ID = userId.String() - if err != nil { - return err + if parseErr := c.BodyParser(user); parseErr != nil { + log.Warn(parseErr) + return defaultUserError } - id, err := result.LastInsertId() + _, insertErr := h.db.Exec("INSERT INTO user (id, first_name, email) VALUES (?, ?, ?)", user.ID, user.FirstName, user.Email) - if err != nil { - return err + if insertErr != nil { + log.Warn(insertErr) + return defaultUserError } c.SendStatus(201) - return c.JSON(&fiber.Map{"userId": id}) + return c.JSON(&fiber.Map{"userId": userId}) } diff --git a/internal/database/migrations/1_initial.sql b/internal/database/migrations/1_initial.sql index e9de64e..8b1a1af 100644 --- a/internal/database/migrations/1_initial.sql +++ b/internal/database/migrations/1_initial.sql @@ -1,6 +1,6 @@ -- +migrate Up CREATE table user ( - id INTEGER PRIMARY KEY, + id text PRIMARY KEY, first_name text NOT NULL, email text NOT NULL ); diff --git a/internal/model/user.go b/internal/model/user.go index 1b9e325..db736f6 100644 --- a/internal/model/user.go +++ b/internal/model/user.go @@ -1,7 +1,7 @@ package model type User struct { - ID uint32 + ID string `json: id` FirstName string `json: "firstName"` Email string `json: "email"` }