Uses uuid to avoid easy inferral of user ids

2024-04-28 20:21:56 +02:00 · 2024-04-28 20:21:56 +02:00 · 932edb8da7
commit 932edb8da7
parent 800c839b53
5 changed files with 23 additions and 12 deletions
--- a/go.mod
+++ b/go.mod
@ -31,7 +31,7 @@ require (
 	github.com/godror/knownpb v0.1.1 // indirect
 	github.com/gofiber/fiber/v2 v2.52.4 // indirect
 	github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe // indirect
-	github.com/google/uuid v1.5.0 // indirect
+	github.com/google/uuid v1.6.0 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/huandu/xstrings v1.4.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -74,6 +74,8 @@ github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
 github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
 github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
--- a/internal/api/user.go
+++ b/internal/api/user.go
@ -4,27 +4,36 @@ import (
 	"freed/internal/model"

 	"github.com/gofiber/fiber/v2"
+	"github.com/gofiber/fiber/v2/log"
+	"github.com/google/uuid"
 )

+var defaultUserError = fiber.NewError(fiber.ErrInternalServerError.Code, "Could not create user")
+
 func (h *Handler) createUser(c *fiber.Ctx) error {
 	user := new(model.User)

-	if err := c.BodyParser(user); err != nil {
-		return err
+	userId, idErr := uuid.NewRandom()
+
+	if idErr != nil {
+		log.Warn(idErr)
+		return defaultUserError
 	}

-	result, err := h.db.Exec("INSERT INTO user (first_name, email) VALUES (?, ?)", user.FirstName, user.Email)
+	user.ID = userId.String()

-	if err != nil {
-		return err
+	if parseErr := c.BodyParser(user); parseErr != nil {
+		log.Warn(parseErr)
+		return defaultUserError
 	}

-	id, err := result.LastInsertId()
+	_, insertErr := h.db.Exec("INSERT INTO user (id, first_name, email) VALUES (?, ?, ?)", user.ID, user.FirstName, user.Email)

-	if err != nil {
-		return err
+	if insertErr != nil {
+		log.Warn(insertErr)
+		return defaultUserError
 	}

 	c.SendStatus(201)
-	return c.JSON(&fiber.Map{"userId": id})
+	return c.JSON(&fiber.Map{"userId": userId})
 }
--- a/internal/database/migrations/1_initial.sql
+++ b/internal/database/migrations/1_initial.sql
@ -1,6 +1,6 @@
 -- +migrate Up
 CREATE table user (
-  id INTEGER PRIMARY KEY,
+  id text PRIMARY KEY,
  first_name text NOT NULL,
  email text NOT NULL
 );
--- a/internal/model/user.go
+++ b/internal/model/user.go
@ -1,7 +1,7 @@
 package model

 type User struct {
-	ID        uint32
+	ID        string `json: id`
 	FirstName string `json: "firstName"`
 	Email     string `json: "email"`
 }