rideaware/rideaware-api
1
0
Fork 0
Code Issues 15 Pull requests Projects 1 Releases Packages Wiki Activity Actions

Compare commits

base: rideaware:daa90869cf6a13f5d47f68b89a5bd435f0271902
Branches Tags
rideaware:main
rideaware:go-rewrite
rideaware:v0.1.0-rewrite
rideaware:v0.1.0-user-login
..
compare: rideaware:e65b56028e1c66dcf1b46d37851804192cf5492a
Branches Tags
rideaware:go-rewrite
rideaware:main
rideaware:v0.1.0-rewrite
rideaware:v0.1.0-user-login

3 commits
daa90869cf ... e65b56028e

Author SHA1 Message Date
Cipher Vance
e65b56028e readd .env 2025-09-19 11:33:51 -05:00
Cipher Vance
7b1df7bce1 feat: more validation on username, email 2025-09-19 11:33:45 -05:00
Cipher Vance
3fec9d794d feat: add cors_origins 2025-09-19 11:33:20 -05:00
3 changed files with 15 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.dockerignore
View file

@ -1,3 +1,4 @@
.env
.git .git
.gitignore .gitignore
README.md README.md

7
main.go
View file

@ -50,7 +50,12 @@ func main() {
MaxAge: 60 * 80 * 24 * 7, // 7 days MaxAge: 60 * 80 * 24 * 7, // 7 days
HttpOnly: true, HttpOnly: true,
Secure: os.Getenv("ENV") == "production", Secure: os.Getenv("ENV") == "production",
SameSite: http.SameSiteLaxMode, SameSite: func() http.SameSite {
if os.Getenv("CORS_ORIGINS") != "" {
return http.SameSiteNoneMode
}
return http.SameSiteLaxMode
}(),
}) })
r.Use(sessions.Sessions("rideaware-session", store)) r.Use(sessions.Sessions("rideaware-session", store))

10
services/user_service.go
View file

@ -19,6 +19,8 @@ func NewUserService(db *gorm.DB) *UserService {
} }
func (s *UserService) CreateUser(username, email, password string) (*models.User, error) { func (s *UserService) CreateUser(username, email, password string) (*models.User, error) {
username = strings.TrimSpace(username)
email = strings.ToLower(strings.TrimSpace(email))
if username == "" || email == "" || password == "" { if username == "" || email == "" || password == "" {
return nil, errors.New("username, email, and password are required") return nil, errors.New("username, email, and password are required")
} }
@ -36,12 +38,15 @@ func (s *UserService) CreateUser(username, email, password string) (*models.User
var existingUser models.User var existingUser models.User
if err := s.db.Where("username = ? OR email = ?", username, email).First(&existingUser).Error; err == nil { if err := s.db.Where("username = ? OR email = ?", username, email).First(&existingUser).Error; err == nil {
return nil, errors.New("user with this username or email already exists") return nil, errors.New("user with this username or email already exists")
} else if !errors.Is(err, gorm.ErrRecordNotFound) {
log.Printf("Error checking existing users: %v", err)
return nil, errors.New("could not create user")
} }
// Create new user // Create new user
user := models.User{ user := models.User{
Username: username, Username: username,
Email: email, Email: strings.ToLower(email),
} }
if err := user.SetPassword(password); err != nil { if err := user.SetPassword(password); err != nil {
log.Printf("Error hashing password: %v", err) log.Printf("Error hashing password: %v", err)
@ -59,7 +64,8 @@ func (s *UserService) CreateUser(username, email, password string) (*models.User
func (s *UserService) VerifyUser(username, password string) (*models.User, error) { func (s *UserService) VerifyUser(username, password string) (*models.User, error) {
var user models.User var user models.User
identifier := strings.TrimSpace(username) identifier := strings.TrimSpace(username)
if err := s.db.Where("username = ? OR email = ?", identifier, strings.ToLower(identifier)).First(&user).Error; err != nil { lid := strings.ToLower(identifier)
if err := s.db.Where("username = ? OR LOWER(email) = ?", identifier, lid).First(&user).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) { if errors.Is(err, gorm.ErrRecordNotFound) {
return nil, errors.New("invalid username or password") return nil, errors.New("invalid username or password")
} }