kacaii.dev / senac-brigade-server
wip: currently rewriting the project as a full stack application tangled.org/kacaii.dev/sigo
gleam
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

:lock: hash password before storing it

Kacaii 8f505be6 c31748dc

+62 -25
+1 -1
justfile
··· 44 44 45 45 #  Runs a SELECT statement to query the users 46 46 list_user_accounts: 47 - psql senac_brigade -c "SELECT * FROM user_account LIMIT 20;" | bat --language=markdown 47 + psql senac_brigade -c "SELECT u.full_name, u.registration, u.phone, u.email FROM user_account as u LIMIT 20;" | bat --language=markdown
+9 -9
priv/sql/rebuild_database.sql
··· 20 20 21 21 CREATE TABLE IF NOT EXISTS user_role ( 22 22 id UUID PRIMARY KEY DEFAULT GEN_RANDOM_UUID(), 23 - name VARCHAR(255) NOT NULL, 23 + name TEXT NOT NULL, 24 24 description TEXT 25 25 ); 26 26 ··· 28 28 id UUID PRIMARY KEY DEFAULT GEN_RANDOM_UUID(), 29 29 role_id UUID REFERENCES user_role (id) 30 30 ON UPDATE CASCADE ON DELETE SET NULL DEFAULT NULL, 31 - full_name VARCHAR(255) NOT NULL, 31 + full_name TEXT NOT NULL, 32 32 password_hash TEXT NOT NULL, 33 - registration VARCHAR(255) UNIQUE NOT NULL, 34 - phone VARCHAR(255) DEFAULT NULL, 35 - email VARCHAR(255) UNIQUE NOT NULL, 33 + registration TEXT UNIQUE NOT NULL, 34 + phone TEXT DEFAULT NULL, 35 + email TEXT UNIQUE NOT NULL, 36 36 is_active BOOLEAN DEFAULT TRUE, 37 37 created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, 38 38 updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ··· 41 41 42 42 CREATE TABLE IF NOT EXISTS brigade ( 43 43 id UUID PRIMARY KEY DEFAULT GEN_RANDOM_UUID(), 44 - name VARCHAR(255) DEFAULT NULL, 44 + name TEXT DEFAULT NULL, 45 45 description TEXT DEFAULT NULL, 46 46 is_active BOOLEAN DEFAULT FALSE 47 47 ); ··· 67 67 -- vv 68 68 parent_type UUID REFERENCES occurrence_type (id) 69 69 ON UPDATE CASCADE ON DELETE CASCADE DEFAULT NULL, 70 - name VARCHAR(255) UNIQUE NOT NULL, 70 + name TEXT UNIQUE NOT NULL, 71 71 description TEXT, 72 72 created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP 73 73 ); ··· 84 84 description TEXT, 85 85 86 86 -- HACK:  There might be a better way to store this 87 - address VARCHAR(255) NOT NULL, 87 + address TEXT NOT NULL, 88 88 89 - reference_point VARCHAR(255) NOT NULL, 89 + reference_point TEXT NOT NULL, 90 90 loss_percentage NUMERIC(2), 91 91 created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, 92 92 updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+50 -13
src/app/routes/signup.gleam
··· 1 1 import app/sql 2 2 import app/web.{type Context} 3 + import argus 3 4 import formal/form 5 + import gleam/result 4 6 import wisp 5 7 6 8 type SignUp { ··· 40 42 41 43 case form_result { 42 44 Error(_) -> wisp.bad_request("Dados inválidos") 43 - Ok(signup_data) -> { 44 - let register_result = 45 - // TODO: 󱔼 Hash the password before storing it 46 - sql.register_new_user( 47 - ctx.conn, 48 - signup_data.name, 49 - signup_data.registration, 50 - signup_data.email, 51 - signup_data.password, 52 - ) 45 + Ok(signup) -> { 46 + // TODO: Check if the user exists first, before trying to insert. 47 + // == -------------------------------------------------------- == 48 + case insert_in_database(signup:, context: ctx) { 49 + Error(err) -> { 50 + let error_message = case err { 51 + // 󱔼 Hashing went wrong 52 + HashFailure -> 53 + wisp.Text("Ocorreu um erro ao encriptografar a senha do usuário") 54 + //  Something when wrong inside the database 55 + InsertError -> 56 + wisp.Text( 57 + "Ocorreu um erro ao inserir o usuário no banco de dados", 58 + ) 59 + } 53 60 54 - case register_result { 55 - Error(_) -> { 56 61 wisp.internal_server_error() 57 - |> wisp.set_body(wisp.Text("Ocorreu um erro ao cadastrar um usuário")) 62 + |> wisp.set_body({ error_message }) 58 63 } 64 + 59 65 Ok(_) -> { 60 66 wisp.created() 67 + // User registred successfully 61 68 |> wisp.set_body(wisp.Text("Cadastro realizado com sucesso")) 62 69 } 63 70 } 64 71 } 65 72 } 66 73 } 74 + 75 + type SignupError { 76 + HashFailure 77 + InsertError 78 + } 79 + 80 + fn insert_in_database( 81 + signup data: SignUp, 82 + context ctx: Context, 83 + ) -> Result(Nil, SignupError) { 84 + use hashes <- result.try( 85 + argus.hasher() 86 + |> argus.hash(data.password, argus.gen_salt()) 87 + |> result.replace_error(HashFailure), 88 + ) 89 + 90 + use _ <- result.try( 91 + sql.register_new_user( 92 + ctx.conn, 93 + data.name, 94 + data.registration, 95 + data.email, 96 + hashes.encoded_hash, 97 + ) 98 + |> result.replace_error(InsertError), 99 + ) 100 + 101 + // No need to return anything from this function 102 + Ok(Nil) 103 + }
+1 -1
src/app/sql.gleam
··· 96 96 let decoder = decode.map(decode.dynamic, fn(_) { Nil }) 97 97 98 98 "INSERT INTO user_account ( 99 - full_name, password_hash, registration, email 99 + full_name, registration, email, password_hash 100 100 ) VALUES ($1, $2, $3, $4) 101 101 " 102 102 |> pog.query
+1 -1
src/app/sql/register_new_user.sql
··· 1 1 INSERT INTO user_account ( 2 - full_name, password_hash, registration, email 2 + full_name, registration, email, password_hash 3 3 ) VALUES ($1, $2, $3, $4)