Add: handle not active user

2021-12-13 14:28:24 +08:00
parent ab67575976
commit f1e8dcfad4
4 changed files with 11 additions and 4 deletions
--- a/pkg/api/handle_error.go
+++ b/pkg/api/handle_error.go
@@ -12,6 +12,7 @@ var (
 	ErrNotAdmin = errors.New("not admin")
 	ErrEmpty = errors.New("Empty field detected, please fill in all fields")
 	ErrAnonymous = errors.New("Anonymous user detected, please login")
+	ErrNotActive = errors.New("User is not active")
 )

 type Error struct {
--- a/pkg/api/handle_user.go
+++ b/pkg/api/handle_user.go
@@ -94,6 +94,12 @@ func (api *API) HandleLogin(w http.ResponseWriter, r *http.Request) {
 		}
 	}

+	// if user is not active
+	if !user.Active {
+		api.HandleError(w, r, ErrNotActive)
+		return
+	}
+
 	// save session
 	session.Values["userId"] = user.ID
 	err = session.Save(r, w)
--- a/pkg/database/method_user.go
+++ b/pkg/database/method_user.go
@@ -4,7 +4,7 @@ func (database *Database) Login(username string, password string) (*User, error)
 	user := &User{}

 	// get user from database
-	err := database.stmt.getUser.QueryRow(username, password).Scan(&user.ID, &user.Username, &user.Role, &user.AvatarId)
+	err := database.stmt.getUser.QueryRow(username, password).Scan(&user.ID, &user.Username, &user.Role, &user.Active, &user.AvatarId)
 	if err != nil {
 		return user, err
 	}
@@ -49,7 +49,7 @@ func (database *Database) GetUserById(id int64) (*User, error) {
 	user := &User{}

 	// get user from database
-	err := database.stmt.getUserById.QueryRow(id).Scan(&user.ID, &user.Username, &user.Role, &user.AvatarId)
+	err := database.stmt.getUserById.QueryRow(id).Scan(&user.ID, &user.Username, &user.Role, &user.Active, &user.AvatarId)
 	if err != nil {
 		return user, err
 	}
--- a/pkg/database/sql_stmt.go
+++ b/pkg/database/sql_stmt.go
@@ -178,11 +178,11 @@ var countUserQuery = `SELECT count(*) FROM users;`

 var countAdminQuery = `SELECT count(*) FROM users WHERE role= 1;`

-var getUserQuery = `SELECT id, username, role, avatar_id FROM users WHERE username = ? AND password = ? LIMIT 1;`
+var getUserQuery = `SELECT id, username, role, active, avatar_id FROM users WHERE username = ? AND password = ? LIMIT 1;`

 var getUsersQuery = `SELECT id, username, role, active, avatar_id FROM users;`

-var getUserByIdQuery = `SELECT id, username, role, avatar_id FROM users WHERE id = ? LIMIT 1;`
+var getUserByIdQuery = `SELECT id, username, role, active, avatar_id FROM users WHERE id = ? LIMIT 1;`

 var updateUserActiveQuery = `UPDATE users SET active = ? WHERE id = ?;`