Working on securing routes and adding auth levels.

2014-12-18 11:14:55 -09:00 · 2014-12-18 11:14:55 -09:00 · ea73ecedb9
commit ea73ecedb9
parent f912a434b5
11 changed files with 141 additions and 51 deletions
--- a/datastore/users.go
+++ b/datastore/users.go
@ -51,3 +51,15 @@ func (s *usersStore) List(opt *models.UserListOptions) ([]*models.User, error) {
 	}
 	return users, nil
 }
+
+func (s *usersStore) Authenticate(username string, password string) (*string, error) {
+	var users []*models.User
+	if err := s.dbh.Select(&users, `SELECT * FROM users WHERE username=$1;`, username); err != nil {
+		return nil, err
+	}
+	if len(users) == 0 {
+		return nil, models.ErrUserNotFound
+	}
+	auth_level := "read"
+	return &auth_level, nil
+}
--- a/datastore/users_test.go
+++ b/datastore/users_test.go
@ -20,7 +20,7 @@ func insertUser(t *testing.T, tx *modl.Transaction) *models.User {
 }

 func newUser() *models.User {
-	return &models.User{UserName: "Test User"}
+	return &models.User{Username: "Test User"}
 }

 func TestUsersStore_Get_db(t *testing.T) {
@ -86,3 +86,21 @@ func TestUsersStore_List_db(t *testing.T) {
 		t.Errorf("got users %+v, want %+v", users, want)
 	}
 }
+
+func TestUsersStore_Authenticate_db(t *testing.T) {
+	tx, _ := DB.Begin()
+	defer tx.Rollback()
+
+	user := insertUser(t, tx)
+
+	d := NewDatastore(tx)
+
+	auth_level, err := d.Users.Authenticate(user.Username, "password")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if *auth_level != "read" {
+		t.Errorf("expecting read, got %+v", auth_level)
+	}
+}