diff --git a/server/go.mod b/server/go.mod index 74e51ba..d0f0e30 100644 --- a/server/go.mod +++ b/server/go.mod @@ -5,7 +5,8 @@ go 1.24.1 require ( github.com/caarlos0/env v3.5.0+incompatible github.com/go-chi/chi/v5 v5.2.1 - github.com/go-chi/jwtauth/v5 v5.3.3 + github.com/golang-jwt/jwt/v5 v5.2.2 + github.com/google/uuid v1.6.0 github.com/jackc/pgx/v5 v5.7.4 github.com/rs/zerolog v1.34.0 github.com/wagslane/go-password-validator v0.3.0 @@ -13,20 +14,11 @@ require ( ) require ( - github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect - github.com/goccy/go-json v0.10.5 // indirect - github.com/golang-jwt/jwt/v5 v5.2.2 // indirect github.com/jackc/pgpassfile v1.0.0 // indirect github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect - github.com/lestrrat-go/blackmagic v1.0.2 // indirect - github.com/lestrrat-go/httpcc v1.0.1 // indirect - github.com/lestrrat-go/httprc v1.0.6 // indirect - github.com/lestrrat-go/iter v1.0.2 // indirect - github.com/lestrrat-go/jwx/v2 v2.1.4 // indirect - github.com/lestrrat-go/option v1.0.1 // indirect github.com/mattn/go-colorable v0.1.14 // indirect github.com/mattn/go-isatty v0.0.20 // indirect - github.com/segmentio/asm v1.2.0 // indirect + github.com/stretchr/testify v1.10.0 // indirect golang.org/x/sys v0.31.0 // indirect golang.org/x/text v0.23.0 // indirect ) diff --git a/server/go.sum b/server/go.sum index 88d2973..22c8694 100644 --- a/server/go.sum +++ b/server/go.sum @@ -4,17 +4,13 @@ github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40= github.com/go-chi/chi/v5 v5.2.1 h1:KOIHODQj58PmL80G2Eak4WdvUzjSJSm0vG72crDCqb8= github.com/go-chi/chi/v5 v5.2.1/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops= -github.com/go-chi/jwtauth/v5 v5.3.3 h1:50Uzmacu35/ZP9ER2Ht6SazwPsnLQ9LRJy6zTZJpHEo= -github.com/go-chi/jwtauth/v5 v5.3.3/go.mod h1:O4QvPRuZLZghl9WvfVaON+ARfGzpD2PBX/QY5vUz7aQ= -github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4= -github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8= github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM= github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo= @@ -23,18 +19,6 @@ github.com/jackc/pgx/v5 v5.7.4 h1:9wKznZrhWa2QiHL+NjTSPP6yjl3451BX3imWDnokYlg= github.com/jackc/pgx/v5 v5.7.4/go.mod h1:ncY89UGWxg82EykZUwSpUKEfccBGGYq1xjrOpsbsfGQ= github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo= github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4= -github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k= -github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= -github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= -github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= -github.com/lestrrat-go/httprc v1.0.6 h1:qgmgIRhpvBqexMJjA/PmwSvhNk679oqD1RbovdCGW8k= -github.com/lestrrat-go/httprc v1.0.6/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo= -github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI= -github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= -github.com/lestrrat-go/jwx/v2 v2.1.4 h1:uBCMmJX8oRZStmKuMMOFb0Yh9xmEMgNJLgjuKKt4/qc= -github.com/lestrrat-go/jwx/v2 v2.1.4/go.mod h1:nWRbDFR1ALG2Z6GJbBXzfQaYyvn751KuuyySN2yR6is= -github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU= -github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= @@ -48,13 +32,9 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0= github.com/rs/zerolog v1.34.0 h1:k43nTLIwcTVQAncfCw4KZ2VY6ukYoZaBPNOE8txlOeY= github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6wYQ= -github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys= -github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/wagslane/go-password-validator v0.3.0 h1:vfxOPzGHkz5S146HDpavl0cw1DSVP061Ry2PX0/ON6I= diff --git a/server/pkg/db/models.go b/server/pkg/db/models.go index 6bb1403..0087a0e 100644 --- a/server/pkg/db/models.go +++ b/server/pkg/db/models.go @@ -5,35 +5,47 @@ package db import ( - "github.com/jackc/pgx/v5/pgtype" + "time" + + "github.com/google/uuid" ) type Note struct { - ID pgtype.UUID `json:"id"` - UserID pgtype.UUID `json:"user_id"` - CreatedAt pgtype.Timestamptz `json:"created_at"` - UpdatedAt pgtype.Timestamptz `json:"updated_at"` + ID uuid.UUID `json:"id"` + UserID uuid.UUID `json:"user_id"` + CreatedAt *time.Time `json:"created_at"` + UpdatedAt *time.Time `json:"updated_at"` } type NoteVersion struct { - ID pgtype.UUID `json:"id"` - NoteID pgtype.UUID `json:"note_id"` - Title string `json:"title"` - Content string `json:"content"` - VersionNumber int32 `json:"version_number"` - ContentHash string `json:"content_hash"` - CreatedAt pgtype.Timestamptz `json:"created_at"` + ID uuid.UUID `json:"id"` + NoteID uuid.UUID `json:"note_id"` + Title string `json:"title"` + Content string `json:"content"` + VersionNumber int32 `json:"version_number"` + ContentHash string `json:"content_hash"` + CreatedAt *time.Time `json:"created_at"` +} + +type RefreshToken struct { + ID uuid.UUID `json:"id"` + UserID uuid.UUID `json:"user_id"` + TokenHash string `json:"token_hash"` + ExpiresAt time.Time `json:"expires_at"` + CreatedAt *time.Time `json:"created_at"` + Revoked bool `json:"revoked"` } type SchemaMigration struct { - Version int64 `json:"version"` - AppliedAt pgtype.Timestamptz `json:"applied_at"` + Version int64 `json:"version"` + AppliedAt *time.Time `json:"applied_at"` } type User struct { - ID pgtype.UUID `json:"id"` - Username string `json:"username"` - PasswordHash string `json:"password_hash"` - CreatedAt pgtype.Timestamptz `json:"created_at"` - UpdatedAt pgtype.Timestamptz `json:"updated_at"` + ID uuid.UUID `json:"id"` + Username string `json:"username"` + PasswordHash string `json:"password_hash"` + IsAdmin bool `json:"is_admin"` + CreatedAt *time.Time `json:"created_at"` + UpdatedAt *time.Time `json:"updated_at"` } diff --git a/server/pkg/db/note_versions.sql.go b/server/pkg/db/note_versions.sql.go index 905dc38..ab81198 100644 --- a/server/pkg/db/note_versions.sql.go +++ b/server/pkg/db/note_versions.sql.go @@ -8,7 +8,7 @@ package db import ( "context" - "github.com/jackc/pgx/v5/pgtype" + "github.com/google/uuid" ) const createNoteVersion = `-- name: CreateNoteVersion :one @@ -24,9 +24,9 @@ RETURNING id, note_id, title, content, version_number, content_hash, created_at ` type CreateNoteVersionParams struct { - NoteID pgtype.UUID `json:"note_id"` - Title string `json:"title"` - Content string `json:"content"` + NoteID uuid.UUID `json:"note_id"` + Title string `json:"title"` + Content string `json:"content"` } func (q *Queries) CreateNoteVersion(ctx context.Context, arg CreateNoteVersionParams) (NoteVersion, error) { @@ -53,9 +53,9 @@ SELECT EXISTS( ` type FindDuplicateContentParams struct { - NoteID pgtype.UUID `json:"note_id"` - Column2 []byte `json:"column_2"` - Column3 []byte `json:"column_3"` + NoteID uuid.UUID `json:"note_id"` + Column2 []byte `json:"column_2"` + Column3 []byte `json:"column_3"` } func (q *Queries) FindDuplicateContent(ctx context.Context, arg FindDuplicateContentParams) (bool, error) { @@ -71,8 +71,8 @@ WHERE note_id = $1 AND version_number = $2 LIMIT 1 ` type GetNoteVersionParams struct { - NoteID pgtype.UUID `json:"note_id"` - VersionNumber int32 `json:"version_number"` + NoteID uuid.UUID `json:"note_id"` + VersionNumber int32 `json:"version_number"` } func (q *Queries) GetNoteVersion(ctx context.Context, arg GetNoteVersionParams) (NoteVersion, error) { @@ -98,9 +98,9 @@ LIMIT $2 OFFSET $3 ` type GetNoteVersionsParams struct { - NoteID pgtype.UUID `json:"note_id"` - Limit int32 `json:"limit"` - Offset int32 `json:"offset"` + NoteID uuid.UUID `json:"note_id"` + Limit int32 `json:"limit"` + Offset int32 `json:"offset"` } func (q *Queries) GetNoteVersions(ctx context.Context, arg GetNoteVersionsParams) ([]NoteVersion, error) { diff --git a/server/pkg/db/notes.sql.go b/server/pkg/db/notes.sql.go index 9a471c3..8a31708 100644 --- a/server/pkg/db/notes.sql.go +++ b/server/pkg/db/notes.sql.go @@ -8,7 +8,7 @@ package db import ( "context" - "github.com/jackc/pgx/v5/pgtype" + "github.com/google/uuid" ) const createNote = `-- name: CreateNote :one @@ -17,7 +17,7 @@ VALUES ($1) RETURNING id, user_id, created_at, updated_at ` -func (q *Queries) CreateNote(ctx context.Context, userID pgtype.UUID) (Note, error) { +func (q *Queries) CreateNote(ctx context.Context, userID uuid.UUID) (Note, error) { row := q.db.QueryRow(ctx, createNote, userID) var i Note err := row.Scan( @@ -35,8 +35,8 @@ WHERE id = $1 AND user_id = $2 ` type DeleteNoteParams struct { - ID pgtype.UUID `json:"id"` - UserID pgtype.UUID `json:"user_id"` + ID uuid.UUID `json:"id"` + UserID uuid.UUID `json:"user_id"` } func (q *Queries) DeleteNote(ctx context.Context, arg DeleteNoteParams) error { @@ -50,8 +50,8 @@ WHERE id = $1 AND user_id = $2 LIMIT 1 ` type GetNoteParams struct { - ID pgtype.UUID `json:"id"` - UserID pgtype.UUID `json:"user_id"` + ID uuid.UUID `json:"id"` + UserID uuid.UUID `json:"user_id"` } func (q *Queries) GetNote(ctx context.Context, arg GetNoteParams) (Note, error) { @@ -74,9 +74,9 @@ LIMIT $2 OFFSET $3 ` type ListNotesParams struct { - UserID pgtype.UUID `json:"user_id"` - Limit int32 `json:"limit"` - Offset int32 `json:"offset"` + UserID uuid.UUID `json:"user_id"` + Limit int32 `json:"limit"` + Offset int32 `json:"offset"` } func (q *Queries) ListNotes(ctx context.Context, arg ListNotesParams) ([]Note, error) { diff --git a/server/pkg/db/refresh_tokens.sql.go b/server/pkg/db/refresh_tokens.sql.go new file mode 100644 index 0000000..f817010 --- /dev/null +++ b/server/pkg/db/refresh_tokens.sql.go @@ -0,0 +1,93 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.28.0 +// source: refresh_tokens.sql + +package db + +import ( + "context" + "time" + + "github.com/google/uuid" +) + +const createRefreshToken = `-- name: CreateRefreshToken :one +INSERT INTO refresh_tokens ( + user_id, + token_hash, + expires_at +) VALUES ($1, $2, $3) +RETURNING id, user_id, token_hash, expires_at, created_at, revoked +` + +type CreateRefreshTokenParams struct { + UserID uuid.UUID `json:"user_id"` + TokenHash string `json:"token_hash"` + ExpiresAt time.Time `json:"expires_at"` +} + +func (q *Queries) CreateRefreshToken(ctx context.Context, arg CreateRefreshTokenParams) (RefreshToken, error) { + row := q.db.QueryRow(ctx, createRefreshToken, arg.UserID, arg.TokenHash, arg.ExpiresAt) + var i RefreshToken + err := row.Scan( + &i.ID, + &i.UserID, + &i.TokenHash, + &i.ExpiresAt, + &i.CreatedAt, + &i.Revoked, + ) + return i, err +} + +const deleteExpiredRefreshTokens = `-- name: DeleteExpiredRefreshTokens :exec +DELETE FROM refresh_tokens +WHERE expires_at < NOW() +` + +func (q *Queries) DeleteExpiredRefreshTokens(ctx context.Context) error { + _, err := q.db.Exec(ctx, deleteExpiredRefreshTokens) + return err +} + +const getRefreshTokenByHash = `-- name: GetRefreshTokenByHash :one +SELECT id, user_id, token_hash, expires_at, created_at, revoked FROM refresh_tokens +WHERE token_hash = $1 LIMIT 1 +` + +func (q *Queries) GetRefreshTokenByHash(ctx context.Context, tokenHash string) (RefreshToken, error) { + row := q.db.QueryRow(ctx, getRefreshTokenByHash, tokenHash) + var i RefreshToken + err := row.Scan( + &i.ID, + &i.UserID, + &i.TokenHash, + &i.ExpiresAt, + &i.CreatedAt, + &i.Revoked, + ) + return i, err +} + +const revokeAllUserRefreshTokens = `-- name: RevokeAllUserRefreshTokens :exec +UPDATE refresh_tokens +SET revoked = TRUE +WHERE user_id = $1 +` + +func (q *Queries) RevokeAllUserRefreshTokens(ctx context.Context, userID uuid.UUID) error { + _, err := q.db.Exec(ctx, revokeAllUserRefreshTokens, userID) + return err +} + +const revokeRefreshToken = `-- name: RevokeRefreshToken :exec +UPDATE refresh_tokens +SET revoked = TRUE +WHERE token_hash = $1 +` + +func (q *Queries) RevokeRefreshToken(ctx context.Context, tokenHash string) error { + _, err := q.db.Exec(ctx, revokeRefreshToken, tokenHash) + return err +} diff --git a/server/pkg/db/users.sql.go b/server/pkg/db/users.sql.go index b108422..7b5e45e 100644 --- a/server/pkg/db/users.sql.go +++ b/server/pkg/db/users.sql.go @@ -8,13 +8,13 @@ package db import ( "context" - "github.com/jackc/pgx/v5/pgtype" + "github.com/google/uuid" ) const createUser = `-- name: CreateUser :one INSERT INTO users (username, password_hash) VALUES ($1, $2) -RETURNING id, username, password_hash, created_at, updated_at +RETURNING id, username, password_hash, is_admin, created_at, updated_at ` type CreateUserParams struct { @@ -29,6 +29,7 @@ func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (User, e &i.ID, &i.Username, &i.PasswordHash, + &i.IsAdmin, &i.CreatedAt, &i.UpdatedAt, ) @@ -40,23 +41,24 @@ DELETE FROM users WHERE id = $1 ` -func (q *Queries) DeleteUser(ctx context.Context, id pgtype.UUID) error { +func (q *Queries) DeleteUser(ctx context.Context, id uuid.UUID) error { _, err := q.db.Exec(ctx, deleteUser, id) return err } const getUserByID = `-- name: GetUserByID :one -SELECT id, username, password_hash, created_at, updated_at FROM users +SELECT id, username, password_hash, is_admin, created_at, updated_at FROM users WHERE id = $1 LIMIT 1 ` -func (q *Queries) GetUserByID(ctx context.Context, id pgtype.UUID) (User, error) { +func (q *Queries) GetUserByID(ctx context.Context, id uuid.UUID) (User, error) { row := q.db.QueryRow(ctx, getUserByID, id) var i User err := row.Scan( &i.ID, &i.Username, &i.PasswordHash, + &i.IsAdmin, &i.CreatedAt, &i.UpdatedAt, ) @@ -64,7 +66,7 @@ func (q *Queries) GetUserByID(ctx context.Context, id pgtype.UUID) (User, error) } const getUserByUsername = `-- name: GetUserByUsername :one -SELECT id, username, password_hash, created_at, updated_at FROM users +SELECT id, username, password_hash, is_admin, created_at, updated_at FROM users WHERE username = $1 LIMIT 1 ` @@ -75,12 +77,44 @@ func (q *Queries) GetUserByUsername(ctx context.Context, username string) (User, &i.ID, &i.Username, &i.PasswordHash, + &i.IsAdmin, &i.CreatedAt, &i.UpdatedAt, ) return i, err } +const listUsers = `-- name: ListUsers :many +SELECT id, username, password_hash, is_admin, created_at, updated_at FROM users +` + +func (q *Queries) ListUsers(ctx context.Context) ([]User, error) { + rows, err := q.db.Query(ctx, listUsers) + if err != nil { + return nil, err + } + defer rows.Close() + var items []User + for rows.Next() { + var i User + if err := rows.Scan( + &i.ID, + &i.Username, + &i.PasswordHash, + &i.IsAdmin, + &i.CreatedAt, + &i.UpdatedAt, + ); err != nil { + return nil, err + } + items = append(items, i) + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + const updatePassword = `-- name: UpdatePassword :exec UPDATE users SET password_hash = $2, updated_at = NOW() @@ -88,8 +122,8 @@ WHERE id = $1 ` type UpdatePasswordParams struct { - ID pgtype.UUID `json:"id"` - PasswordHash string `json:"password_hash"` + ID uuid.UUID `json:"id"` + PasswordHash string `json:"password_hash"` } func (q *Queries) UpdatePassword(ctx context.Context, arg UpdatePasswordParams) error { diff --git a/server/sql/migrations/0001_initial.up.sql b/server/sql/migrations/0001_initial.up.sql index 390eced..78ce5fd 100644 --- a/server/sql/migrations/0001_initial.up.sql +++ b/server/sql/migrations/0001_initial.up.sql @@ -9,10 +9,20 @@ CREATE TABLE IF NOT EXISTS users ( id UUID PRIMARY KEY DEFAULT uuid_generate_v4(), username TEXT UNIQUE NOT NULL, password_hash TEXT NOT NULL, + is_admin BOOLEAN NOT NULL DEFAULT false, created_at TIMESTAMPTZ DEFAULT NOW(), updated_at TIMESTAMPTZ DEFAULT NOW() ); +CREATE TABLE IF NOT EXISTS refresh_tokens ( + id UUID PRIMARY KEY DEFAULT gen_random_uuid(), + user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE, + token_hash TEXT NOT NULL, + expires_at TIMESTAMPTZ NOT NULL, + created_at TIMESTAMPTZ DEFAULT NOW(), + revoked BOOLEAN NOT NULL DEFAULT false +); + CREATE TABLE IF NOT EXISTS notes ( id UUID PRIMARY KEY DEFAULT uuid_generate_v4(), user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE, @@ -30,8 +40,10 @@ CREATE TABLE IF NOT EXISTS note_versions ( created_at TIMESTAMPTZ DEFAULT NOW() ); -CREATE UNIQUE INDEX IF NOT EXISTS idx_note_version_unique ON note_versions(note_id, version_number); CREATE UNIQUE INDEX IF NOT EXISTS idx_users_username ON users(username); +CREATE INDEX IF NOT EXISTS idx_refresh_tokens_user_id ON refresh_tokens(user_id); +CREATE INDEX IF NOT EXISTS idx_refresh_tokens_expires_at ON refresh_tokens(expires_at); + +CREATE UNIQUE INDEX IF NOT EXISTS idx_note_version_unique ON note_versions(note_id, version_number); CREATE INDEX IF NOT EXISTS idx_note_versions_note ON note_versions(note_id); CREATE INDEX IF NOT EXISTS idx_note_versions_number ON note_versions(version_number DESC); - diff --git a/server/sql/queries/refresh_tokens.sql b/server/sql/queries/refresh_tokens.sql new file mode 100644 index 0000000..81724f6 --- /dev/null +++ b/server/sql/queries/refresh_tokens.sql @@ -0,0 +1,25 @@ +-- name: CreateRefreshToken :one +INSERT INTO refresh_tokens ( + user_id, + token_hash, + expires_at +) VALUES ($1, $2, $3) +RETURNING *; + +-- name: GetRefreshTokenByHash :one +SELECT * FROM refresh_tokens +WHERE token_hash = $1 LIMIT 1; + +-- name: RevokeRefreshToken :exec +UPDATE refresh_tokens +SET revoked = TRUE +WHERE token_hash = $1; + +-- name: RevokeAllUserRefreshTokens :exec +UPDATE refresh_tokens +SET revoked = TRUE +WHERE user_id = $1; + +-- name: DeleteExpiredRefreshTokens :exec +DELETE FROM refresh_tokens +WHERE expires_at < NOW(); \ No newline at end of file diff --git a/server/sql/queries/users.sql b/server/sql/queries/users.sql index 736fe91..5f24219 100644 --- a/server/sql/queries/users.sql +++ b/server/sql/queries/users.sql @@ -3,6 +3,9 @@ INSERT INTO users (username, password_hash) VALUES ($1, $2) RETURNING *; +-- name: ListUsers :many +SELECT * FROM users; + -- name: GetUserByID :one SELECT * FROM users WHERE id = $1 LIMIT 1; diff --git a/server/sql/sqlc.yaml b/server/sql/sqlc.yaml index 22f8193..b3d3c6c 100644 --- a/server/sql/sqlc.yaml +++ b/server/sql/sqlc.yaml @@ -10,3 +10,15 @@ sql: out: "../pkg/db" sql_package: "pgx/v5" emit_json_tags: true + overrides: + - db_type: "timestamptz" + go_type: + type: "time.Time" + - db_type: "timestamptz" + nullable: true + go_type: + type: "*time.Time" + - db_type: "uuid" + go_type: + import: "github.com/google/uuid" + type: "UUID"