33module Server.User.Persistence.Postgres (mkHandle ) where
44
55import Prelude
6-
76import Control.Monad.Except (throwError )
87import Data.Array (head )
98import Data.Either (Either (..))
@@ -29,7 +28,7 @@ mkHandle p =
2928findByCredentials :: Pool -> Credentials -> Aff Result
3029findByCredentials pool { email, password } =
3130 withClient pool \conn ->
32- query readJson (Query """ SELECT * FROM "user" WHERE email = $1 AND password = $2 """ :: Query User )
31+ query readJson (Query """ SELECT * FROM "user" WHERE email = $1 AND password = crypt($2, password) """ :: Query User )
3332 [ p_ email, p_ password ]
3433 conn
3534 >>= validate
@@ -53,15 +52,25 @@ findById pool id =
5352insert :: Pool -> Raw -> Aff Result
5453insert pool u =
5554 withClient pool \conn ->
56- query readJson (Query """ INSERT INTO "user" (bio, email, image, password, username) VALUES ($1, $2, $3, $4 , $5) RETURNING *""" :: Query User )
55+ query readJson (Query """ INSERT INTO "user" (bio, email, image, password, username) VALUES ($1, $2, $3, crypt($4, gen_salt('bf')) , $5) RETURNING *""" :: Query User )
5756 [ p_ u.bio, p_ u.email, p_ u.image, p_ u.password, p_ u.username ]
5857 conn
5958 >>= validate
6059
6160update :: Pool -> Raw -> UserId -> Aff Result
6261update pool r id =
6362 withClient pool \conn ->
64- query readJson (Query """ UPDATE "user" SET bio = $1, email = $2, image = $3, password = $4, username = $5 WHERE id = $6 RETURNING *""" :: Query User )
63+ query readJson
64+ ( Query
65+ """ UPDATE "user" SET bio = $1, email = $2, image = $3
66+ , password =
67+ CASE
68+ WHEN password = crypt($4, password) THEN password
69+ ELSE crypt($4, gen_salt('bf'))
70+ END
71+ , username = $5 WHERE id = $6 RETURNING *""" ::
72+ Query User
73+ )
6574 [ p_ r.bio, p_ r.email, p_ r.image, p_ r.password, p_ r.username, p_ id ]
6675 conn
6776 >>= validate
0 commit comments