Extended User type

db config should be taken from environment, but using `flag` was easier

cmd/panelcli/cli.go

@@ -1,40 +1,155 @@
 package main
 
 import (
+	"flag"
 	"fmt"
 	"io"
 	"os"
 
-	"git.lattuga.net/boyska/feedpanel/db"
+	paneldb "git.lattuga.net/boyska/feedpanel/db"
 	"github.com/go-pg/pg"
+	"github.com/howeyc/gopass"
 )
 
+type commandFunc func([]string) error
+
+var globalOptions struct {
+	verbose   bool
+	pgOptions pg.Options
+}
+
+var cmdMap map[string]commandFunc
+
+func init() {
+	cmdMap = map[string]commandFunc{
+		"setup":     cmdSetup,
+		"adduser":   cmdAddUser,
+		"listusers": cmdListUsers,
+	}
+}
+
 func getDB() paneldb.DB {
-	pgdb := pg.Connect(&pg.Options{
+	pgdb := pg.Connect(&globalOptions.pgOptions)
-		User:     "panel",
-		Password: "panelpass",
-		Database: "feeds",
-	})
 	db := paneldb.DB{PgDB: pgdb}
 	return db
 }
 
-type commandFunc func() error
+func cmdSetup(args []string) error {
-
-func cmdSetup() error {
 	db := getDB()
 	err := db.Setup()
 	if err != nil {
 		fmt.Fprintln(os.Stderr, err)
 		os.Exit(1)
 	}
-	fmt.Println("All done")
+	if globalOptions.verbose {
+		fmt.Println("Tables created")
+	}
 	os.Exit(0)
 	return nil
 }
 
-var cmdMap map[string]commandFunc = map[string]commandFunc{
+func askPassword() (string, error) {
-	"setup": cmdSetup,
+	fmt.Print("New password: ")
+	pass, err := gopass.GetPasswd()
+	if err != nil {
+		return "", err
+	}
+	fmt.Print("Retype new password: ")
+	pass2, err := gopass.GetPasswd()
+	if err != nil {
+		return "", err
+	}
+	if string(pass) != string(pass2) {
+		return "", fmt.Errorf("Passwords differ")
+	}
+	return string(pass), nil
+}
+
+func cmdAddUser(args []string) error {
+	flagset := flag.NewFlagSet(args[0], flag.ExitOnError)
+	password := flagset.String("password", "", "set password from command line; INSECURE!")
+	flagset.Parse(args[1:])
+	if len(flagset.Args()) < 2 {
+		fmt.Fprintf(os.Stderr, "Usage: %s [options] USER EMAIL\n", args[0])
+		flagset.PrintDefaults()
+		os.Exit(2)
+	}
+	user := flagset.Args()[0]
+	email := flagset.Args()[1]
+	if *password == "" {
+		pass, err := askPassword()
+		if err != nil {
+			fmt.Fprintln(os.Stderr, "Error:", err)
+			os.Exit(1)
+		}
+		*password = string(pass)
+	}
+	db := getDB()
+	err := db.UserAdd(user, email, *password)
+	if err != nil {
+		fmt.Fprintln(os.Stderr, err)
+		os.Exit(1)
+	}
+	if globalOptions.verbose {
+		fmt.Printf("Success: user %s added\n", user)
+	}
+	os.Exit(0)
+	return nil
+}
+
+func composeListUserOutput(user paneldb.User, usernameFlag, emailFlag, dateCreatedFlag bool) {
+	var row string
+	if usernameFlag {
+		row += user.UserName
+		if emailFlag || !dateCreatedFlag {
+			row += "\t"
+		}
+	}
+	if emailFlag {
+		row += user.Email
+		if !dateCreatedFlag {
+			row += "\t"
+		}
+	}
+	if !dateCreatedFlag {
+		row += user.DateCreated
+	}
+	fmt.Fprintln(os.Stdout, row)
+}
+
+func cmdListUsers(args []string) error {
+	flagset := flag.NewFlagSet(args[0], flag.ExitOnError)
+	usernameFlag := flagset.Bool("no-nick", true, "skip printing usernames")
+	emailFlag := flagset.Bool("no-email", true, "skip printing emails")
+	dateCreatedFlag := flagset.Bool("created", false, "print date of user creation")
+	headerFlag := flagset.Bool("no-header", false, "skip printing the header")
+	flagset.Parse(args[1:])
+	db := getDB()
+	users, err := db.UserList()
+	if err != nil {
+		fmt.Fprintln(os.Stderr, "Error:", err)
+		os.Exit(1)
+	}
+	// Printing the header
+	if *headerFlag {
+		header := paneldb.User{
+			UserName:    "username",
+			Email:       "email",
+			DateCreated: "date_created",
+		}
+		separator := paneldb.User{
+			UserName:    "--------",
+			Email:       "-----",
+			DateCreated: "------------",
+		}
+		composeListUserOutput(header, *usernameFlag, *emailFlag, *dateCreatedFlag)
+		composeListUserOutput(separator, *usernameFlag, *emailFlag, *dateCreatedFlag)
+	}
+	// Printing the user list
+	for _, user := range users {
+		composeListUserOutput(user, *usernameFlag, *emailFlag, *dateCreatedFlag)
+	}
+	return nil
 }
 
 func usage(w io.Writer) {
@@ -46,19 +161,25 @@ func usage(w io.Writer) {
 }
 
 func main() {
-	if len(os.Args) < 2 {
+	flag.StringVar(&globalOptions.pgOptions.User, "db-user", "panel", "The user to connect to database to")
+	flag.StringVar(&globalOptions.pgOptions.Password, "db-pass", "", "database password")
+	flag.StringVar(&globalOptions.pgOptions.Database, "db-name", "feeds", "database name")
+	flag.StringVar(&globalOptions.pgOptions.Addr, "db-addr", "127.0.0.1:5432", "database network address")
+	flag.BoolVar(&globalOptions.verbose, "verbose", false, "verbose output")
+	flag.Parse()
+	if len(flag.Args()) < 1 {
 		fmt.Fprintln(os.Stderr, "Not enough arguments!")
 		usage(os.Stderr)
 		os.Exit(2)
 	}
-	cmdName := os.Args[1]
+	cmdName := flag.Args()[0]
 	cmdFunc, ok := cmdMap[cmdName]
 	if !ok {
-		fmt.Fprintln(os.Stderr, "Invalid command")
+		fmt.Fprintf(os.Stderr, "Invalid command `%s`\n", cmdName)
 		usage(os.Stderr)
 		os.Exit(2)
 	}
-	err := cmdFunc()
+	err := cmdFunc(flag.Args())
 	if err != nil {
 		fmt.Fprintln(os.Stderr, "Error")
 		fmt.Fprintln(os.Stderr, err)

db/db.go

@@ -5,8 +5,17 @@ import (
 
 	"github.com/go-pg/pg"
 	"github.com/pkg/errors"
+	"golang.org/x/crypto/bcrypt"
 )
 
+type User struct {
+	Id           string
+	UserName     string
+	Email        string
+	DateCreated  string
+	PasswordHash string
+}
+
 type DB struct {
 	PgDB   *pg.DB
 	Schema string
@@ -23,6 +32,7 @@ func (db *DB) Setup() error {
 		uid UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
 		username varchar(64) UNIQUE NOT NULL,
 		email varchar(100) UNIQUE NOT NULL,
+		date_created TIMESTAMPTZ NOT NULL DEFAULT NOW(),
 		password varchar(256) NOT NULL
 	)`)
 	if err != nil {
@@ -32,14 +42,27 @@ func (db *DB) Setup() error {
 	return nil
 }
 
-func (db *DB) UserAdd(username, email, pwhash string) error {
+func (db *DB) UserAdd(username, email, pwd string) error {
-	stmt, err := db.PgDB.Prepare("INSERT INTO users.users VALUES ($1, $2, $3)")
+	stmt, err := db.PgDB.Prepare("INSERT INTO users.users (username, email, password) VALUES ($1, $2, $3)")
 	if err != nil {
-		panic("Bad statement in UserAdd")
+		return errors.Wrap(err, "Error preparing insert statement")
 	}
-	_, err = stmt.Exec(username, email, pwhash)
+	pwhash, err := bcrypt.GenerateFromPassword([]byte(pwd), bcrypt.DefaultCost)
 	if err != nil {
-		return errors.Wrapf(err, "Error adding user `%s`", email)
+		return errors.Wrap(err, "Error deriving password (with bcrypt)")
+	}
+	_, err = stmt.Exec(username, email, string(pwhash))
+	if err != nil {
+		return errors.Wrapf(err, "Error adding user `%s`", username)
 	}
 	return nil
 }
+
+func (db *DB) UserList() ([]User, error) {
+	var users []User
+	_, err := db.PgDB.Query(&users, "SELECT * FROM users.users")
+	if err != nil {
+		return users, errors.Wrap(err, "User enumeration failed")
+	}
+	return users, err
+}

go.mod

@@ -2,11 +2,13 @@ module git.lattuga.net/boyska/feedpanel
 
 require (
 	github.com/go-pg/pg v6.15.0+incompatible
+	github.com/howeyc/gopass v0.0.0-20170109162249-bf9dde6d0d2c
 	github.com/jinzhu/inflection v0.0.0-20180308033659-04140366298a // indirect
 	github.com/kr/pretty v0.1.0 // indirect
 	github.com/onsi/gomega v1.4.2 // indirect
 	github.com/pkg/errors v0.8.0
 	github.com/vmihailenco/sasl v0.0.0-20180913092844-58bfd2104008 // indirect
+	golang.org/x/crypto v0.0.0-20180910181607-0e37d006457b
 	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
 	mellium.im/sasl v0.2.1 // indirect
 )