Add users insecure database queries

upleveled · Oct 22, 2024 · 8e3419c · 8e3419c
1 parent 1314c3e
commit 8e3419c
Showing 1 changed file with 52 additions and 0 deletions.
diff --git a/database/users.ts b/database/users.ts
@@ -0,0 +1,52 @@
+import { cache } from 'react';
+import type { User } from '../migrations/00002-createTableUsers';
+import { sql } from './connect';
+
+type UserWithPasswordHash = User & {
+  passwordHash: string;
+};
+
+export const getUserInsecure = cache(async (username: string) => {
+  const [user] = await sql<User[]>`
+    SELECT
+      users.id,
+      users.username
+    FROM
+      users
+    WHERE
+      username = ${username.toLowerCase()}
+  `;
+  return user;
+});
+
+export const getUserWithPasswordHashInsecure = cache(
+  async (username: string) => {
+    const [user] = await sql<UserWithPasswordHash[]>`
+      SELECT
+        *
+      FROM
+        users
+      WHERE
+        username = ${username.toLowerCase()}
+    `;
+    return user;
+  },
+);
+
+export const createUserInsecure = cache(
+  async (username: string, passwordHash: string) => {
+    const [user] = await sql<User[]>`
+      INSERT INTO
+        users (username, password_hash)
+      VALUES
+        (
+          ${username.toLowerCase()},
+          ${passwordHash}
+        )
+      RETURNING
+        users.id,
+        users.username
+    `;
+    return user;
+  },
+);