Merge branch 'main' into dont-be-authoritative

Reviewed-on: #4

database/users.go

@@ -5,6 +5,7 @@ import (
 	"log"
 	"time"
 
+	"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
 	_ "github.com/mattn/go-sqlite3"
 )
 
@@ -50,12 +51,7 @@ func GetUser(dbConn *sql.DB, id string) (*User, error) {
 func FindOrSaveUser(dbConn *sql.DB, user *User) (*User, error) {
 	log.Println("finding or saving user", user.ID)
 
-	_, err := dbConn.Exec(`INSERT OR IGNORE INTO users (id, mail, username, display_name) VALUES (?, ?, ?, ?);`, user.ID, user.Mail, user.Username, user.DisplayName)
-	if err != nil {
-		return nil, err
-	}
-
-	_, err = dbConn.Exec(`UPDATE users SET mail = ?, username = ?, display_name = ? WHERE id = ?;`, user.Mail, user.Username, user.DisplayName, user.ID)
+	_, err := dbConn.Exec(`INSERT INTO users (id, mail, username, display_name) VALUES (?, ?, ?, ?) ON CONFLICT(id) DO UPDATE SET mail = excluded.mail, username = excluded.username, display_name = excluded.display_name;`, user.ID, user.Mail, user.Username, user.DisplayName)
 	if err != nil {
 		return nil, err
 	}
@@ -67,8 +63,9 @@ func MakeUserSessionFor(dbConn *sql.DB, user *User) (*UserSession, error) {
 	log.Println("making session for user", user.ID)
 
 	expireAt := time.Now().Add(time.Hour * 12)
+	sessionId := utils.RandomId()
 
-	_, err := dbConn.Exec(`INSERT OR REPLACE INTO user_sessions (id, user_id, expire_at) VALUES (?, ?, ?);`, user.ID, user.ID, time.Now().Add(ExpiryDuration))
+	_, err := dbConn.Exec(`INSERT OR REPLACE INTO user_sessions (id, user_id, expire_at) VALUES (?, ?, ?);`, sessionId, user.ID, time.Now().Add(ExpiryDuration))
 
 	if err != nil {
 		log.Println(err)
@@ -76,7 +73,7 @@ func MakeUserSessionFor(dbConn *sql.DB, user *User) (*UserSession, error) {
 	}
 
 	return &UserSession{
-		ID:       user.ID,
+		ID:       sessionId,
 		UserID:   user.ID,
 		ExpireAt: expireAt,
 	}, nil