package main

import (
	// Standard
	"database/sql"
	"fmt"
)

func (session Session) UpdatePassword(currPass, newPass string) (ok bool, err error) {
	var result sql.Result
	var rowsAffected int64

	result, err = db.Exec(`
		UPDATE public.user
		SET
			password = password_hash(
				/* salt in hex */
				ENCODE(gen_random_bytes(16), 'hex'),

				/* password */
				$1::bytea
			)
		WHERE
			id = $2 AND
			password=password_hash(SUBSTRING(password FROM 1 FOR 32), $3::bytea)
		RETURNING id
	`,
		newPass,
		session.UserID,
		currPass,
	)

	if rowsAffected, err = result.RowsAffected(); err != nil {
		return
	}

	return rowsAffected > 0, nil
}

func createUser() (err error) {
	var username, password string
	fmt.Printf("Username: ")
	fmt.Scanln(&username)
	fmt.Printf("Password: ")
	fmt.Scanln(&password)

	err = CreateDbUser(username, password)
	return
}

func CreateDbUser(username string, password string) (err error) {
	var result sql.Result

	result, err = db.Exec(`
		INSERT INTO public.user(username, password)
		VALUES(
			$1,
			password_hash(
				/* salt in hex */
				ENCODE(gen_random_bytes(16), 'hex'),

				/* password */
				$2::bytea
			)
		)
	`,
		username,
		password,
	)

	_, err = result.RowsAffected()
	return
}