Bookra/apps/backend/internal/db/auth.go

package db

import (
	"context"
	"time"

	"github.com/jackc/pgx/v5"
)

func (r *PGRepository) GetUserByEmail(ctx context.Context, email string) (*UserRecord, error) {
	var user UserRecord
	var name, passwordHash *string
	var lastLoginAt *time.Time

	err := r.pool.QueryRow(ctx, `
		SELECT id, email, name, password_hash, email_verified, provider, role, created_at, last_login_at
		FROM users 
		WHERE email = $1
	`, email).Scan(
		&user.ID, &user.Email, &name, &passwordHash,
		&user.EmailVerified, &user.Provider, &user.Role,
		&user.CreatedAt, &lastLoginAt,
	)
	if err == pgx.ErrNoRows {
		return nil, nil
	}
	if err != nil {
		return nil, err
	}

	user.Name = name
	user.PasswordHash = passwordHash
	user.LastLoginAt = lastLoginAt
	return &user, nil
}

func (r *PGRepository) GetUserByID(ctx context.Context, userID string) (*UserRecord, error) {
	var user UserRecord
	var name, passwordHash *string
	var lastLoginAt *time.Time

	err := r.pool.QueryRow(ctx, `
		SELECT id, email, name, password_hash, email_verified, provider, role, created_at, last_login_at
		FROM users 
		WHERE id = $1
	`, userID).Scan(
		&user.ID, &user.Email, &name, &passwordHash,
		&user.EmailVerified, &user.Provider, &user.Role,
		&user.CreatedAt, &lastLoginAt,
	)
	if err == pgx.ErrNoRows {
		return nil, nil
	}
	if err != nil {
		return nil, err
	}

	user.Name = name
	user.PasswordHash = passwordHash
	user.LastLoginAt = lastLoginAt
	return &user, nil
}

func (r *PGRepository) CreateUser(ctx context.Context, email, passwordHash, name, provider, role string) (*UserRecord, error) {
	var user UserRecord
	var lastLoginAt *time.Time

	err := r.pool.QueryRow(ctx, `
		INSERT INTO users (email, password_hash, name, provider, role, email_verified)
		VALUES ($1, $2, $3, $4, $5, false)
		RETURNING id, email, name, password_hash, email_verified, provider, role, created_at, last_login_at
	`, email, nullableString(passwordHash), nullableString(name), provider, role).Scan(
		&user.ID, &user.Email, &user.Name, &user.PasswordHash,
		&user.EmailVerified, &user.Provider, &user.Role,
		&user.CreatedAt, &lastLoginAt,
	)
	if err != nil {
		return nil, err
	}

	user.LastLoginAt = lastLoginAt
	return &user, nil
}

func (r *PGRepository) UpdateLastLogin(ctx context.Context, userID string) error {
	_, err := r.pool.Exec(ctx, `
		UPDATE users SET last_login_at = NOW() WHERE id = $1
	`, userID)
	return err
}

func (r *PGRepository) MarkEmailVerified(ctx context.Context, userID string) error {
	_, err := r.pool.Exec(ctx, `
		UPDATE users SET email_verified = true WHERE id = $1
	`, userID)
	return err
}

func (r *PGRepository) CreateMagicLink(ctx context.Context, token, userID, email string, expiresAt time.Time) error {
	_, err := r.pool.Exec(ctx, `
		INSERT INTO magic_links (token, user_id, email, expires_at)
		VALUES ($1, $2, $3, $4)
	`, token, userID, email, expiresAt)
	return err
}

func (r *PGRepository) GetMagicLink(ctx context.Context, token string) (*MagicLinkRecord, error) {
	var ml MagicLinkRecord
	err := r.pool.QueryRow(ctx, `
		SELECT token, user_id, email, used, expires_at, created_at
		FROM magic_links 
		WHERE token = $1
	`, token).Scan(
		&ml.Token, &ml.UserID, &ml.Email, &ml.Used, &ml.ExpiresAt, &ml.CreatedAt,
	)
	if err == pgx.ErrNoRows {
		return nil, nil
	}
	if err != nil {
		return nil, err
	}
	return &ml, nil
}

func (r *PGRepository) MarkMagicLinkUsed(ctx context.Context, token string) error {
	_, err := r.pool.Exec(ctx, `
		UPDATE magic_links SET used = true WHERE token = $1
	`, token)
	return err
}

func nullableString(s string) interface{} {
	if s == "" {
		return nil
	}
	return s
}