rest-api/db/migrations/20240720074103_user_management_roles_jwt.sql

-- migrate:up
CREATE EXTENSION pgcrypto;

CREATE EXTENSION pgjwt;

CREATE FUNCTION internal.check_role_exists ()
  RETURNS TRIGGER
  AS $$
BEGIN
  IF (NOT EXISTS (
    SELECT
      1
    FROM
      pg_roles AS r
    WHERE
      r.rolname = NEW.user_role)) THEN
    RAISE foreign_key_violation
    USING message = 'Unknown database role: ' || NEW.user_role;
  END IF;
    RETURN NULL;
END
$$
LANGUAGE plpgsql;

CREATE CONSTRAINT TRIGGER ensure_user_role_exists
  AFTER INSERT OR UPDATE ON internal.user
  FOR EACH ROW
  EXECUTE FUNCTION internal.check_role_exists ();

CREATE FUNCTION internal.encrypt_pass ()
  RETURNS TRIGGER
  AS $$
BEGIN
  IF TG_OP = 'INSERT' OR NEW.password_hash != OLD.password_hash THEN
    NEW.password_hash = CRYPT(NEW.password_hash, GEN_SALT('bf'));
  END IF;
  RETURN NEW;
END
$$
LANGUAGE plpgsql;

CREATE TRIGGER encrypt_pass
  BEFORE INSERT OR UPDATE ON internal.user
  FOR EACH ROW
  EXECUTE FUNCTION internal.encrypt_pass ();

CREATE FUNCTION internal.user_role (username TEXT, pass TEXT, OUT role_name NAME)
AS $$
BEGIN
  SELECT
    u.user_role INTO role_name
  FROM
    internal.user AS u
  WHERE
    u.username = user_role.username
    AND u.password_hash = CRYPT(user_role.pass, u.password_hash);
END;
$$
LANGUAGE plpgsql;

CREATE FUNCTION api.register (username TEXT, pass TEXT, OUT user_id UUID)
AS $$
DECLARE
  _username_length_min CONSTANT INT := 3;
  _username_length_max CONSTANT INT := 16;
  _password_length_min CONSTANT INT := 12;
  _password_length_max CONSTANT INT := 128;
BEGIN
  IF (LENGTH(register.username)
    NOT BETWEEN _username_length_min AND _username_length_max) THEN
    RAISE string_data_length_mismatch
    USING message = FORMAT('Username must be between %s and %s characters long', _username_length_min, _username_length_max);
  ELSIF (EXISTS (
        SELECT
          1
        FROM
          internal.user AS u
        WHERE
          u.username = register.username)) THEN
    RAISE unique_violation
    USING message = 'Username is already taken';
  ELSIF (LENGTH(register.pass)
      NOT BETWEEN _password_length_min AND _password_length_max) THEN
    RAISE string_data_length_mismatch
    USING message = FORMAT('Password must be between %s and %s characters long', _password_length_min, _password_length_max);
  ELSIF register.pass !~ '[a-z]' THEN
    RAISE invalid_parameter_value
    USING message = 'Password must contain at least one lowercase letter';
  ELSIF register.pass !~ '[A-Z]' THEN
    RAISE invalid_parameter_value
    USING message = 'Password must contain at least one uppercase letter';
  ELSIF register.pass !~ '[0-9]' THEN
    RAISE invalid_parameter_value
    USING message = 'Password must contain at least one number';
  ELSIF register.pass !~ '[!@#$%^&*(),.?":{}|<>]' THEN
    RAISE invalid_parameter_value
    USING message = 'Password must contain at least one special character';
  ELSE
    INSERT INTO internal.user (username, password_hash, user_role)
    SELECT
      register.username,
      register.pass,
      CASE WHEN COUNT(*) = 0 THEN
        'administrator'
      ELSE
        'authenticated_user'
      END
    FROM
      internal.user
    RETURNING
      id INTO user_id;
  END IF;
END;
$$
LANGUAGE plpgsql
SECURITY DEFINER;

CREATE FUNCTION api.login (username TEXT, pass TEXT, OUT token TEXT)
AS $$
DECLARE
  _role NAME;
  _user_id UUID;
  _exp INT := EXTRACT(EPOCH FROM CLOCK_TIMESTAMP())::INT + 43200;
BEGIN
  SELECT
    internal.user_role (login.username, login.pass) INTO _role;
  IF _role IS NULL THEN
    RAISE invalid_password
    USING message = 'Invalid username or password';
  ELSE
    SELECT
      u.id INTO _user_id
    FROM
      internal.user AS u
    WHERE
      u.username = login.username;
    SELECT
      SIGN(JSON_BUILD_OBJECT('role', _role, 'user_id', _user_id, 'username', login.username, 'exp', _exp), CURRENT_SETTING('app.jwt_secret')) INTO token;
  END IF;
END;
$$
LANGUAGE plpgsql
SECURITY DEFINER;

CREATE FUNCTION api.delete_account (pass TEXT, OUT was_deleted BOOLEAN)
AS $$
DECLARE
  _username TEXT := CURRENT_SETTING('request.jwt.claims', TRUE)::JSON ->> 'username';
  _role NAME;
BEGIN
  SELECT
    internal.user_role (_username, delete_account.pass) INTO _role;
  IF _role IS NULL THEN
    RAISE invalid_password
    USING message = 'Invalid password';
  ELSE
    DELETE FROM internal.user AS u
    WHERE u.username = _username;
    was_deleted := TRUE;
  END IF;
END;
$$
LANGUAGE plpgsql
SECURITY DEFINER;

GRANT EXECUTE ON FUNCTION api.register TO anon;

GRANT EXECUTE ON FUNCTION api.login TO anon;

GRANT EXECUTE ON FUNCTION api.delete_account TO authenticated_user;

-- migrate:down
Initial commit 2024-07-31 07:23:32 +02:00			`-- migrate:up`
			`CREATE EXTENSION pgcrypto;`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00
Initial commit 2024-07-31 07:23:32 +02:00			`CREATE EXTENSION pgjwt;`

Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`CREATE FUNCTION internal.check_role_exists ()`
			`RETURNS TRIGGER`
			`AS $$`
Initial commit 2024-07-31 07:23:32 +02:00			`BEGIN`
Show logs and usernames for deleted users and remove svg mimetype for client side 2024-09-14 15:12:08 +02:00			`IF (NOT EXISTS (`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`SELECT`
			`1`
			`FROM`
			`pg_roles AS r`
			`WHERE`
Add administrator role plus manage dashboard and cleanup database migrations 2024-10-08 21:20:44 +02:00			`r.rolname = NEW.user_role)) THEN`
Show logs and usernames for deleted users and remove svg mimetype for client side 2024-09-14 15:12:08 +02:00			`RAISE foreign_key_violation`
Add administrator role plus manage dashboard and cleanup database migrations 2024-10-08 21:20:44 +02:00			`USING message = 'Unknown database role: ' \|\| NEW.user_role;`
Show logs and usernames for deleted users and remove svg mimetype for client side 2024-09-14 15:12:08 +02:00			`END IF;`
			`RETURN NULL;`
Initial commit 2024-07-31 07:23:32 +02:00			`END`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`$$`
			`LANGUAGE plpgsql;`
Initial commit 2024-07-31 07:23:32 +02:00
			`CREATE CONSTRAINT TRIGGER ensure_user_role_exists`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`AFTER INSERT OR UPDATE ON internal.user`
			`FOR EACH ROW`
			`EXECUTE FUNCTION internal.check_role_exists ();`
Initial commit 2024-07-31 07:23:32 +02:00
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`CREATE FUNCTION internal.encrypt_pass ()`
			`RETURNS TRIGGER`
			`AS $$`
Initial commit 2024-07-31 07:23:32 +02:00			`BEGIN`
Update policies for collaborators for stricter rules 2024-08-08 16:30:01 +02:00			`IF TG_OP = 'INSERT' OR NEW.password_hash != OLD.password_hash THEN`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`NEW.password_hash = CRYPT(NEW.password_hash, GEN_SALT('bf'));`
Initial commit 2024-07-31 07:23:32 +02:00			`END IF;`
			`RETURN NEW;`
			`END`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`$$`
			`LANGUAGE plpgsql;`
Initial commit 2024-07-31 07:23:32 +02:00
			`CREATE TRIGGER encrypt_pass`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`BEFORE INSERT OR UPDATE ON internal.user`
			`FOR EACH ROW`
			`EXECUTE FUNCTION internal.encrypt_pass ();`
Initial commit 2024-07-31 07:23:32 +02:00
Add TypeScript definitions via pg-to-ts and refactor migrations 2024-09-10 17:29:57 +02:00			`CREATE FUNCTION internal.user_role (username TEXT, pass TEXT, OUT role_name NAME)`
			`AS $$`
Initial commit 2024-07-31 07:23:32 +02:00			`BEGIN`
Add TypeScript definitions via pg-to-ts and refactor migrations 2024-09-10 17:29:57 +02:00			`SELECT`
Add administrator role plus manage dashboard and cleanup database migrations 2024-10-08 21:20:44 +02:00			`u.user_role INTO role_name`
Add TypeScript definitions via pg-to-ts and refactor migrations 2024-09-10 17:29:57 +02:00			`FROM`
			`internal.user AS u`
			`WHERE`
			`u.username = user_role.username`
			`AND u.password_hash = CRYPT(user_role.pass, u.password_hash);`
Initial commit 2024-07-31 07:23:32 +02:00			`END;`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`$$`
			`LANGUAGE plpgsql;`
Initial commit 2024-07-31 07:23:32 +02:00
Add TypeScript definitions via pg-to-ts and refactor migrations 2024-09-10 17:29:57 +02:00			`CREATE FUNCTION api.register (username TEXT, pass TEXT, OUT user_id UUID)`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`AS $$`
Initial commit 2024-07-31 07:23:32 +02:00			`DECLARE`
			`_username_length_min CONSTANT INT := 3;`
			`_username_length_max CONSTANT INT := 16;`
			`_password_length_min CONSTANT INT := 12;`
			`_password_length_max CONSTANT INT := 128;`
			`BEGIN`
Show logs and usernames for deleted users and remove svg mimetype for client side 2024-09-14 15:12:08 +02:00			`IF (LENGTH(register.username)`
			`NOT BETWEEN _username_length_min AND _username_length_max) THEN`
			`RAISE string_data_length_mismatch`
			`USING message = FORMAT('Username must be between %s and %s characters long', _username_length_min, _username_length_max);`
			`ELSIF (EXISTS (`
			`SELECT`
			`1`
			`FROM`
			`internal.user AS u`
			`WHERE`
			`u.username = register.username)) THEN`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`RAISE unique_violation`
Show logs and usernames for deleted users and remove svg mimetype for client side 2024-09-14 15:12:08 +02:00			`USING message = 'Username is already taken';`
			`ELSIF (LENGTH(register.pass)`
			`NOT BETWEEN _password_length_min AND _password_length_max) THEN`
			`RAISE string_data_length_mismatch`
			`USING message = FORMAT('Password must be between %s and %s characters long', _password_length_min, _password_length_max);`
			`ELSIF register.pass !~ '[a-z]' THEN`
			`RAISE invalid_parameter_value`
			`USING message = 'Password must contain at least one lowercase letter';`
			`ELSIF register.pass !~ '[A-Z]' THEN`
			`RAISE invalid_parameter_value`
			`USING message = 'Password must contain at least one uppercase letter';`
			`ELSIF register.pass !~ '[0-9]' THEN`
			`RAISE invalid_parameter_value`
			`USING message = 'Password must contain at least one number';`
			`ELSIF register.pass !~ '[!@#$%^&*(),.?":{}\|<>]' THEN`
			`RAISE invalid_parameter_value`
			`USING message = 'Password must contain at least one special character';`
			`ELSE`
Add administrator role plus manage dashboard and cleanup database migrations 2024-10-08 21:20:44 +02:00			`INSERT INTO internal.user (username, password_hash, user_role)`
			`SELECT`
			`register.username,`
			`register.pass,`
			`CASE WHEN COUNT(*) = 0 THEN`
			`'administrator'`
			`ELSE`
			`'authenticated_user'`
			`END`
			`FROM`
			`internal.user`
Show logs and usernames for deleted users and remove svg mimetype for client side 2024-09-14 15:12:08 +02:00			`RETURNING`
			`id INTO user_id;`
			`END IF;`
			`END;`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`$$`
			`LANGUAGE plpgsql`
			`SECURITY DEFINER;`
Initial commit 2024-07-31 07:23:32 +02:00
Add TypeScript definitions via pg-to-ts and refactor migrations 2024-09-10 17:29:57 +02:00			`CREATE FUNCTION api.login (username TEXT, pass TEXT, OUT token TEXT)`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`AS $$`
Initial commit 2024-07-31 07:23:32 +02:00			`DECLARE`
			`_role NAME;`
			`_user_id UUID;`
Harden systemd services, restrict file permissions further, add username blocklist and prevent more vulnerabilities 2024-12-08 14:33:33 +01:00			`_exp INT := EXTRACT(EPOCH FROM CLOCK_TIMESTAMP())::INT + 43200;`
Initial commit 2024-07-31 07:23:32 +02:00			`BEGIN`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`SELECT`
Add TypeScript definitions via pg-to-ts and refactor migrations 2024-09-10 17:29:57 +02:00			`internal.user_role (login.username, login.pass) INTO _role;`
Initial commit 2024-07-31 07:23:32 +02:00			`IF _role IS NULL THEN`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`RAISE invalid_password`
			`USING message = 'Invalid username or password';`
Show logs and usernames for deleted users and remove svg mimetype for client side 2024-09-14 15:12:08 +02:00			`ELSE`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`SELECT`
Add theme toggle for templates 2024-10-03 18:51:30 +02:00			`u.id INTO _user_id`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`FROM`
			`internal.user AS u`
			`WHERE`
			`u.username = login.username;`
			`SELECT`
			`SIGN(JSON_BUILD_OBJECT('role', _role, 'user_id', _user_id, 'username', login.username, 'exp', _exp), CURRENT_SETTING('app.jwt_secret')) INTO token;`
Show logs and usernames for deleted users and remove svg mimetype for client side 2024-09-14 15:12:08 +02:00			`END IF;`
Initial commit 2024-07-31 07:23:32 +02:00			`END;`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`$$`
			`LANGUAGE plpgsql`
			`SECURITY DEFINER;`
Initial commit 2024-07-31 07:23:32 +02:00
Add TypeScript definitions via pg-to-ts and refactor migrations 2024-09-10 17:29:57 +02:00			`CREATE FUNCTION api.delete_account (pass TEXT, OUT was_deleted BOOLEAN)`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`AS $$`
Initial commit 2024-07-31 07:23:32 +02:00			`DECLARE`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`_username TEXT := CURRENT_SETTING('request.jwt.claims', TRUE)::JSON ->> 'username';`
Initial commit 2024-07-31 07:23:32 +02:00			`_role NAME;`
			`BEGIN`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`SELECT`
Add TypeScript definitions via pg-to-ts and refactor migrations 2024-09-10 17:29:57 +02:00			`internal.user_role (_username, delete_account.pass) INTO _role;`
Initial commit 2024-07-31 07:23:32 +02:00			`IF _role IS NULL THEN`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`RAISE invalid_password`
			`USING message = 'Invalid password';`
Show logs and usernames for deleted users and remove svg mimetype for client side 2024-09-14 15:12:08 +02:00			`ELSE`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`DELETE FROM internal.user AS u`
			`WHERE u.username = _username;`
			`was_deleted := TRUE;`
Show logs and usernames for deleted users and remove svg mimetype for client side 2024-09-14 15:12:08 +02:00			`END IF;`
Initial commit 2024-07-31 07:23:32 +02:00			`END;`
Add postgres sql file formatting via pg_format 2024-08-08 22:29:04 +02:00			`$$`
			`LANGUAGE plpgsql`
			`SECURITY DEFINER;`
Initial commit 2024-07-31 07:23:32 +02:00
Add administrator role plus manage dashboard and cleanup database migrations 2024-10-08 21:20:44 +02:00			`GRANT EXECUTE ON FUNCTION api.register TO anon;`
Initial commit 2024-07-31 07:23:32 +02:00
Add administrator role plus manage dashboard and cleanup database migrations 2024-10-08 21:20:44 +02:00			`GRANT EXECUTE ON FUNCTION api.login TO anon;`
Initial commit 2024-07-31 07:23:32 +02:00
Add administrator role plus manage dashboard and cleanup database migrations 2024-10-08 21:20:44 +02:00			`GRANT EXECUTE ON FUNCTION api.delete_account TO authenticated_user;`
Add TypeScript definitions via pg-to-ts and refactor migrations 2024-09-10 17:29:57 +02:00
Initial commit 2024-07-31 07:23:32 +02:00			`-- migrate:down`