Refactor user package to Store interface with PostgreSQL support

Extract database operations from Manager into a Store interface with SQLite and PostgreSQL implementations using a shared commonStore. Split SQLite migrations into store_sqlite_migrations.go, use shared schema_version table for PostgreSQL, rename user_user/user_tier tables to "user"/tier, and wire up database-url in CLI commands.
2026-02-16 22:39:54 -05:00
parent 60fa50f0d5
commit 07c3e280bf
10 changed files with 2053 additions and 1137 deletions
--- a/cmd/user.go
+++ b/cmd/user.go
@@ -29,6 +29,7 @@ var flagsUser = append(
 	&cli.StringFlag{Name: "config", Aliases: []string{"c"}, EnvVars: []string{"NTFY_CONFIG_FILE"}, Value: server.DefaultConfigFile, DefaultText: server.DefaultConfigFile, Usage: "config file"},
 	altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-file", Aliases: []string{"auth_file", "H"}, EnvVars: []string{"NTFY_AUTH_FILE"}, Usage: "auth database file used for access control"}),
 	altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-default-access", Aliases: []string{"auth_default_access", "p"}, EnvVars: []string{"NTFY_AUTH_DEFAULT_ACCESS"}, Value: "read-write", Usage: "default permissions if no matching entries in the auth database are found"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "database-url", Aliases: []string{"database_url"}, EnvVars: []string{"NTFY_DATABASE_URL"}, Usage: "PostgreSQL connection string for database-backed stores"}),
 )

 var cmdUser = &cli.Command{
@@ -365,24 +366,32 @@ func createUserManager(c *cli.Context) (*user.Manager, error) {
 	authFile := c.String("auth-file")
 	authStartupQueries := c.String("auth-startup-queries")
 	authDefaultAccess := c.String("auth-default-access")
-	if authFile == "" {
-		return nil, errors.New("option auth-file not set; auth is unconfigured for this server")
-	} else if !util.FileExists(authFile) {
-		return nil, errors.New("auth-file does not exist; please start the server at least once to create it")
-	}
+	databaseURL := c.String("database-url")
 	authDefault, err := user.ParsePermission(authDefaultAccess)
 	if err != nil {
 		return nil, errors.New("if set, auth-default-access must start set to 'read-write', 'read-only', 'write-only' or 'deny-all'")
 	}
 	authConfig := &user.Config{
-		Filename:            authFile,
-		StartupQueries:      authStartupQueries,
 		DefaultAccess:       authDefault,
 		ProvisionEnabled:    false, // Hack: Do not re-provision users on manager initialization
 		BcryptCost:          user.DefaultUserPasswordBcryptCost,
 		QueueWriterInterval: user.DefaultUserStatsQueueWriterInterval,
 	}
-	return user.NewManager(authConfig)
+	var store user.Store
+	if databaseURL != "" {
+		store, err = user.NewPostgresStore(databaseURL)
+	} else if authFile != "" {
+		if !util.FileExists(authFile) {
+			return nil, errors.New("auth-file does not exist; please start the server at least once to create it")
+		}
+		store, err = user.NewSQLiteStore(authFile, authStartupQueries)
+	} else {
+		return nil, errors.New("option database-url or auth-file not set; auth is unconfigured for this server")
+	}
+	if err != nil {
+		return nil, err
+	}
+	return user.NewManager(store, authConfig)
 }

 func readPasswordAndConfirm(c *cli.Context) (string, error) {