-- Deploy numerus:login to pg
-- requires: roles
-- requires: schema_numerus
-- requires: email
-- requires: user
-- requires: find_user_role

begin;

set search_path to numerus, auth;

create or replace function login(email email, password text) returns name as
$$
declare
	role name;
begin
	select auth.find_user_role(email, password) into role;
	if role is null then
		raise invalid_password using message = 'invalid user or password';
	end if;
	return role;
end;
$$
language plpgsql
stable
security definer;

comment on function login(email, text) is
'Checks that the email and password pair is valid and returns the user’s databasse role.';

revoke execute on function login(email, text) from public;
grant execute on function login(email, text) to guest;

commit;