✨ add issued_by column to access token (#8284)

closes #6626 - see #6626 (comment) - adding this column could make our lives easier in the future
TryGhost · Apr 11, 2017 · 049b6d9 · 049b6d9
1 parent a3387ad
commit 049b6d9
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 10 deletions.
diff --git a/core/server/auth/utils.js b/core/server/auth/utils.js
@@ -71,19 +71,20 @@ module.exports.createTokens = function createTokens(options) {
                 }, modelOptions));
             })
             .then(function () {
-                return models.Accesstoken.add({
-                    token: newAccessToken,
+                return models.Refreshtoken.add({
+                    token: newRefreshToken,
                     user_id: userId,
                     client_id: clientId,
-                    expires: accessExpires
+                    expires: refreshExpires
                 }, modelOptions);
             })
-            .then(function () {
-                return models.Refreshtoken.add({
-                    token: newRefreshToken,
+            .then(function (refreshToken) {
+                return models.Accesstoken.add({
+                    token: newAccessToken,
                     user_id: userId,
                     client_id: clientId,
-                    expires: refreshExpires
+                    issued_by: refreshToken.id,
+                    expires: accessExpires
                 }, modelOptions);
             })
             .then(function () {

diff --git a/core/server/data/schema/schema.js b/core/server/data/schema/schema.js
@@ -187,6 +187,7 @@ module.exports = {
         token: {type: 'string', maxlength: 191, nullable: false, unique: true},
         user_id: {type: 'string', maxlength: 24, nullable: false, references: 'users.id'},
         client_id: {type: 'string', maxlength: 24, nullable: false, references: 'clients.id'},
+        issued_by: {type: 'string', maxlength: 24, nullable: true},
         expires: {type: 'bigInteger', nullable: false}
     },
     refreshtokens: {

diff --git a/core/test/functional/routes/api/authentication_spec.js b/core/test/functional/routes/api/authentication_spec.js
@@ -61,12 +61,26 @@ describe('Authentication API', function () {
                     return done(err);
                 }
                 should.not.exist(res.headers['x-cache-invalidate']);
-                var jsonResponse = res.body;
+                var jsonResponse = res.body,
+                    newAccessToken;
+
                 should.exist(jsonResponse.access_token);
                 should.exist(jsonResponse.refresh_token);
                 should.exist(jsonResponse.expires_in);
                 should.exist(jsonResponse.token_type);
-                done();
+
+                models.Accesstoken.findOne({
+                    token: jsonResponse.access_token
+                }).then(function (_newAccessToken) {
+                    newAccessToken = _newAccessToken;
+
+                    return models.Refreshtoken.findOne({
+                        token: jsonResponse.refresh_token
+                    });
+                }).then(function (newRefreshToken) {
+                    newAccessToken.get('issued_by').should.eql(newRefreshToken.id);
+                    done();
+                }).catch(done);
             });
     });
 

diff --git a/core/test/unit/migration_spec.js b/core/test/unit/migration_spec.js
@@ -19,7 +19,7 @@ var should = require('should'), // jshint ignore:line
 // both of which are required for migrations to work properly.
 describe('DB version integrity', function () {
     // Only these variables should need updating
-    var currentSchemaHash = '461181eefd9a9171099093b67c59b90a',
+    var currentSchemaHash = '961370c4b76ac026104182be9bb75695',
         currentFixturesHash = 'ad12de59b939b13dc198611a6438ab51';
 
     // If this test is failing, then it is likely a change has been made that requires a DB version bump,