/
authkeys.go
47 lines (39 loc) · 1.3 KB
/
authkeys.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package models
import (
"strings"
"gorm.io/gorm"
)
// Each user account can have a list of authenticator public keys stored for it. These are valid for a set number of days
// and can also be revoked. The key is a public key stored in PEM format.
// When signing authenticator certificates, we will only sign a CSR if the public key is valid for the account.
type AuthKey struct {
gorm.Model
Key string
UserID uint
}
// CreateAuthKey creates a new AuthKey object in the database
func CreateAuthKey(k *AuthKey) error {
// get rid of extra carriage return
k.Key = strings.ReplaceAll(k.Key, "\r\n", "\n")
err := db.Create(&k).Error
return err
}
// GetAuthKeysForUser retrieves all AuthKeys for a provided user
func GetAuthKeysForUser(user User) ([]AuthKey, error) {
authKeys := []AuthKey{}
err := db.Where("user_id = ?", user.ID).Find(&authKeys).Error
return authKeys, err
}
func AuthKeyPresent(key string, authKeys []AuthKey) (bool) {
for i := 0; i < len(authKeys); i++ {
if authKeys[i].Key == key {
return true
}
}
return false
}
// DeleteAuthKey deletes an AuthKey using its key. This should only be called by the authorized user,
// after they have logged in (so at the finish part of a FIDO2 login).
func DeleteAuthKey(key string) error {
return db.Where("key = ?", key).Delete(&AuthKey{}).Error
}