forked from shieldproject/shield
/
tokens.go
109 lines (92 loc) · 2.43 KB
/
tokens.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
package db
import (
"fmt"
"strings"
"time"
"github.com/pborman/uuid"
)
type AuthToken struct {
UUID uuid.UUID `json:"uuid"`
Session uuid.UUID `json:"session,omitempty"`
Name string `json:"name"`
CreatedAt int64 `json:"created_at"`
LastSeen *int64 `json:"last_seen"`
}
type AuthTokenFilter struct {
UUID string
User *User
Name string
}
func (t AuthTokenFilter) Query() (string, []interface{}) {
wheres := []string{"s.token IS NOT NULL"}
var args []interface{}
if t.UUID != "" {
wheres = append(wheres, "s.token = ?")
args = append(args, t.UUID)
}
if t.Name != "" {
wheres = append(wheres, "s.name = ?")
args = append(args, t.Name)
}
if t.User != nil {
wheres = append(wheres, "u.uuid = ?")
args = append(args, t.User.UUID.String())
}
return `
SELECT s.token, s.uuid, s.created_at, s.last_seen, s.name
FROM sessions s INNER JOIN users u ON s.user_uuid = u.uuid
WHERE ` + strings.Join(wheres, " AND ") + `
ORDER BY s.name, s.uuid`, args
}
func (db *DB) GetAllAuthTokens(filter *AuthTokenFilter) ([]*AuthToken, error) {
if filter == nil {
filter = &AuthTokenFilter{}
}
l := []*AuthToken{}
query, args := filter.Query()
r, err := db.Query(query, args...)
if err != nil {
return l, err
}
defer r.Close()
for r.Next() {
t := &AuthToken{}
var this, session NullUUID
if err = r.Scan(&this, &session, &t.CreatedAt, &t.LastSeen, &t.Name); err != nil {
return l, err
}
t.UUID = this.UUID
t.Session = session.UUID
l = append(l, t)
}
return l, nil
}
func (db *DB) GetAuthToken(id string) (*AuthToken, error) {
r, err := db.GetAllAuthTokens(&AuthTokenFilter{UUID: id})
if err != nil {
return nil, err
}
if len(r) == 0 {
return nil, nil
}
return r[0], nil
}
func (db *DB) GenerateAuthToken(name string, user *User) (*AuthToken, string, error) {
if user == nil {
return nil, "", fmt.Errorf("cannot generate a token without a user")
}
id := uuid.NewRandom().String()
token := uuid.NewRandom().String()
err := db.Exec(`
INSERT INTO sessions (uuid, user_uuid, created_at, token, name)
VALUES (?, ?, ?, ?, ?)`,
id, user.UUID.String(), time.Now().Unix(), token, name)
if err != nil {
return nil, "", err
}
t, err := db.GetAuthToken(token)
return t, token, err
}
func (db *DB) DeleteAuthToken(id string, user *User) error {
return db.Exec(`DELETE FROM sessions WHERE token = ? AND user_uuid = ?`, id, user.UUID.String())
}