This repository has been archived by the owner on Jun 12, 2024. It is now read-only.
generated from hay-kot/go-web-template
-
-
Notifications
You must be signed in to change notification settings - Fork 204
/
repo_tokens.go
124 lines (104 loc) · 3.01 KB
/
repo_tokens.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
package repo
import (
"context"
"time"
"github.com/google/uuid"
"github.com/hay-kot/homebox/backend/internal/data/ent"
"github.com/hay-kot/homebox/backend/internal/data/ent/authroles"
"github.com/hay-kot/homebox/backend/internal/data/ent/authtokens"
"github.com/hay-kot/homebox/backend/pkgs/hasher"
"github.com/hay-kot/homebox/backend/pkgs/set"
)
type TokenRepository struct {
db *ent.Client
}
type (
UserAuthTokenCreate struct {
TokenHash []byte `json:"token"`
UserID uuid.UUID `json:"userId"`
ExpiresAt time.Time `json:"expiresAt"`
}
UserAuthToken struct {
UserAuthTokenCreate
CreatedAt time.Time `json:"createdAt"`
}
)
func (u UserAuthToken) IsExpired() bool {
return u.ExpiresAt.Before(time.Now())
}
// GetUserFromToken get's a user from a token
func (r *TokenRepository) GetUserFromToken(ctx context.Context, token []byte) (UserOut, error) {
user, err := r.db.AuthTokens.Query().
Where(authtokens.Token(token)).
Where(authtokens.ExpiresAtGTE(time.Now())).
WithUser().
QueryUser().
WithGroup().
Only(ctx)
if err != nil {
return UserOut{}, err
}
return mapUserOut(user), nil
}
func (r *TokenRepository) GetRoles(ctx context.Context, token string) (*set.Set[string], error) {
tokenHash := hasher.HashToken(token)
roles, err := r.db.AuthRoles.
Query().
Where(authroles.HasTokenWith(
authtokens.Token(tokenHash),
)).
All(ctx)
if err != nil {
return nil, err
}
roleSet := set.Make[string](len(roles))
for _, role := range roles {
roleSet.Insert(role.Role.String())
}
return &roleSet, nil
}
// CreateToken Creates a token for a user
func (r *TokenRepository) CreateToken(ctx context.Context, createToken UserAuthTokenCreate, roles ...authroles.Role) (UserAuthToken, error) {
dbToken, err := r.db.AuthTokens.Create().
SetToken(createToken.TokenHash).
SetUserID(createToken.UserID).
SetExpiresAt(createToken.ExpiresAt).
Save(ctx)
if err != nil {
return UserAuthToken{}, err
}
for _, role := range roles {
_, err := r.db.AuthRoles.Create().
SetRole(role).
SetToken(dbToken).
Save(ctx)
if err != nil {
return UserAuthToken{}, err
}
}
return UserAuthToken{
UserAuthTokenCreate: UserAuthTokenCreate{
TokenHash: dbToken.Token,
UserID: createToken.UserID,
ExpiresAt: dbToken.ExpiresAt,
},
CreatedAt: dbToken.CreatedAt,
}, nil
}
// DeleteToken remove a single token from the database - equivalent to revoke or logout
func (r *TokenRepository) DeleteToken(ctx context.Context, token []byte) error {
_, err := r.db.AuthTokens.Delete().Where(authtokens.Token(token)).Exec(ctx)
return err
}
// PurgeExpiredTokens removes all expired tokens from the database
func (r *TokenRepository) PurgeExpiredTokens(ctx context.Context) (int, error) {
tokensDeleted, err := r.db.AuthTokens.Delete().Where(authtokens.ExpiresAtLTE(time.Now())).Exec(ctx)
if err != nil {
return 0, err
}
return tokensDeleted, nil
}
func (r *TokenRepository) DeleteAll(ctx context.Context) (int, error) {
amount, err := r.db.AuthTokens.Delete().Exec(ctx)
return amount, err
}