From 6a2b21378783e0924977db314aa7d8e1333289ad Mon Sep 17 00:00:00 2001 From: mstar Date: Fri, 4 Apr 2025 16:15:25 +0200 Subject: [PATCH] Add access token check to auth --- auth-new/errors.go | 4 ++++ cmd/model-gen/main.go | 8 +------- storage-new/dbgen/access_tokens.gen.go | 20 ++++++++++++++++++++ storage-new/models/TokenAccess.go | 9 +++++++++ 4 files changed, 34 insertions(+), 7 deletions(-) diff --git a/auth-new/errors.go b/auth-new/errors.go index b655563..f56c862 100644 --- a/auth-new/errors.go +++ b/auth-new/errors.go @@ -26,6 +26,10 @@ var ( ErrInvalidPasskeyRegistrationData = errors.New( "stored passkey registration data was formatted badly", ) + // The given token has expired + ErrTokenExpired = errors.New("token expired") + // The given token doesn't exist + ErrTokenNotFound = errors.New("token not found") ) // Helper error type to combine two errors into one diff --git a/cmd/model-gen/main.go b/cmd/model-gen/main.go index 1c1cfa2..200fd5d 100644 --- a/cmd/model-gen/main.go +++ b/cmd/model-gen/main.go @@ -18,12 +18,6 @@ import ( "git.mstar.dev/mstar/linstrom/storage-new/models" ) -const ( - dbName = "linstrom" - dbUser = "linstrom" - dbPass = "linstrom" -) - func main() { other.SetupFlags() flag.Parse() @@ -32,7 +26,6 @@ func main() { db, err := gorm.Open( postgres.Open(config.GlobalConfig.Storage.BuildPostgresDSN()), - // postgres.Open(pgContainer.MustConnectionString(context.Background())), &gorm.Config{ PrepareStmt: false, Logger: shared.NewGormLogger(log.Logger), @@ -54,6 +47,7 @@ func main() { log.Info().Msg("Basic operations applied, applying extra features") g.ApplyInterface(func(models.INotification) {}, models.Notification{}) g.ApplyInterface(func(models.IUser) {}, models.User{}) + g.ApplyInterface(func(models.IAccessToken) {}, models.AccessToken{}) log.Info().Msg("Extra features applied, starting generation") g.Execute() diff --git a/storage-new/dbgen/access_tokens.gen.go b/storage-new/dbgen/access_tokens.gen.go index 2bdb0ba..65cb5a0 100644 --- a/storage-new/dbgen/access_tokens.gen.go +++ b/storage-new/dbgen/access_tokens.gen.go @@ -6,6 +6,7 @@ package dbgen import ( "context" + "strings" "git.mstar.dev/mstar/linstrom/storage-new/models" "gorm.io/gorm" @@ -435,6 +436,25 @@ type IAccessTokenDo interface { Returning(value interface{}, columns ...string) IAccessTokenDo UnderlyingDB() *gorm.DB schema.Tabler + + GetTokenIfValid(token string) (result *models.AccessToken, err error) +} + +// Get the data for a token if it hasn't expired yet +// +// SELECT * FROM @@table WHERE token = @token AND expires_at < NOW() LIMIT 1 +func (a accessTokenDo) GetTokenIfValid(token string) (result *models.AccessToken, err error) { + var params []interface{} + + var generateSQL strings.Builder + params = append(params, token) + generateSQL.WriteString("SELECT * FROM access_tokens WHERE token = ? AND expires_at < NOW() LIMIT 1 ") + + var executeSQL *gorm.DB + executeSQL = a.UnderlyingDB().Raw(generateSQL.String(), params...).Take(&result) // ignore_security_alert + err = executeSQL.Error + + return } func (a accessTokenDo) Debug() IAccessTokenDo { diff --git a/storage-new/models/TokenAccess.go b/storage-new/models/TokenAccess.go index ccf9a99..1022ef6 100644 --- a/storage-new/models/TokenAccess.go +++ b/storage-new/models/TokenAccess.go @@ -2,6 +2,8 @@ package models import ( "time" + + "gorm.io/gen" ) // AccessToken maps a unique token to one account. @@ -18,3 +20,10 @@ type AccessToken struct { // at a point in the future this server should never reach ExpiresAt time.Time `gorm:"default:TIMESTAMP WITH TIME ZONE '9999-12-30 23:59:59+00'"` } + +type IAccessToken interface { + // Get the data for a token + // + // SELECT * FROM @@table WHERE token = @token + GetTokenIfValid(token string) (*gen.T, error) +}