Add access token check to auth

auth-new/errors.go

@@ -26,6 +26,10 @@ var (
 	ErrInvalidPasskeyRegistrationData = errors.New(
 		"stored passkey registration data was formatted badly",
 	)
+	// The given token has expired
+	ErrTokenExpired = errors.New("token expired")
+	// The given token doesn't exist
+	ErrTokenNotFound = errors.New("token not found")
 )
 
 // Helper error type to combine two errors into one

cmd/model-gen/main.go

@@ -18,12 +18,6 @@ import (
 	"git.mstar.dev/mstar/linstrom/storage-new/models"
 )
 
-const (
-	dbName = "linstrom"
-	dbUser = "linstrom"
-	dbPass = "linstrom"
-)
-
 func main() {
 	other.SetupFlags()
 	flag.Parse()
@@ -32,7 +26,6 @@ func main() {
 
 	db, err := gorm.Open(
 		postgres.Open(config.GlobalConfig.Storage.BuildPostgresDSN()),
-		// postgres.Open(pgContainer.MustConnectionString(context.Background())),
 		&gorm.Config{
 			PrepareStmt: false,
 			Logger:      shared.NewGormLogger(log.Logger),
@@ -54,6 +47,7 @@ func main() {
 	log.Info().Msg("Basic operations applied, applying extra features")
 	g.ApplyInterface(func(models.INotification) {}, models.Notification{})
 	g.ApplyInterface(func(models.IUser) {}, models.User{})
+	g.ApplyInterface(func(models.IAccessToken) {}, models.AccessToken{})
 
 	log.Info().Msg("Extra features applied, starting generation")
 	g.Execute()

storage-new/dbgen/access_tokens.gen.go

@@ -6,6 +6,7 @@ package dbgen
 
 import (
 	"context"
+	"strings"
 
 	"git.mstar.dev/mstar/linstrom/storage-new/models"
 	"gorm.io/gorm"
@@ -435,6 +436,25 @@ type IAccessTokenDo interface {
 	Returning(value interface{}, columns ...string) IAccessTokenDo
 	UnderlyingDB() *gorm.DB
 	schema.Tabler
+
+	GetTokenIfValid(token string) (result *models.AccessToken, err error)
+}
+
+// Get the data for a token if it hasn't expired yet
+//
+// SELECT * FROM @@table WHERE token = @token AND expires_at < NOW() LIMIT 1
+func (a accessTokenDo) GetTokenIfValid(token string) (result *models.AccessToken, err error) {
+	var params []interface{}
+
+	var generateSQL strings.Builder
+	params = append(params, token)
+	generateSQL.WriteString("SELECT * FROM access_tokens WHERE token = ? AND expires_at < NOW() LIMIT 1 ")
+
+	var executeSQL *gorm.DB
+	executeSQL = a.UnderlyingDB().Raw(generateSQL.String(), params...).Take(&result) // ignore_security_alert
+	err = executeSQL.Error
+
+	return
 }
 
 func (a accessTokenDo) Debug() IAccessTokenDo {

storage-new/models/TokenAccess.go

@@ -2,6 +2,8 @@ package models
 
 import (
 	"time"
+
+	"gorm.io/gen"
 )
 
 // AccessToken maps a unique token to one account.
@@ -18,3 +20,10 @@ type AccessToken struct {
 	// at a point in the future this server should never reach
 	ExpiresAt time.Time `gorm:"default:TIMESTAMP WITH TIME ZONE '9999-12-30 23:59:59+00'"`
 }
+
+type IAccessToken interface {
+	// Get the data for a token
+	//
+	// SELECT * FROM @@table WHERE token = @token
+	GetTokenIfValid(token string) (*gen.T, error)
+}