Add access token check to auth
This commit is contained in:
parent
8f53e8a967
commit
6a2b213787
SSH key fingerprint:
SHA256:9VAo09aaVNTWKzPW7Hq2LW+ox9OdwmTSHRoD4mlz1yI
4 changed files with 34 additions and 7 deletions
|
|
@ -26,6 +26,10 @@ var (
|
|||
ErrInvalidPasskeyRegistrationData = errors.New(
|
||||
"stored passkey registration data was formatted badly",
|
||||
)
|
||||
// The given token has expired
|
||||
ErrTokenExpired = errors.New("token expired")
|
||||
// The given token doesn't exist
|
||||
ErrTokenNotFound = errors.New("token not found")
|
||||
)
|
||||
|
||||
// Helper error type to combine two errors into one
|
||||
|
|
|
|||
|
|
@ -18,12 +18,6 @@ import (
|
|||
"git.mstar.dev/mstar/linstrom/storage-new/models"
|
||||
)
|
||||
|
||||
const (
|
||||
dbName = "linstrom"
|
||||
dbUser = "linstrom"
|
||||
dbPass = "linstrom"
|
||||
)
|
||||
|
||||
func main() {
|
||||
other.SetupFlags()
|
||||
flag.Parse()
|
||||
|
|
@ -32,7 +26,6 @@ func main() {
|
|||
|
||||
db, err := gorm.Open(
|
||||
postgres.Open(config.GlobalConfig.Storage.BuildPostgresDSN()),
|
||||
// postgres.Open(pgContainer.MustConnectionString(context.Background())),
|
||||
&gorm.Config{
|
||||
PrepareStmt: false,
|
||||
Logger: shared.NewGormLogger(log.Logger),
|
||||
|
|
@ -54,6 +47,7 @@ func main() {
|
|||
log.Info().Msg("Basic operations applied, applying extra features")
|
||||
g.ApplyInterface(func(models.INotification) {}, models.Notification{})
|
||||
g.ApplyInterface(func(models.IUser) {}, models.User{})
|
||||
g.ApplyInterface(func(models.IAccessToken) {}, models.AccessToken{})
|
||||
|
||||
log.Info().Msg("Extra features applied, starting generation")
|
||||
g.Execute()
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ package dbgen
|
|||
|
||||
import (
|
||||
"context"
|
||||
"strings"
|
||||
|
||||
"git.mstar.dev/mstar/linstrom/storage-new/models"
|
||||
"gorm.io/gorm"
|
||||
|
|
@ -435,6 +436,25 @@ type IAccessTokenDo interface {
|
|||
Returning(value interface{}, columns ...string) IAccessTokenDo
|
||||
UnderlyingDB() *gorm.DB
|
||||
schema.Tabler
|
||||
|
||||
GetTokenIfValid(token string) (result *models.AccessToken, err error)
|
||||
}
|
||||
|
||||
// Get the data for a token if it hasn't expired yet
|
||||
//
|
||||
// SELECT * FROM @@table WHERE token = @token AND expires_at < NOW() LIMIT 1
|
||||
func (a accessTokenDo) GetTokenIfValid(token string) (result *models.AccessToken, err error) {
|
||||
var params []interface{}
|
||||
|
||||
var generateSQL strings.Builder
|
||||
params = append(params, token)
|
||||
generateSQL.WriteString("SELECT * FROM access_tokens WHERE token = ? AND expires_at < NOW() LIMIT 1 ")
|
||||
|
||||
var executeSQL *gorm.DB
|
||||
executeSQL = a.UnderlyingDB().Raw(generateSQL.String(), params...).Take(&result) // ignore_security_alert
|
||||
err = executeSQL.Error
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
func (a accessTokenDo) Debug() IAccessTokenDo {
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@ package models
|
|||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"gorm.io/gen"
|
||||
)
|
||||
|
||||
// AccessToken maps a unique token to one account.
|
||||
|
|
@ -18,3 +20,10 @@ type AccessToken struct {
|
|||
// at a point in the future this server should never reach
|
||||
ExpiresAt time.Time `gorm:"default:TIMESTAMP WITH TIME ZONE '9999-12-30 23:59:59+00'"`
|
||||
}
|
||||
|
||||
type IAccessToken interface {
|
||||
// Get the data for a token
|
||||
//
|
||||
// SELECT * FROM @@table WHERE token = @token
|
||||
GetTokenIfValid(token string) (*gen.T, error)
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue