Accueil Explorer
S'inscrire Connexion
Endevir
/
git-server
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: 9bb218734c
Branches Tags
git-server
/
internal
/
db
/
access_tokens.go

access_tokens.go 4.3 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155 
  1. // Copyright 2020 The Gogs Authors. All rights reserved.
    2. 

  2. // Use of this source code is governed by a MIT-style
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. package db
    6. 

  6. 

  7. import (
    8. 

  8. 	"fmt"
    9. 

  9. 	"time"
    10. 

  10. 

  11. 	"github.com/jinzhu/gorm"
    12. 

  12. 	gouuid "github.com/satori/go.uuid"
    13. 

  13. 

  14. 	"gogs.io/gogs/internal/cryptoutil"
    15. 

  15. 	"gogs.io/gogs/internal/errutil"
    16. 

  16. )
    17. 

  17. 

  18. // AccessTokensStore is the persistent interface for access tokens.
    19. 

  19. //
    20. 

  20. // NOTE: All methods are sorted in alphabetical order.
    21. 

  21. type AccessTokensStore interface {
    22. 

  22. 	// Create creates a new access token and persist to database.
    23. 

  23. 	// It returns ErrAccessTokenAlreadyExist when an access token
    24. 

  24. 	// with same name already exists for the user.
    25. 

  25. 	Create(userID int64, name string) (*AccessToken, error)
    26. 

  26. 	// DeleteByID deletes the access token by given ID.
    27. 

  27. 	// 🚨 SECURITY: The "userID" is required to prevent attacker
    28. 

  28. 	// deletes arbitrary access token that belongs to another user.
    29. 

  29. 	DeleteByID(userID, id int64) error
    30. 

  30. 	// GetBySHA returns the access token with given SHA1.
    31. 

  31. 	// It returns ErrAccessTokenNotExist when not found.
    32. 

  32. 	GetBySHA(sha string) (*AccessToken, error)
    33. 

  33. 	// List returns all access tokens belongs to given user.
    34. 

  34. 	List(userID int64) ([]*AccessToken, error)
    35. 

  35. 	// Save persists all values of given access token.
    36. 

  36. 	// The Updated field is set to current time automatically.
    37. 

  37. 	Save(t *AccessToken) error
    38. 

  38. }
    39. 

  39. 

  40. var AccessTokens AccessTokensStore
    41. 

  41. 

  42. // AccessToken is a personal access token.
    43. 

  43. type AccessToken struct {
    44. 

  44. 	ID     int64
    45. 

  45. 	UserID int64 `xorm:"uid INDEX" gorm:"COLUMN:uid;INDEX"`
    46. 

  46. 	Name   string
    47. 

  47. 	Sha1   string `xorm:"UNIQUE VARCHAR(40)" gorm:"TYPE:VARCHAR(40);UNIQUE"`
    48. 

  48. 

  49. 	Created           time.Time `xorm:"-" gorm:"-" json:"-"`
    50. 

  50. 	CreatedUnix       int64
    51. 

  51. 	Updated           time.Time `xorm:"-" gorm:"-" json:"-"`
    52. 

  52. 	UpdatedUnix       int64
    53. 

  53. 	HasRecentActivity bool `xorm:"-" gorm:"-" json:"-"`
    54. 

  54. 	HasUsed           bool `xorm:"-" gorm:"-" json:"-"`
    55. 

  55. }
    56. 

  56. 

  57. // NOTE: This is a GORM create hook.
    58. 

  58. func (t *AccessToken) BeforeCreate() {
    59. 

  59. 	if t.CreatedUnix > 0 {
    60. 

  60. 		return
    61. 

  61. 	}
    62. 

  62. 	t.CreatedUnix = gorm.NowFunc().Unix()
    63. 

  63. }
    64. 

  64. 

  65. // NOTE: This is a GORM update hook.
    66. 

  66. func (t *AccessToken) BeforeUpdate() {
    67. 

  67. 	t.UpdatedUnix = gorm.NowFunc().Unix()
    68. 

  68. }
    69. 

  69. 

  70. // NOTE: This is a GORM query hook.
    71. 

  71. func (t *AccessToken) AfterFind() {
    72. 

  72. 	t.Created = time.Unix(t.CreatedUnix, 0).Local()
    73. 

  73. 	t.Updated = time.Unix(t.UpdatedUnix, 0).Local()
    74. 

  74. 	t.HasUsed = t.Updated.After(t.Created)
    75. 

  75. 	t.HasRecentActivity = t.Updated.Add(7 * 24 * time.Hour).After(gorm.NowFunc())
    76. 

  76. }
    77. 

  77. 

  78. var _ AccessTokensStore = (*accessTokens)(nil)
    79. 

  79. 

  80. type accessTokens struct {
    81. 

  81. 	*gorm.DB
    82. 

  82. }
    83. 

  83. 

  84. type ErrAccessTokenAlreadyExist struct {
    85. 

  85. 	args errutil.Args
    86. 

  86. }
    87. 

  87. 

  88. func IsErrAccessTokenAlreadyExist(err error) bool {
    89. 

  89. 	_, ok := err.(ErrAccessTokenAlreadyExist)
    90. 

  90. 	return ok
    91. 

  91. }
    92. 

  92. 

  93. func (err ErrAccessTokenAlreadyExist) Error() string {
    94. 

  94. 	return fmt.Sprintf("access token already exists: %v", err.args)
    95. 

  95. }
    96. 

  96. 

  97. func (db *accessTokens) Create(userID int64, name string) (*AccessToken, error) {
    98. 

  98. 	err := db.Where("uid = ? AND name = ?", userID, name).First(new(AccessToken)).Error
    99. 

  99. 	if err == nil {
    100. 

  100. 		return nil, ErrAccessTokenAlreadyExist{args: errutil.Args{"userID": userID, "name": name}}
    101. 

  101. 	} else if !gorm.IsRecordNotFoundError(err) {
    102. 

  102. 		return nil, err
    103. 

  103. 	}
    104. 

  104. 

  105. 	token := &AccessToken{
    106. 

  106. 		UserID: userID,
    107. 

  107. 		Name:   name,
    108. 

  108. 		Sha1:   cryptoutil.SHA1(gouuid.NewV4().String()),
    109. 

  109. 	}
    110. 

  110. 	return token, db.DB.Create(token).Error
    111. 

  111. }
    112. 

  112. 

  113. func (db *accessTokens) DeleteByID(userID, id int64) error {
    114. 

  114. 	return db.Where("id = ? AND uid = ?", id, userID).Delete(new(AccessToken)).Error
    115. 

  115. }
    116. 

  116. 

  117. var _ errutil.NotFound = (*ErrAccessTokenNotExist)(nil)
    118. 

  118. 

  119. type ErrAccessTokenNotExist struct {
    120. 

  120. 	args errutil.Args
    121. 

  121. }
    122. 

  122. 

  123. func IsErrAccessTokenNotExist(err error) bool {
    124. 

  124. 	_, ok := err.(ErrAccessTokenNotExist)
    125. 

  125. 	return ok
    126. 

  126. }
    127. 

  127. 

  128. func (err ErrAccessTokenNotExist) Error() string {
    129. 

  129. 	return fmt.Sprintf("access token does not exist: %v", err.args)
    130. 

  130. }
    131. 

  131. 

  132. func (ErrAccessTokenNotExist) NotFound() bool {
    133. 

  133. 	return true
    134. 

  134. }
    135. 

  135. 

  136. func (db *accessTokens) GetBySHA(sha string) (*AccessToken, error) {
    137. 

  137. 	token := new(AccessToken)
    138. 

  138. 	err := db.Where("sha1 = ?", sha).First(token).Error
    139. 

  139. 	if err != nil {
    140. 

  140. 		if gorm.IsRecordNotFoundError(err) {
    141. 

  141. 			return nil, ErrAccessTokenNotExist{args: errutil.Args{"sha": sha}}
    142. 

  142. 		}
    143. 

  143. 		return nil, err
    144. 

  144. 	}
    145. 

  145. 	return token, nil
    146. 

  146. }
    147. 

  147. 

  148. func (db *accessTokens) List(userID int64) ([]*AccessToken, error) {
    149. 

  149. 	var tokens []*AccessToken
    150. 

  150. 	return tokens, db.Where("uid = ?", userID).Find(&tokens).Error
    151. 

  151. }
    152. 

  152. 

  153. func (db *accessTokens) Save(t *AccessToken) error {
    154. 

  154. 	return db.DB.Save(t).Error
    155. 

  155. }
    156.