Add token related functions
continuous-integration/drone/push Build is passing Details

This commit is contained in:
Andinus 2020-03-27 18:10:32 +05:30
parent 5c62f93da8
commit ad9332dcd5
Signed by: andinus
GPG Key ID: B67D55D482A799FD
3 changed files with 138 additions and 0 deletions

8
auth/gentoken.go Normal file
View File

@ -0,0 +1,8 @@
package auth
// genToken generates a random token string of length n. Don't forget to
// seed the random number generator otherwise it won't be random.
func genToken(n int) string {
// Currently this is just a wrapper to genID.
return genID(n)
}

101
auth/token.go Normal file
View File

@ -0,0 +1,101 @@
package auth
import (
"errors"
"log"
"time"
"tildegit.org/andinus/perseus/storage/sqlite3"
"tildegit.org/andinus/perseus/user"
)
// ValToken will validate the token and returns an error. If error
// doesn't equal nil then consider token invalid.
func ValToken(db *sqlite3.DB, uInfo map[string]string) error {
// Acquire read lock on the database.
db.Mu.RLock()
defer db.Mu.RUnlock()
u := user.User{}
u.SetUsername(uInfo["username"])
// Set user id from username.
err := u.GetID(db)
if err != nil {
log.Printf("auth/token.go: %s\n",
"failed to get id from username")
return err
}
// Check if user's token is valid.
stmt, err := db.Conn.Prepare("SELECT token FROM access WHERE id = ?")
if err != nil {
log.Printf("auth/token.go: %s\n",
"failed to prepare statement")
return err
}
defer stmt.Close()
var token string
err = stmt.QueryRow(u.ID()).Scan(&token)
if err != nil {
log.Printf("auth/token.go: %s\n",
"query failed")
return err
}
if token != uInfo["token"] {
err = errors.New("token mismatch")
}
return err
}
// AddToken will generate a random token, add it to database and
// return the token.
func AddToken(db *sqlite3.DB, uInfo map[string]string) (token string, err error) {
// Acquire write lock on the database.
db.Mu.Lock()
defer db.Mu.Unlock()
token = genToken(64)
u := user.User{}
u.SetUsername(uInfo["username"])
// Set user id from username.
err = u.GetID(db)
if err != nil {
log.Printf("auth/token.go: %s\n",
"failed to get id from username")
return
}
// Start the transaction
tx, err := db.Conn.Begin()
if err != nil {
log.Printf("auth/token.go: %s\n",
"failed to begin transaction")
return
}
stmt, err := db.Conn.Prepare(`
INSERT INTO access(id, username, genTime) values(?, ?, ?)`)
if err != nil {
log.Printf("auth/tokenr.go: %s\n",
"failed to prepare statement")
return
}
defer stmt.Close()
_, err = stmt.Exec(u.ID(), u.Username(), time.Now().UTC())
if err != nil {
log.Printf("auth/token.go: %s\n",
"failed to execute statement")
return
}
tx.Commit()
return
}

29
user/getid.go Normal file
View File

@ -0,0 +1,29 @@
package user
import (
"log"
"tildegit.org/andinus/perseus/storage/sqlite3"
)
// GetID returns id from username.
func (u *User) GetID(db *sqlite3.DB) error {
// Get password for this user from the database.
stmt, err := db.Conn.Prepare("SELECT id FROM users WHERE username = ?")
if err != nil {
log.Printf("user/getid.go: %s\n",
"failed to prepare statement")
return err
}
defer stmt.Close()
var id string
err = stmt.QueryRow(u.username).Scan(&id)
if err != nil {
log.Printf("user/getid.go: %s\n",
"query failed")
}
u.id = id
return err
}