homebox/backend/internal/data/repo/repo_tokens.go

130 lines
3 KiB
Go
Raw Normal View History

2022-08-30 02:30:36 +00:00
package repo
import (
"context"
"time"
"github.com/google/uuid"
"github.com/hay-kot/homebox/backend/internal/data/ent"
"github.com/hay-kot/homebox/backend/internal/data/ent/authroles"
"github.com/hay-kot/homebox/backend/internal/data/ent/authtokens"
"github.com/hay-kot/homebox/backend/pkgs/hasher"
"github.com/hay-kot/homebox/backend/pkgs/set"
2022-08-30 02:30:36 +00:00
)
type TokenRepository struct {
2022-08-30 02:30:36 +00:00
db *ent.Client
}
type (
UserAuthTokenCreate struct {
TokenHash []byte `json:"token"`
UserID uuid.UUID `json:"userId"`
ExpiresAt time.Time `json:"expiresAt"`
}
UserAuthToken struct {
UserAuthTokenCreate
CreatedAt time.Time `json:"createdAt"`
}
)
func (u UserAuthToken) IsExpired() bool {
return u.ExpiresAt.Before(time.Now())
}
2022-08-30 02:30:36 +00:00
// GetUserFromToken get's a user from a token
func (r *TokenRepository) GetUserFromToken(ctx context.Context, token []byte) (UserOut, error) {
2022-08-31 00:40:39 +00:00
user, err := r.db.AuthTokens.Query().
2022-08-30 02:30:36 +00:00
Where(authtokens.Token(token)).
Where(authtokens.ExpiresAtGTE(time.Now())).
WithUser().
2022-08-31 00:40:39 +00:00
QueryUser().
WithGroup().
2022-08-30 02:30:36 +00:00
Only(ctx)
if err != nil {
return UserOut{}, err
2022-08-30 02:30:36 +00:00
}
return mapUserOut(user), nil
2022-08-30 02:30:36 +00:00
}
func (r *TokenRepository) GetRoles(ctx context.Context, token string) (*set.Set[string], error) {
tokenHash := hasher.HashToken(token)
roles, err := r.db.AuthRoles.
Query().
Where(authroles.HasTokenWith(
authtokens.Token(tokenHash),
)).
All(ctx)
if err != nil {
return nil, err
}
roleSet := set.Make[string](len(roles))
for _, role := range roles {
roleSet.Insert(role.Role.String())
}
return &roleSet, nil
}
2022-08-30 02:30:36 +00:00
// Creates a token for a user
func (r *TokenRepository) CreateToken(ctx context.Context, createToken UserAuthTokenCreate, roles ...authroles.Role) (UserAuthToken, error) {
2022-08-30 02:30:36 +00:00
dbToken, err := r.db.AuthTokens.Create().
SetToken(createToken.TokenHash).
SetUserID(createToken.UserID).
SetExpiresAt(createToken.ExpiresAt).
Save(ctx)
if err != nil {
return UserAuthToken{}, err
2022-08-30 02:30:36 +00:00
}
for _, role := range roles {
_, err := r.db.AuthRoles.Create().
SetRole(role).
SetToken(dbToken).
Save(ctx)
if err != nil {
return UserAuthToken{}, err
}
}
return UserAuthToken{
UserAuthTokenCreate: UserAuthTokenCreate{
TokenHash: dbToken.Token,
UserID: createToken.UserID,
ExpiresAt: dbToken.ExpiresAt,
},
CreatedAt: dbToken.CreatedAt,
}, nil
2022-08-30 02:30:36 +00:00
}
// DeleteToken remove a single token from the database - equivalent to revoke or logout
func (r *TokenRepository) DeleteToken(ctx context.Context, token []byte) error {
2022-08-30 02:30:36 +00:00
_, err := r.db.AuthTokens.Delete().Where(authtokens.Token(token)).Exec(ctx)
return err
}
// PurgeExpiredTokens removes all expired tokens from the database
func (r *TokenRepository) PurgeExpiredTokens(ctx context.Context) (int, error) {
2022-08-30 02:30:36 +00:00
tokensDeleted, err := r.db.AuthTokens.Delete().Where(authtokens.ExpiresAtLTE(time.Now())).Exec(ctx)
if err != nil {
return 0, err
}
return tokensDeleted, nil
}
func (r *TokenRepository) DeleteAll(ctx context.Context) (int, error) {
2022-08-30 02:30:36 +00:00
amount, err := r.db.AuthTokens.Delete().Exec(ctx)
return amount, err
}