softplayer/softplayer-backend
5
0
Fork 0
Code Pull Requests 3 Packages Releases Activity
Files
e96ec08a869f303f90fed446389e9324d88f7701
softplayer-backend/internal/controllers/tokens.go
Nikolai Rodionov e96ec08a86
All checks were successful
ci/woodpecker/push/build Pipeline was successful
Details
List possible services and filter unavailable 
Signed-off-by: Nikolai Rodionov <allanger@badhouseplants.net>
2026-05-14 12:26:03 +02:00

139 lines
3.4 KiB
Go
Raw Blame History

package controllers
import (
"context"
"database/sql"
"errors"
"regexp"
"time"
"gitea.badhouseplants.net/softplayer/softplayer-backend/internal/helpers/hash"
"gitea.badhouseplants.net/softplayer/softplayer-backend/internal/helpers/logger"
"gitea.badhouseplants.net/softplayer/softplayer-backend/internal/helpers/token"
"github.com/google/uuid"
"google.golang.org/grpc"
)
type TokenController struct {
DB *sql.DB
HashCost int16
ServiceInfo map[string]grpc.ServiceInfo
rules []rule
}
// Services that are not available for tokens
var DisabledServicesRegex = []string{".*Accounts.*", ".*Tokens.*"}
// Errors
var (
ErrServerError = errors.New("internal server error")
)
type TokenData struct {
UUID string
Name string
UserID string
CreatedAt time.Time
LastUserAt time.Time
RevokedAt time.Time
ExpiredAt time.Time
Scopes *Scopes
}
type Scopes struct{}
// Set the grpc info, must happen after all the service are initialized
func (ctrl *TokenController) SetGRPCInfo(info map[string]grpc.ServiceInfo) {
ctrl.ServiceInfo = info
}
func (ctrl *TokenController) SetRules() {
rules := []rule{
{re: regexp.MustCompile(`.*Tokens.*`)},
{re: regexp.MustCompile(`.*Accounts.*`)},
{re: regexp.MustCompile(`.*Reflection.*`)},
}
ctrl.rules = rules
}
// Create a new token, store its hash in the database and return the token value
func (ctrl *TokenController) Create(ctx context.Context, data *TokenData) (string, error) {
id := uuid.NewString()
log := logger.FromContext(ctx).WithValues("uuid", id)
log.V(2).Info("Creating a new token")
tokenValue, err := token.GenerateToken()
if err != nil {
log.Error(err, "Couldn't create a token")
return "", ErrServerError
}
tokenHash, err := hash.HashPassword(tokenValue, int(ctrl.HashCost))
if err != nil {
log.Error(err, "Couldn't calculate token hash")
return "", ErrServerError
}
query := "INSERT INTO tokens (uuid, token_hash, user_id, scopes, created_at, expires_at) VALUES ($1, $2, $3, $4, $5, $6)"
if _, err := ctrl.DB.Query(query, id, tokenHash, "dummy", time.Now(), data.ExpiredAt); err != nil {
log.Error(err, "Couldn't insert a token in the database")
return "", ErrServerError
}
return "", nil
}
// Update token name or permissions, other changes are ignored by this method
func (ctrl *TokenController) Update(ctx context.Context) (string, error) {
return "", nil
}
// ForceExpiration of a token, so it can no longer be used
func (ctrl *TokenController) ForceExpiration(ctx context.Context) error {
return nil
}
// Regenerate a token and get a new value
func (ctrl *TokenController) Regenerate(ctx context.Context) (string, error) {
return "", nil
}
// Get an existing token data
func (ctrl *TokenController) Get(ctx context.Context, uuid string) error {
return nil
}
// List all available token
func (ctrl *TokenController) List(ctx context.Context) error {
return nil
}
// Lis all available permissions
func (ctrl *TokenController) ListPermissions(ctx context.Context) (result map[string][]string) {
result = map[string][]string{}
for key, val := range ctrl.ServiceInfo {
if shouldSkip(key, ctrl.rules) {
continue
}
var services []string
for _, svc := range val.Methods {
services = append(services, svc.Name)
}
result[key] = services
}
return
}
type rule struct {
re *regexp.Regexp
}
func shouldSkip(s string, rules []rule) bool {
for _, r := range rules {
if r.re.MatchString(s) {
return true
}
}
return false
}
View Git Blame Copy Permalink