2022-06-08 08:25:41 +00:00
|
|
|
package databag
|
|
|
|
|
|
|
|
|
|
import (
|
2022-07-22 19:28:14 +00:00
|
|
|
"databag/internal/store"
|
|
|
|
|
"encoding/hex"
|
|
|
|
|
"errors"
|
2022-09-10 09:20:32 +00:00
|
|
|
"time"
|
2022-07-22 19:28:14 +00:00
|
|
|
"github.com/theckman/go-securerandom"
|
|
|
|
|
"gorm.io/gorm"
|
|
|
|
|
"net/http"
|
2022-06-08 08:25:41 +00:00
|
|
|
)
|
|
|
|
|
|
2022-07-29 21:50:40 +00:00
|
|
|
//SetAccountAccess creates token to gain access to account
|
2022-06-08 08:25:41 +00:00
|
|
|
func SetAccountAccess(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
|
2022-07-22 19:28:14 +00:00
|
|
|
token, _, res := AccessToken(r)
|
|
|
|
|
if res != nil || token.TokenType != APPTokenReset {
|
2022-09-10 09:20:32 +00:00
|
|
|
time.Sleep(APPUsernameWait * time.Millisecond);
|
2022-07-22 19:28:14 +00:00
|
|
|
ErrResponse(w, http.StatusUnauthorized, res)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
if token.Account == nil {
|
|
|
|
|
ErrResponse(w, http.StatusUnauthorized, errors.New("invalid reset token"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
account := token.Account
|
2022-06-08 08:25:41 +00:00
|
|
|
|
2022-07-22 19:28:14 +00:00
|
|
|
// parse app data
|
|
|
|
|
var appData AppData
|
|
|
|
|
if err := ParseRequest(r, w, &appData); err != nil {
|
|
|
|
|
ErrResponse(w, http.StatusBadRequest, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
2022-06-08 08:25:41 +00:00
|
|
|
|
2022-07-22 19:28:14 +00:00
|
|
|
// gernate app token
|
|
|
|
|
data, err := securerandom.Bytes(APPTokenSize)
|
|
|
|
|
if err != nil {
|
|
|
|
|
ErrResponse(w, http.StatusInternalServerError, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
access := hex.EncodeToString(data)
|
2022-06-08 08:25:41 +00:00
|
|
|
|
2022-07-22 19:28:14 +00:00
|
|
|
// create app entry
|
2022-11-09 07:22:20 +00:00
|
|
|
app := store.Session{
|
2022-07-22 19:28:14 +00:00
|
|
|
AccountID: account.GUID,
|
|
|
|
|
Token: access,
|
|
|
|
|
}
|
2022-06-08 08:25:41 +00:00
|
|
|
|
2022-07-22 19:28:14 +00:00
|
|
|
// save app and delete token
|
|
|
|
|
err = store.DB.Transaction(func(tx *gorm.DB) error {
|
|
|
|
|
if res := tx.Create(&app).Error; res != nil {
|
|
|
|
|
return res
|
|
|
|
|
}
|
|
|
|
|
if res := tx.Save(token.Account).Error; res != nil {
|
|
|
|
|
return res
|
|
|
|
|
}
|
|
|
|
|
if res := tx.Delete(token).Error; res != nil {
|
|
|
|
|
return res
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
ErrResponse(w, http.StatusInternalServerError, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
2022-06-08 08:25:41 +00:00
|
|
|
|
2022-10-20 16:54:06 +00:00
|
|
|
login := LoginAccess{
|
|
|
|
|
GUID: account.GUID,
|
|
|
|
|
AppToken: account.GUID + "." + access,
|
|
|
|
|
Created: app.Created,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
WriteResponse(w, login)
|
2022-06-08 08:25:41 +00:00
|
|
|
}
|
