martin/databag
1
0
Fork 0
mirror of https://github.com/balzack/databag.git synced 2025-02-12 11:39:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
f916589d17
databag/net/server/internal/api_setAccountAccess.go
Roland Osborne 22e58c9c0e throttle requests on failed token
2022-09-10 02:20:32 -07:00

73 lines
1.6 KiB
Go
Raw Blame History

package databag
import (
"databag/internal/store"
"encoding/hex"
"errors"
"time"
"github.com/theckman/go-securerandom"
"gorm.io/gorm"
"net/http"
)
//SetAccountAccess creates token to gain access to account
func SetAccountAccess(w http.ResponseWriter, r *http.Request) {
token, _, res := AccessToken(r)
if res != nil || token.TokenType != APPTokenReset {
time.Sleep(APPUsernameWait * time.Millisecond);
ErrResponse(w, http.StatusUnauthorized, res)
return
}
if token.Account == nil {
ErrResponse(w, http.StatusUnauthorized, errors.New("invalid reset token"))
return
}
account := token.Account
// parse app data
var appData AppData
if err := ParseRequest(r, w, &appData); err != nil {
ErrResponse(w, http.StatusBadRequest, err)
return
}
// gernate app token
data, err := securerandom.Bytes(APPTokenSize)
if err != nil {
ErrResponse(w, http.StatusInternalServerError, err)
return
}
access := hex.EncodeToString(data)
// create app entry
app := store.App{
AccountID: account.GUID,
Name: appData.Name,
Description: appData.Description,
Image: appData.Image,
URL: appData.URL,
Token: access,
}
// save app and delete token
err = store.DB.Transaction(func(tx *gorm.DB) error {
if res := tx.Create(&app).Error; res != nil {
return res
}
if res := tx.Save(token.Account).Error; res != nil {
return res
}
if res := tx.Delete(token).Error; res != nil {
return res
}
return nil
})
if err != nil {
ErrResponse(w, http.StatusInternalServerError, err)
return
}
WriteResponse(w, account.GUID+"."+access)
}
Reference in New Issue View Git Blame Copy Permalink