replace zxq.co/ripple/hanayo
This commit is contained in:
Alicia
112
vendor/zxq.co/ripple/rippleapi/app/tokens.go
vendored
Normal file
112
vendor/zxq.co/ripple/rippleapi/app/tokens.go
vendored
Normal file
@@ -0,0 +1,112 @@
|
||||
package app
|
||||
|
||||
import (
|
||||
"crypto/md5"
|
||||
"crypto/sha256"
|
||||
"database/sql"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"github.com/jmoiron/sqlx"
|
||||
"zxq.co/ripple/rippleapi/common"
|
||||
)
|
||||
|
||||
// GetTokenFull retrieves an user ID and their token privileges knowing their API token.
|
||||
func GetTokenFull(token string, db *sqlx.DB) (common.Token, bool) {
|
||||
var (
|
||||
t common.Token
|
||||
tokenPrivsRaw uint64
|
||||
userPrivsRaw uint64
|
||||
priv8 bool
|
||||
)
|
||||
err := db.QueryRow(`SELECT
|
||||
t.id, t.user, t.privileges, t.private, u.privileges
|
||||
FROM tokens t
|
||||
LEFT JOIN users u ON u.id = t.user
|
||||
WHERE token = ? LIMIT 1`,
|
||||
fmt.Sprintf("%x", md5.Sum([]byte(token)))).
|
||||
Scan(
|
||||
&t.ID, &t.UserID, &tokenPrivsRaw, &priv8, &userPrivsRaw,
|
||||
)
|
||||
updateTokens <- t.ID
|
||||
if priv8 {
|
||||
// all privileges, they'll get removed by canOnly anyway.
|
||||
tokenPrivsRaw = (common.PrivilegeBeatmap << 1) - 1
|
||||
}
|
||||
t.UserPrivileges = common.UserPrivileges(userPrivsRaw)
|
||||
t.TokenPrivileges = common.Privileges(tokenPrivsRaw).CanOnly(t.UserPrivileges)
|
||||
switch {
|
||||
case err == sql.ErrNoRows:
|
||||
return common.Token{}, false
|
||||
case err != nil:
|
||||
panic(err)
|
||||
default:
|
||||
t.Value = token
|
||||
return t, true
|
||||
}
|
||||
}
|
||||
|
||||
var updateTokens = make(chan int, 100)
|
||||
|
||||
func tokenUpdater(db *sqlx.DB) {
|
||||
for {
|
||||
// prepare a queue of tokens to update.
|
||||
tokensToUpdate := make([]int, 0, 50)
|
||||
AwaitLoop:
|
||||
for {
|
||||
// if we got ten, move on and update
|
||||
if len(tokensToUpdate) >= 50 {
|
||||
break
|
||||
}
|
||||
// if we ain't got any, add what we get straight from updateTokens
|
||||
if len(tokensToUpdate) == 0 {
|
||||
x := <-updateTokens
|
||||
tokensToUpdate = append(tokensToUpdate, x)
|
||||
continue
|
||||
}
|
||||
|
||||
// otherwise, wait from updateTokens with a timeout of 10 seconds
|
||||
select {
|
||||
case x := <-updateTokens:
|
||||
tokensToUpdate = append(tokensToUpdate, x)
|
||||
case <-time.After(10 * time.Second):
|
||||
// wondering what this means?
|
||||
// https://golang.org/ref/spec#Break_statements
|
||||
break AwaitLoop
|
||||
}
|
||||
}
|
||||
|
||||
q, a, _ := sqlx.In("UPDATE tokens SET last_updated = ? WHERE id IN (?)", time.Now().Unix(), tokensToUpdate)
|
||||
|
||||
q = db.Rebind(q)
|
||||
_, err := db.Exec(q, a...)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// BearerToken parses a Token given in the Authorization header, with the
|
||||
// Bearer prefix.
|
||||
func BearerToken(token string, db *sqlx.DB) (common.Token, bool) {
|
||||
var x struct {
|
||||
Scope string
|
||||
Extra int
|
||||
}
|
||||
db.Get(&x, "SELECT scope, extra FROM osin_access WHERE access_token = ? LIMIT 1", fmt.Sprintf("%x", sha256.Sum256([]byte(token))))
|
||||
if x.Extra == 0 {
|
||||
return common.Token{}, false
|
||||
}
|
||||
|
||||
var privs uint64
|
||||
db.Get(&privs, "SELECT privileges FROM users WHERE id = ? LIMIT 1", x.Extra)
|
||||
|
||||
var t common.Token
|
||||
t.ID = -1
|
||||
t.UserID = x.Extra
|
||||
t.Value = token
|
||||
t.UserPrivileges = common.UserPrivileges(privs)
|
||||
t.TokenPrivileges = common.OAuthPrivileges(x.Scope).CanOnly(t.UserPrivileges)
|
||||
|
||||
return t, true
|
||||
}
|
||||
Reference in New Issue
Block a user