2016-04-03 17:59:27 +00:00
|
|
|
package app
|
|
|
|
|
|
|
|
import (
|
2016-04-05 20:22:13 +00:00
|
|
|
"crypto/md5"
|
2016-04-03 17:59:27 +00:00
|
|
|
"database/sql"
|
2016-04-05 20:22:13 +00:00
|
|
|
"fmt"
|
2016-04-03 17:59:27 +00:00
|
|
|
|
2016-04-19 14:07:27 +00:00
|
|
|
"git.zxq.co/ripple/rippleapi/common"
|
2016-04-03 17:59:27 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// GetTokenFull retrieves an user ID and their token privileges knowing their API token.
|
|
|
|
func GetTokenFull(token string, db *sql.DB) (common.Token, bool) {
|
2016-06-14 10:01:30 +00:00
|
|
|
var t common.Token
|
|
|
|
var privs uint64
|
2016-05-15 05:20:11 +00:00
|
|
|
var priv8 bool
|
2016-06-14 10:01:30 +00:00
|
|
|
err := db.QueryRow("SELECT id, user, privileges, private FROM tokens WHERE token = ? LIMIT 1",
|
|
|
|
fmt.Sprintf("%x", md5.Sum([]byte(token)))).
|
|
|
|
Scan(
|
|
|
|
&t.ID, &t.UserID, &privs, &priv8,
|
|
|
|
)
|
2016-05-15 05:20:11 +00:00
|
|
|
if priv8 {
|
|
|
|
privs = common.PrivilegeRead | common.PrivilegeReadConfidential | common.PrivilegeWrite
|
|
|
|
}
|
2016-06-16 11:14:19 +00:00
|
|
|
t.Privileges = common.Privileges(privs)
|
2016-04-03 17:59:27 +00:00
|
|
|
switch {
|
|
|
|
case err == sql.ErrNoRows:
|
|
|
|
return common.Token{}, false
|
|
|
|
case err != nil:
|
|
|
|
panic(err)
|
|
|
|
default:
|
2016-06-14 10:01:30 +00:00
|
|
|
t.Value = token
|
|
|
|
return t, true
|
2016-04-03 17:59:27 +00:00
|
|
|
}
|
|
|
|
}
|