add GET /tokens/self

2016-06-14 12:01:30 +02:00 · 2016-06-14 12:01:30 +02:00 · fc38503bdd
parent 4d9ec829a8
commit fc38503bdd
4 changed files with 32 additions and 8 deletions
--- a/app/start.go
+++ b/app/start.go
@ -47,6 +47,7 @@ func Start(conf common.Conf, dbO *sql.DB) *gin.Engine {
 			gv1.GET("/beatmaps", Method(v1.BeatmapGET, common.PrivilegeRead))
 			gv1.GET("/leaderboard", Method(v1.LeaderboardGET, common.PrivilegeRead))
 			gv1.GET("/tokens", Method(v1.TokenGET, common.PrivilegeRead))
+			gv1.GET("/tokens/self", Method(v1.TokenSelfGET, common.PrivilegeRead))

 			// ReadConfidential privilege required
 			gv1.GET("/friends", Method(v1.FriendsGET, common.PrivilegeReadConfidential))
--- a/app/tokens.go
+++ b/app/tokens.go
@ -10,10 +10,15 @@ import (

 // GetTokenFull retrieves an user ID and their token privileges knowing their API token.
 func GetTokenFull(token string, db *sql.DB) (common.Token, bool) {
-	var uid int
-	var privs int
+	var t common.Token
+	var privs uint64
 	var priv8 bool
-	err := db.QueryRow("SELECT user, privileges, private FROM tokens WHERE token = ? LIMIT 1", fmt.Sprintf("%x", md5.Sum([]byte(token)))).Scan(&uid, &privs, &priv8)
+	err := db.QueryRow("SELECT id, user, privileges, private FROM tokens WHERE token = ? LIMIT 1",
+		fmt.Sprintf("%x", md5.Sum([]byte(token)))).
+		Scan(
+			&t.ID, &t.UserID, &privs, &priv8,
+		)
+	t.Privileges = common.Privileges(privs)
 	if priv8 {
 		privs = common.PrivilegeRead | common.PrivilegeReadConfidential | common.PrivilegeWrite
 	}
@ -23,10 +28,7 @@ func GetTokenFull(token string, db *sql.DB) (common.Token, bool) {
 	case err != nil:
 		panic(err)
 	default:
-		return common.Token{
-			Value:      token,
-			UserID:     uid,
-			Privileges: common.Privileges(privs),
-		}, true
+		t.Value = token
+		return t, true
 	}
 }
--- a/app/v1/token.go
+++ b/app/v1/token.go
@ -169,6 +169,26 @@ func TokenGET(md common.MethodData) common.CodeMessager {
 	return r
 }

+type tokenSingleResponse struct {
+	common.ResponseBase
+	token
+}
+
+// TokenSelfGET retrieves information about the token the user is connecting with.
+func TokenSelfGET(md common.MethodData) common.CodeMessager {
+	var r tokenSingleResponse
+	// md.User.ID = token id, userid would have been md.User.UserID. what a clusterfuck
+	err := md.DB.QueryRow("SELECT id, privileges, description FROM tokens WHERE id = ?", md.User.ID).Scan(
+		&r.ID, &r.Privileges, &r.Description,
+	)
+	if err != nil {
+		md.Err(err)
+		return Err500
+	}
+	r.Code = 200
+	return r
+}
+
 // TokenFixPrivilegesGET fixes the privileges on the token of the given user,
 // or of all the users if no user is given.
 func TokenFixPrivilegesGET(md common.MethodData) common.CodeMessager {
--- a/common/token.go
+++ b/common/token.go
@ -2,6 +2,7 @@ package common

 // Token Is an API token.
 type Token struct {
+	ID         int
 	Value      string
 	UserID     int
 	Privileges Privileges