EZPPFarm/ripple-api
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add GET /tokens/self

Browse Source
This commit is contained in:
Howl 2016-06-14 12:01:30 +02:00
parent 4d9ec829a8
commit fc38503bdd
4 changed files with 32 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/start.go
View File

@ -47,6 +47,7 @@ func Start(conf common.Conf, dbO *sql.DB) *gin.Engine {
gv1.GET("/beatmaps", Method(v1.BeatmapGET, common.PrivilegeRead)) gv1.GET("/beatmaps", Method(v1.BeatmapGET, common.PrivilegeRead))
gv1.GET("/leaderboard", Method(v1.LeaderboardGET, common.PrivilegeRead)) gv1.GET("/leaderboard", Method(v1.LeaderboardGET, common.PrivilegeRead))
gv1.GET("/tokens", Method(v1.TokenGET, common.PrivilegeRead)) gv1.GET("/tokens", Method(v1.TokenGET, common.PrivilegeRead))
gv1.GET("/tokens/self", Method(v1.TokenSelfGET, common.PrivilegeRead))
// ReadConfidential privilege required // ReadConfidential privilege required
gv1.GET("/friends", Method(v1.FriendsGET, common.PrivilegeReadConfidential)) gv1.GET("/friends", Method(v1.FriendsGET, common.PrivilegeReadConfidential))

18
app/tokens.go
View File

@ -10,10 +10,15 @@ import (
// GetTokenFull retrieves an user ID and their token privileges knowing their API token. // GetTokenFull retrieves an user ID and their token privileges knowing their API token.
func GetTokenFull(token string, db *sql.DB) (common.Token, bool) { func GetTokenFull(token string, db *sql.DB) (common.Token, bool) {
var uid int var t common.Token
var privs int var privs uint64
var priv8 bool var priv8 bool
err := db.QueryRow("SELECT user, privileges, private FROM tokens WHERE token = ? LIMIT 1", fmt.Sprintf("%x", md5.Sum([]byte(token)))).Scan(&uid, &privs, &priv8) err := db.QueryRow("SELECT id, user, privileges, private FROM tokens WHERE token = ? LIMIT 1",
fmt.Sprintf("%x", md5.Sum([]byte(token)))).
Scan(
&t.ID, &t.UserID, &privs, &priv8,
)
t.Privileges = common.Privileges(privs)
if priv8 { if priv8 {
privs = common.PrivilegeRead | common.PrivilegeReadConfidential | common.PrivilegeWrite privs = common.PrivilegeRead | common.PrivilegeReadConfidential | common.PrivilegeWrite
} }
@ -23,10 +28,7 @@ func GetTokenFull(token string, db *sql.DB) (common.Token, bool) {
case err != nil: case err != nil:
panic(err) panic(err)
default: default:
return common.Token{ t.Value = token
Value: token, return t, true
UserID: uid,
Privileges: common.Privileges(privs),
}, true
} }
} }

20
app/v1/token.go
View File

@ -169,6 +169,26 @@ func TokenGET(md common.MethodData) common.CodeMessager {
return r return r
} }
type tokenSingleResponse struct {
common.ResponseBase
token
}
// TokenSelfGET retrieves information about the token the user is connecting with.
func TokenSelfGET(md common.MethodData) common.CodeMessager {
var r tokenSingleResponse
// md.User.ID = token id, userid would have been md.User.UserID. what a clusterfuck
err := md.DB.QueryRow("SELECT id, privileges, description FROM tokens WHERE id = ?", md.User.ID).Scan(
&r.ID, &r.Privileges, &r.Description,
)
if err != nil {
md.Err(err)
return Err500
}
r.Code = 200
return r
}
// TokenFixPrivilegesGET fixes the privileges on the token of the given user, // TokenFixPrivilegesGET fixes the privileges on the token of the given user,
// or of all the users if no user is given. // or of all the users if no user is given.
func TokenFixPrivilegesGET(md common.MethodData) common.CodeMessager { func TokenFixPrivilegesGET(md common.MethodData) common.CodeMessager {

1
common/token.go
View File

@ -2,6 +2,7 @@ package common
// Token Is an API token. // Token Is an API token.
type Token struct { type Token struct {
ID int
Value string Value string
UserID int UserID int
Privileges Privileges Privileges Privileges