package app import ( "crypto/md5" "database/sql" "fmt" "git.zxq.co/ripple/rippleapi/common" ) // GetTokenFull retrieves an user ID and their token privileges knowing their API token. func GetTokenFull(token string, db *sql.DB) (common.Token, bool) { var uid int var privs int var priv8 bool err := db.QueryRow("SELECT user, privileges, private FROM tokens WHERE token = ? LIMIT 1", fmt.Sprintf("%x", md5.Sum([]byte(token)))).Scan(&uid, &privs, &priv8) if priv8 { privs = common.PrivilegeRead | common.PrivilegeReadConfidential | common.PrivilegeWrite } switch { case err == sql.ErrNoRows: return common.Token{}, false case err != nil: panic(err) default: return common.Token{ Value: token, UserID: uid, Privileges: common.Privileges(privs), }, true } }