33 lines
799 B
Go
33 lines
799 B
Go
package app
|
|
|
|
import (
|
|
"crypto/md5"
|
|
"database/sql"
|
|
"fmt"
|
|
|
|
"git.zxq.co/ripple/rippleapi/common"
|
|
)
|
|
|
|
// GetTokenFull retrieves an user ID and their token privileges knowing their API token.
|
|
func GetTokenFull(token string, db *sql.DB) (common.Token, bool) {
|
|
var uid int
|
|
var privs int
|
|
var priv8 bool
|
|
err := db.QueryRow("SELECT user, privileges, private FROM tokens WHERE token = ? LIMIT 1", fmt.Sprintf("%x", md5.Sum([]byte(token)))).Scan(&uid, &privs, &priv8)
|
|
if priv8 {
|
|
privs = common.PrivilegeRead | common.PrivilegeReadConfidential | common.PrivilegeWrite
|
|
}
|
|
switch {
|
|
case err == sql.ErrNoRows:
|
|
return common.Token{}, false
|
|
case err != nil:
|
|
panic(err)
|
|
default:
|
|
return common.Token{
|
|
Value: token,
|
|
UserID: uid,
|
|
Privileges: common.Privileges(privs),
|
|
}, true
|
|
}
|
|
}
|