scottk/databunker
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/databunker.git synced 2025-11-04 03:47:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

save root token in memory

Browse Source
This commit is contained in:
stremovsky
2019-12-20 12:12:18 +02:00
parent be5cb6f551
commit 643166b90c
4 changed files with 26 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/bunker.go
View File

@@ -263,7 +263,7 @@ func main() {
//log.Panic("error %s", err.Error()) //log.Panic("error %s", err.Error())
log.Fatalf("db init error %s", err.Error()) log.Fatalf("db init error %s", err.Error())
} }
rootToken, err := db.createRootToken() rootToken, err := db.createRootXtoken()
if err != nil { if err != nil {
//log.Panic("error %s", err.Error()) //log.Panic("error %s", err.Error())
fmt.Printf("error %s", err.Error()) fmt.Printf("error %s", err.Error())

2
src/users_api.go
View File

@@ -269,7 +269,7 @@ func (e mainEnv) userLoginEnter(w http.ResponseWriter, r *http.Request, ps httpr
if tmp == tmpCode { if tmp == tmpCode {
// user ented correct key // user ented correct key
// generate temp user access code // generate temp user access code
xtoken, err := e.db.generateUserLoginXToken(userTOKEN) xtoken, err := e.db.generateUserLoginXtoken(userTOKEN)
fmt.Printf("generate user access token: %s\n", xtoken) fmt.Printf("generate user access token: %s\n", xtoken)
if err != nil { if err != nil {
returnError(w, r, "internal error", 405, err, event) returnError(w, r, "internal error", 405, err, event)

2
src/users_test.go
View File

@@ -34,7 +34,7 @@ func init() {
e := mainEnv{db, cfg} e := mainEnv{db, cfg}
db.initDB() db.initDB()
var err error var err error
rootToken, err = db.createRootToken() rootToken, err = db.createRootXtoken()
if err != nil { if err != nil {
//log.Panic("error %s", err.Error()) //log.Panic("error %s", err.Error())
fmt.Printf("error %s", err.Error()) fmt.Printf("error %s", err.Error())

31
src/xtokens_db.go
View File

@@ -9,6 +9,8 @@ import (
"go.mongodb.org/mongo-driver/bson" "go.mongodb.org/mongo-driver/bson"
) )
var rootXTOKEN string
func (dbobj dbcon) getRootXtoken() (string, error) { func (dbobj dbcon) getRootXtoken() (string, error) {
record, err := dbobj.getRecord(TblName.Xtokens, "type", "root") record, err := dbobj.getRecord(TblName.Xtokens, "type", "root")
if err != nil { if err != nil {
@@ -20,7 +22,7 @@ func (dbobj dbcon) getRootXtoken() (string, error) {
return record["xtoken"].(string), nil return record["xtoken"].(string), nil
} }
func (dbobj dbcon) createRootToken() (string, error) { func (dbobj dbcon) createRootXtoken() (string, error) {
rootToken, err := dbobj.getRootXtoken() rootToken, err := dbobj.getRootXtoken()
if len(rootToken) > 0 { if len(rootToken) > 0 {
return rootToken, nil return rootToken, nil
@@ -39,13 +41,13 @@ func (dbobj dbcon) createRootToken() (string, error) {
return rootToken, nil return rootToken, nil
} }
func (dbobj dbcon) generateUserLoginXToken(userTOKEN string) (string, error) { func (dbobj dbcon) generateUserLoginXtoken(userXTOKEN string) (string, error) {
if isValidUUID(userTOKEN) == false { if isValidUUID(userXTOKEN) == false {
return "", errors.New("bad token format") return "", errors.New("bad token format")
} }
// check if user record exists // check if user record exists
record, err := dbobj.lookupUserRecord(userTOKEN) record, err := dbobj.lookupUserRecord(userXTOKEN)
if record == nil || err != nil { if record == nil || err != nil {
// not found // not found
return "", errors.New("not found") return "", errors.New("not found")
@@ -58,7 +60,7 @@ func (dbobj dbcon) generateUserLoginXToken(userTOKEN string) (string, error) {
// by default login token for 30 minutes only // by default login token for 30 minutes only
expired := int32(time.Now().Unix()) + 10*60 expired := int32(time.Now().Unix()) + 10*60
bdoc := bson.M{} bdoc := bson.M{}
bdoc["token"] = userTOKEN bdoc["token"] = userXTOKEN
bdoc["xtoken"] = tokenUUID bdoc["xtoken"] = tokenUUID
bdoc["type"] = "login" bdoc["type"] = "login"
bdoc["endtime"] = expired bdoc["endtime"] = expired
@@ -69,17 +71,23 @@ func (dbobj dbcon) generateUserLoginXToken(userTOKEN string) (string, error) {
return tokenUUID, nil return tokenUUID, nil
} }
func (dbobj dbcon) checkXtoken(tokenUUID string) bool { func (dbobj dbcon) checkXtoken(xtokenUUID string) bool {
//fmt.Printf("Token0 %s\n", tokenUUID) //fmt.Printf("Token0 %s\n", tokenUUID)
if isValidUUID(tokenUUID) == false { if isValidUUID(xtokenUUID) == false {
return false return false
} }
record, err := dbobj.getRecord(TblName.Xtokens, "xtoken", tokenUUID) if len(rootXTOKEN) > 0 && rootXTOKEN == xtokenUUID {
fmt.Println("It is a root token")
return true
}
record, err := dbobj.getRecord(TblName.Xtokens, "xtoken", xtokenUUID)
if record == nil || err != nil { if record == nil || err != nil {
return false return false
} }
tokenType := record["type"].(string) tokenType := record["type"].(string)
if tokenType == "root" { if tokenType == "root" {
rootXTOKEN = xtokenUUID
return true return true
} }
return false return false
@@ -90,6 +98,12 @@ func (dbobj dbcon) checkUserAuthXToken(xtokenUUID string) (tokenAuthResult, erro
if isValidUUID(xtokenUUID) == false { if isValidUUID(xtokenUUID) == false {
return result, errors.New("failed to authenticate") return result, errors.New("failed to authenticate")
} }
if len(rootXTOKEN) > 0 && rootXTOKEN == xtokenUUID {
fmt.Println("It is a root token")
result.ttype = "root"
result.name = "root"
return result, nil
}
record, err := dbobj.getRecord(TblName.Xtokens, "xtoken", xtokenUUID) record, err := dbobj.getRecord(TblName.Xtokens, "xtoken", xtokenUUID)
if record == nil || err != nil { if record == nil || err != nil {
return result, errors.New("failed to authenticate") return result, errors.New("failed to authenticate")
@@ -98,6 +112,7 @@ func (dbobj dbcon) checkUserAuthXToken(xtokenUUID string) (tokenAuthResult, erro
fmt.Printf("token type: %s\n", tokenType) fmt.Printf("token type: %s\n", tokenType)
if tokenType == "root" { if tokenType == "root" {
// we have this admin user // we have this admin user
rootXTOKEN = xtokenUUID
result.ttype = "root" result.ttype = "root"
result.name = "root" result.name = "root"
return result, nil return result, nil