scottk/databunker
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/databunker.git synced 2025-11-03 19:37:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

save root token in memory

Browse Source
This commit is contained in:
stremovsky
2019-12-20 12:12:18 +02:00
parent be5cb6f551
commit 643166b90c
4 changed files with 26 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/bunker.go
View File

@@ -263,7 +263,7 @@ func main() {
//log.Panic("error %s", err.Error())
log.Fatalf("db init error %s", err.Error())
}
rootToken, err := db.createRootToken()
rootToken, err := db.createRootXtoken()
if err != nil {
//log.Panic("error %s", err.Error())
fmt.Printf("error %s", err.Error())

2
src/users_api.go
View File

@@ -269,7 +269,7 @@ func (e mainEnv) userLoginEnter(w http.ResponseWriter, r *http.Request, ps httpr
if tmp == tmpCode {
// user ented correct key
// generate temp user access code
xtoken, err := e.db.generateUserLoginXToken(userTOKEN)
xtoken, err := e.db.generateUserLoginXtoken(userTOKEN)
fmt.Printf("generate user access token: %s\n", xtoken)
if err != nil {
returnError(w, r, "internal error", 405, err, event)

2
src/users_test.go
View File

@@ -34,7 +34,7 @@ func init() {
e := mainEnv{db, cfg}
db.initDB()
var err error
rootToken, err = db.createRootToken()
rootToken, err = db.createRootXtoken()
if err != nil {
//log.Panic("error %s", err.Error())
fmt.Printf("error %s", err.Error())

31
src/xtokens_db.go
View File

@@ -9,6 +9,8 @@ import (
"go.mongodb.org/mongo-driver/bson"
)
var rootXTOKEN string
func (dbobj dbcon) getRootXtoken() (string, error) {
record, err := dbobj.getRecord(TblName.Xtokens, "type", "root")
if err != nil {
@@ -20,7 +22,7 @@ func (dbobj dbcon) getRootXtoken() (string, error) {
return record["xtoken"].(string), nil
}
func (dbobj dbcon) createRootToken() (string, error) {
func (dbobj dbcon) createRootXtoken() (string, error) {
rootToken, err := dbobj.getRootXtoken()
if len(rootToken) > 0 {
return rootToken, nil
@@ -39,13 +41,13 @@ func (dbobj dbcon) createRootToken() (string, error) {
return rootToken, nil
}
func (dbobj dbcon) generateUserLoginXToken(userTOKEN string) (string, error) {
if isValidUUID(userTOKEN) == false {
func (dbobj dbcon) generateUserLoginXtoken(userXTOKEN string) (string, error) {
if isValidUUID(userXTOKEN) == false {
return "", errors.New("bad token format")
}
// check if user record exists
record, err := dbobj.lookupUserRecord(userTOKEN)
record, err := dbobj.lookupUserRecord(userXTOKEN)
if record == nil || err != nil {
// not found
return "", errors.New("not found")
@@ -58,7 +60,7 @@ func (dbobj dbcon) generateUserLoginXToken(userTOKEN string) (string, error) {
// by default login token for 30 minutes only
expired := int32(time.Now().Unix()) + 10*60
bdoc := bson.M{}
bdoc["token"] = userTOKEN
bdoc["token"] = userXTOKEN
bdoc["xtoken"] = tokenUUID
bdoc["type"] = "login"
bdoc["endtime"] = expired
@@ -69,17 +71,23 @@ func (dbobj dbcon) generateUserLoginXToken(userTOKEN string) (string, error) {
return tokenUUID, nil
}
func (dbobj dbcon) checkXtoken(tokenUUID string) bool {
func (dbobj dbcon) checkXtoken(xtokenUUID string) bool {
//fmt.Printf("Token0 %s\n", tokenUUID)
if isValidUUID(tokenUUID) == false {
if isValidUUID(xtokenUUID) == false {
return false
}
record, err := dbobj.getRecord(TblName.Xtokens, "xtoken", tokenUUID)
if len(rootXTOKEN) > 0 && rootXTOKEN == xtokenUUID {
fmt.Println("It is a root token")
return true
}
record, err := dbobj.getRecord(TblName.Xtokens, "xtoken", xtokenUUID)
if record == nil || err != nil {
return false
}
tokenType := record["type"].(string)
if tokenType == "root" {
rootXTOKEN = xtokenUUID
return true
}
return false
@@ -90,6 +98,12 @@ func (dbobj dbcon) checkUserAuthXToken(xtokenUUID string) (tokenAuthResult, erro
if isValidUUID(xtokenUUID) == false {
return result, errors.New("failed to authenticate")
}
if len(rootXTOKEN) > 0 && rootXTOKEN == xtokenUUID {
fmt.Println("It is a root token")
result.ttype = "root"
result.name = "root"
return result, nil
}
record, err := dbobj.getRecord(TblName.Xtokens, "xtoken", xtokenUUID)
if record == nil || err != nil {
return result, errors.New("failed to authenticate")
@@ -98,6 +112,7 @@ func (dbobj dbcon) checkUserAuthXToken(xtokenUUID string) (tokenAuthResult, erro
fmt.Printf("token type: %s\n", tokenType)
if tokenType == "root" {
// we have this admin user
rootXTOKEN = xtokenUUID
result.ttype = "root"
result.name = "root"
return result, nil