diff options
Diffstat (limited to 'app/models/user.go')
-rw-r--r-- | app/models/user.go | 28 |
1 files changed, 10 insertions, 18 deletions
diff --git a/app/models/user.go b/app/models/user.go index 4e37377..eb0ccbf 100644 --- a/app/models/user.go +++ b/app/models/user.go | |||
@@ -7,6 +7,7 @@ import ( | |||
7 | "code.crute.us/mcrute/golib/db/mongodb" | 7 | "code.crute.us/mcrute/golib/db/mongodb" |
8 | "go.mongodb.org/mongo-driver/bson" | 8 | "go.mongodb.org/mongo-driver/bson" |
9 | "go.mongodb.org/mongo-driver/bson/primitive" | 9 | "go.mongodb.org/mongo-driver/bson/primitive" |
10 | "golang.org/x/oauth2" | ||
10 | ) | 11 | ) |
11 | 12 | ||
12 | const userCol = "users" | 13 | const userCol = "users" |
@@ -18,22 +19,13 @@ type UserStore interface { | |||
18 | Delete(context.Context, *User) error | 19 | Delete(context.Context, *User) error |
19 | } | 20 | } |
20 | 21 | ||
21 | type AuthToken struct { | ||
22 | Kind string `json:"kind"` | ||
23 | Token string `json:"token"` | ||
24 | |||
25 | // Do not expose refresh tokens in JSON as they are long-lived tokens that | ||
26 | // are harder to invalidate and thus rather security sensitive. | ||
27 | RefreshToken string `json:"-"` | ||
28 | } | ||
29 | |||
30 | type User struct { | 22 | type User struct { |
31 | Username string `bson:"_id" json:"username"` | 23 | Username string `bson:"_id" json:"username"` |
32 | IsAdmin bool `json:"is_admin"` | 24 | IsAdmin bool `json:"is_admin"` |
33 | IsService bool `json:"is_service"` | 25 | IsService bool `json:"is_service"` |
34 | Keys map[string]*SessionKey `json:"keys,omitempty"` // kid -> key | 26 | Keys map[string]*SessionKey `json:"keys,omitempty"` // kid -> key |
35 | AuthTokens map[string]*AuthToken `json:"auth_tokens,omitempty"` // kind -> token | 27 | AuthTokens map[string]*oauth2.Token `json:"auth_tokens,omitempty"` // kind -> token |
36 | Deleted *time.Time `json:"deleted,omitempty"` | 28 | Deleted *time.Time `json:"deleted,omitempty"` |
37 | } | 29 | } |
38 | 30 | ||
39 | // GCKeys garbage collects keys that are no longer valid | 31 | // GCKeys garbage collects keys that are no longer valid |
@@ -62,11 +54,11 @@ func (u *User) AddKey(k *SessionKey) { | |||
62 | u.Keys[k.KeyId] = k | 54 | u.Keys[k.KeyId] = k |
63 | } | 55 | } |
64 | 56 | ||
65 | func (u *User) AddToken(t *AuthToken) { | 57 | func (u *User) AddToken(name string, t *oauth2.Token) { |
66 | if u.AuthTokens == nil { | 58 | if u.AuthTokens == nil { |
67 | u.AuthTokens = map[string]*AuthToken{} | 59 | u.AuthTokens = map[string]*oauth2.Token{} |
68 | } | 60 | } |
69 | u.AuthTokens[t.Kind] = t | 61 | u.AuthTokens[name] = t |
70 | } | 62 | } |
71 | 63 | ||
72 | type MongoDbUserStore struct { | 64 | type MongoDbUserStore struct { |