mirror/phylum
1
0
Fork 0
mirror of https://codeberg.org/shroff/phylum.git synced 2026-01-06 03:31:02 -06:00
Code Issues Packages Projects Releases Wiki Activity

[server][auth] Add support for named api keys

Browse Source
This commit is contained in:
Abhishek Shroff
2025-07-09 21:38:45 +05:30
parent 3c347e848f
commit 86e2f15c65
5 changed files with 18 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
server/internal/auth/api_key.go
View File

@@ -26,14 +26,15 @@ func VerifyAPIKey(db db.Handler, apiKey string) (user core.User, err error) {
return
}
func insertAPIKey(db db.TxHandler, userID int32) (string, error) {
const q = `INSERT INTO api_keys(key, expires, user_id) VALUES (@key::TEXT, @expires::TIMESTAMPTZ, @user_id::INT)`
func insertAPIKey(db db.TxHandler, userID int32, keyName string) (string, error) {
const q = `INSERT INTO api_keys(key, expires, user_id, name) VALUES (@key::TEXT, @expires::TIMESTAMPTZ, @user_id::INT, NULLIF(@key_name, ''))`
key := generateSecureKey(apiKeyLength)
args := pgx.NamedArgs{
"key": key,
"expires": time.Now().Add(apiKeyValidity),
"user_id": userID,
"key": key,
"expires": time.Now().Add(apiKeyValidity),
"user_id": userID,
"key_name": keyName,
}
if _, err := db.Exec(q, args); err != nil {
return "", err

2
server/internal/auth/password.go
View File

@@ -34,7 +34,7 @@ func VerifyUserPassword(d db.Handler, email, password string) (core.User, error)
func PerformPasswordLogin(db db.TxHandler, email, password string) (core.User, string, error) {
if user, err := VerifyUserPassword(db, email, password); err != nil {
return core.User{}, "", err
} else if token, err := insertAPIKey(db, user.ID); err != nil {
} else if token, err := insertAPIKey(db, user.ID, ""); err != nil {
return core.User{}, "", err
} else {
return user, token, nil

2
server/internal/auth/password_reset.go
View File

@@ -66,7 +66,7 @@ func ResetUserPassword(db db.TxHandler, email, resetToken, password string) (cor
return core.User{}, "", ErrCredentialsInvalid
}
apiToken, err := insertAPIKey(db, user.ID)
apiToken, err := insertAPIKey(db, user.ID, "")
if err != nil {
return core.User{}, "", err
}

2
server/internal/auth/token.go
View File

@@ -23,7 +23,7 @@ func PerformTokenLogin(db db.TxHandler, token string) (core.User, string, error)
return core.User{}, "", core.NewError(http.StatusBadRequest, "login_token_invalid", "The given login token is invalid")
} else if user, err := core.UserByID(db, userID); err != nil {
return core.User{}, "", err
} else if token, err := insertAPIKey(db, userID); err != nil {
} else if token, err := insertAPIKey(db, userID, ""); err != nil {
return core.User{}, "", err
} else {
return user, token, err

9
server/internal/db/migrations/017_api_keys_name.sql Normal file
View File

@@ -0,0 +1,9 @@
ALTER TABLE api_keys ADD COLUMN name TEXT;
CREATE UNIQUE INDEX unique_named_user_key ON api_keys(user_id, name);
---- create above / drop below ----
DROP INDEX unique_named_user_key;
ALTER TABLE api_keys DROP COLUMN name;