focalboard/server/auth/auth.go

package auth

import (
	"database/sql"
	"time"

	"github.com/mattermost/focalboard/server/model"
	"github.com/mattermost/focalboard/server/services/config"
	"github.com/mattermost/focalboard/server/services/store"
	"github.com/pkg/errors"
)

// Auth authenticates sessions
type Auth struct {
	config *config.Configuration
	store  store.Store
}

// New returns a new Auth
func New(config *config.Configuration, store store.Store) *Auth {
	return &Auth{config: config, store: store}
}

// GetSession Get a user active session and refresh the session if is needed
func (a *Auth) GetSession(token string) (*model.Session, error) {
	if len(token) < 1 {
		return nil, errors.New("no session token")
	}

	session, err := a.store.GetSession(token, a.config.SessionExpireTime)
	if err != nil {
		return nil, errors.Wrap(err, "unable to get the session for the token")
	}
	if session.UpdateAt < (time.Now().Unix() - a.config.SessionRefreshTime) {
		a.store.RefreshSession(session)
	}
	return session, nil
}

// IsValidReadToken validates the read token for a block
func (a *Auth) IsValidReadToken(c store.Container, blockID string, readToken string) (bool, error) {
	rootID, err := a.store.GetRootID(c, blockID)
	if err != nil {
		return false, err
	}

	sharing, err := a.store.GetSharing(c, rootID)
	if err == sql.ErrNoRows {
		return false, nil
	}
	if err != nil {
		return false, err
	}

	if sharing != nil && (sharing.ID == rootID && sharing.Enabled && sharing.Token == readToken) {
		return true, nil
	}

	return false, nil
}
Websocket auth 2021-02-02 21:06:28 +01:00			`package auth`

			`import (`
Auth readToken in websocket 2021-02-03 03:15:03 +01:00			`"database/sql"`
Websocket auth 2021-02-02 21:06:28 +01:00			`"time"`

			`"github.com/mattermost/focalboard/server/model"`
			`"github.com/mattermost/focalboard/server/services/config"`
			`"github.com/mattermost/focalboard/server/services/store"`
			`"github.com/pkg/errors"`
			`)`

			`// Auth authenticates sessions`
			`type Auth struct {`
			`config *config.Configuration`
			`store store.Store`
			`}`

			`// New returns a new Auth`
			`func New(config config.Configuration, store store.Store) Auth {`
			`return &Auth{config: config, store: store}`
			`}`

			`// GetSession Get a user active session and refresh the session if is needed`
			`func (a Auth) GetSession(token string) (model.Session, error) {`
			`if len(token) < 1 {`
			`return nil, errors.New("no session token")`
			`}`

			`session, err := a.store.GetSession(token, a.config.SessionExpireTime)`
			`if err != nil {`
			`return nil, errors.Wrap(err, "unable to get the session for the token")`
			`}`
			`if session.UpdateAt < (time.Now().Unix() - a.config.SessionRefreshTime) {`
			`a.store.RefreshSession(session)`
			`}`
			`return session, nil`
			`}`
Auth readToken in websocket 2021-02-03 03:15:03 +01:00
			`// IsValidReadToken validates the read token for a block`
Workspace backend support 2021-03-26 19:01:54 +01:00			`func (a *Auth) IsValidReadToken(c store.Container, blockID string, readToken string) (bool, error) {`
			`rootID, err := a.store.GetRootID(c, blockID)`
Auth readToken in websocket 2021-02-03 03:15:03 +01:00			`if err != nil {`
			`return false, err`
			`}`

Workspace backend support 2021-03-26 19:01:54 +01:00			`sharing, err := a.store.GetSharing(c, rootID)`
Auth readToken in websocket 2021-02-03 03:15:03 +01:00			`if err == sql.ErrNoRows {`
			`return false, nil`
			`}`
			`if err != nil {`
			`return false, err`
			`}`

			`if sharing != nil && (sharing.ID == rootID && sharing.Enabled && sharing.Token == readToken) {`
			`return true, nil`
			`}`

			`return false, nil`
			`}`