focalboard/server/auth/auth.go

69 lines
1.7 KiB
Go
Raw Normal View History

2021-02-02 21:06:28 +01:00
package auth
import (
2021-02-03 03:15:03 +01:00
"database/sql"
2021-02-02 21:06:28 +01:00
"time"
"github.com/mattermost/focalboard/server/model"
"github.com/mattermost/focalboard/server/services/config"
"github.com/mattermost/focalboard/server/services/store"
"github.com/pkg/errors"
)
// Auth authenticates sessions
type Auth struct {
config *config.Configuration
store store.Store
}
// New returns a new Auth
func New(config *config.Configuration, store store.Store) *Auth {
return &Auth{config: config, store: store}
}
// GetSession Get a user active session and refresh the session if is needed
func (a *Auth) GetSession(token string) (*model.Session, error) {
if len(token) < 1 {
return nil, errors.New("no session token")
}
session, err := a.store.GetSession(token, a.config.SessionExpireTime)
if err != nil {
return nil, errors.Wrap(err, "unable to get the session for the token")
}
if session.UpdateAt < (time.Now().Unix() - a.config.SessionRefreshTime) {
a.store.RefreshSession(session)
}
return session, nil
}
2021-02-03 03:15:03 +01:00
// IsValidReadToken validates the read token for a block
2021-03-26 19:01:54 +01:00
func (a *Auth) IsValidReadToken(c store.Container, blockID string, readToken string) (bool, error) {
rootID, err := a.store.GetRootID(c, blockID)
2021-02-03 03:15:03 +01:00
if err != nil {
return false, err
}
2021-03-26 19:01:54 +01:00
sharing, err := a.store.GetSharing(c, rootID)
2021-02-03 03:15:03 +01:00
if err == sql.ErrNoRows {
return false, nil
}
if err != nil {
return false, err
}
if sharing != nil && (sharing.ID == rootID && sharing.Enabled && sharing.Token == readToken) {
return true, nil
}
return false, nil
}
func (a *Auth) DoesUserHaveWorkspaceAccess(userID string, workspaceID string) bool {
hasAccess, err := a.store.HasWorkspaceAccess(userID, workspaceID)
if err != nil {
return false
}
return hasAccess
}