X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;ds=inline;f=lib%2Fpleroma%2Fweb%2Foauth%2Ftoken.ex;h=ca9e718ac8a27b562c4de9936500f50bddc51b23;hb=3b141194715e362d65482672d00b10991d102fa2;hp=49e72428c808fa4e99dc3a70fe758b4c6f301848;hpb=2a298d70f9938d1b6d5af04d8b8863fdd3299f46;p=akkoma

diff --git a/lib/pleroma/web/oauth/token.ex b/lib/pleroma/web/oauth/token.ex
index 49e72428c..ca9e718ac 100644
--- a/lib/pleroma/web/oauth/token.ex
+++ b/lib/pleroma/web/oauth/token.ex
@@ -1,31 +1,55 @@
+# Pleroma: A lightweight social networking server
+# Copyright Â© 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.OAuth.Token do
   use Ecto.Schema
 
-  alias Pleroma.{App, User, Repo}
+  import Ecto.Query
+
+  alias Pleroma.User
+  alias Pleroma.Repo
   alias Pleroma.Web.OAuth.Token
+  alias Pleroma.Web.OAuth.App
+  alias Pleroma.Web.OAuth.Authorization
 
   schema "oauth_tokens" do
-    field :token, :string
-    field :refresh_token, :string
-    field :valid_until, :naive_datetime
-    belongs_to :user, Pleroma.User
-    belongs_to :app, Pleroma.App
+    field(:token, :string)
+    field(:refresh_token, :string)
+    field(:valid_until, :naive_datetime)
+    belongs_to(:user, Pleroma.User, type: Pleroma.FlakeId)
+    belongs_to(:app, App)
 
     timestamps()
   end
 
+  def exchange_token(app, auth) do
+    with {:ok, auth} <- Authorization.use_token(auth),
+         true <- auth.app_id == app.id do
+      create_token(app, Repo.get(User, auth.user_id))
+    end
+  end
+
   def create_token(%App{} = app, %User{} = user) do
-    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64
-    refresh_token = :crypto.strong_rand_bytes(32) |> Base.url_encode64
+    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
+    refresh_token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
 
     token = %Token{
       token: token,
       refresh_token: refresh_token,
       user_id: user.id,
       app_id: app.id,
-      valid_until: NaiveDateTime.add(NaiveDateTime.utc_now, 60 * 10)
+      valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)
     }
 
     Repo.insert(token)
   end
+
+  def delete_user_tokens(%User{id: user_id}) do
+    from(
+      t in Pleroma.Web.OAuth.Token,
+      where: t.user_id == ^user_id
+    )
+    |> Repo.delete_all()
+  end
 end