X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Foauth%2Fauthorization.ex;h=23e8eb7b1d81397326b20577ae3a30ff5fad5af0;hb=bb864e96ad4e0be470da78baa000019f571e30db;hp=9423c9632b6570b7c6ff67fcf509a5c432fcd36e;hpb=2a298d70f9938d1b6d5af04d8b8863fdd3299f46;p=akkoma diff --git a/lib/pleroma/web/oauth/authorization.ex b/lib/pleroma/web/oauth/authorization.ex index 9423c9632..23e8eb7b1 100644 --- a/lib/pleroma/web/oauth/authorization.ex +++ b/lib/pleroma/web/oauth/authorization.ex @@ -1,30 +1,48 @@ defmodule Pleroma.Web.OAuth.Authorization do use Ecto.Schema - alias Pleroma.{App, User, Repo} - alias Pleroma.Web.OAuth.Authorization + alias Pleroma.{User, Repo} + alias Pleroma.Web.OAuth.{Authorization, App} + + import Ecto.{Changeset} schema "oauth_authorizations" do - field :token, :string - field :valid_until, :naive_datetime - field :used, :boolean, default: false - belongs_to :user, Pleroma.User - belongs_to :app, Pleroma.App + field(:token, :string) + field(:valid_until, :naive_datetime) + field(:used, :boolean, default: false) + belongs_to(:user, Pleroma.User) + belongs_to(:app, App) timestamps() end def create_authorization(%App{} = app, %User{} = user) do - token = :crypto.strong_rand_bytes(32) |> Base.url_encode64 + token = :crypto.strong_rand_bytes(32) |> Base.url_encode64() authorization = %Authorization{ token: token, used: false, user_id: user.id, app_id: app.id, - valid_until: NaiveDateTime.add(NaiveDateTime.utc_now, 60 * 10) + valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10) } Repo.insert(authorization) end + + def use_changeset(%Authorization{} = auth, params) do + auth + |> cast(params, [:used]) + |> validate_required([:used]) + end + + def use_token(%Authorization{used: false, valid_until: valid_until} = auth) do + if NaiveDateTime.diff(NaiveDateTime.utc_now(), valid_until) < 0 do + Repo.update(use_changeset(auth, %{used: true})) + else + {:error, "token expired"} + end + end + + def use_token(%Authorization{used: true}), do: {:error, "already used"} end