Make auth tokens usable once and expire them.

author: Roger Braun <roger@rogerbraun.net> 2017-09-09 12:02:59 +0200
committer: Roger Braun <roger@rogerbraun.net> 2017-09-09 12:02:59 +0200
commit: 95cedd60004893fd646735d17f7196297c38e22c (patch)
tree: 9915027eb19f458aa8627f8ac886518a27e41d79 /lib/pleroma/web/oauth/authorization.ex
parent: 890503ca1ea4308664d31622eb19208757a4c881 (diff)
download: pleroma-95cedd60004893fd646735d17f7196297c38e22c.tar.gz
1 files changed, 17 insertions, 0 deletions
diff --git a/lib/pleroma/web/oauth/authorization.ex b/lib/pleroma/web/oauth/authorization.ex
index c47289455..1ba5be602 100644
--- a/lib/pleroma/web/oauth/authorization.ex
+++ b/lib/pleroma/web/oauth/authorization.ex
@@ -4,6 +4,8 @@ defmodule Pleroma.Web.OAuth.Authorization do
   alias Pleroma.{User, Repo}
   alias Pleroma.Web.OAuth.{Authorization, App}
 
+  import Ecto.{Changeset}
+
   schema "oauth_authorizations" do
     field :token, :string
     field :valid_until, :naive_datetime
@@ -27,4 +29,19 @@ defmodule Pleroma.Web.OAuth.Authorization do
 
     Repo.insert(authorization)
   end
+
+  def use_changeset(%Authorization{} = auth, params) do
+    auth
+    |> cast(params, [:used])
+    |> validate_required([:used])
+  end
+
+  def use_token(%Authorization{used: false, valid_until: valid_until} = auth) do
+    if NaiveDateTime.diff(NaiveDateTime.utc_now, valid_until) < 0 do
+      Repo.update(use_changeset(auth, %{used: true}))
+    else
+      {:error, "token expired"}
+    end
+  end
+  def use_token(%Authorization{used: true}), do: {:error, "already used"}
 end
author	Roger Braun <roger@rogerbraun.net>	2017-09-09 12:02:59 +0200
committer	Roger Braun <roger@rogerbraun.net>	2017-09-09 12:02:59 +0200
commit	95cedd60004893fd646735d17f7196297c38e22c (patch)
tree	9915027eb19f458aa8627f8ac886518a27e41d79 /lib/pleroma/web/oauth/authorization.ex
parent	890503ca1ea4308664d31622eb19208757a4c881 (diff)
download	pleroma-95cedd60004893fd646735d17f7196297c38e22c.tar.gz