forked from mirrors/pronouns.cc
feat(backend): add max invites to /users/@me responses, use token ID for DELETE /auth/tokens/{id}
This commit is contained in:
Sam
parent
10adeec841
commit
62b2e3ca0d
5 changed files with 23 additions and 5 deletions
|
|
@ -81,8 +81,8 @@ func (db *DB) SaveToken(ctx context.Context, userID xid.ID, tokenID xid.ID) (t T
|
|||
|
||||
func (db *DB) InvalidateToken(ctx context.Context, userID xid.ID, tokenID xid.ID) (t Token, err error) {
|
||||
sql, args, err := sq.Update("tokens").
|
||||
Where("user_id = ?").
|
||||
Where("token_id = ?").
|
||||
Where("user_id = ?", userID).
|
||||
Where("token_id = ?", tokenID).
|
||||
Set("invalidated", true).
|
||||
Suffix("RETURNING *").
|
||||
ToSql()
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ func Mount(srv *server.Server, r chi.Router) {
|
|||
// tokens
|
||||
r.With(server.MustAuth).Get("/tokens", server.WrapHandler(s.getTokens))
|
||||
r.With(server.MustAuth).Post("/tokens", server.WrapHandler(s.createToken))
|
||||
r.With(server.MustAuth).Delete("/tokens", server.WrapHandler(s.deleteToken))
|
||||
r.With(server.MustAuth).Delete("/tokens/{id}", server.WrapHandler(s.deleteToken))
|
||||
})
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,9 @@ import (
|
|||
"codeberg.org/u1f320/pronouns.cc/backend/db"
|
||||
"codeberg.org/u1f320/pronouns.cc/backend/server"
|
||||
"emperror.dev/errors"
|
||||
"github.com/go-chi/chi/v5"
|
||||
"github.com/go-chi/render"
|
||||
"github.com/jackc/pgx/v4"
|
||||
"github.com/rs/xid"
|
||||
)
|
||||
|
||||
|
|
@ -53,8 +55,17 @@ func (s *Server) deleteToken(w http.ResponseWriter, r *http.Request) error {
|
|||
ctx := r.Context()
|
||||
claims, _ := server.ClaimsFromContext(ctx)
|
||||
|
||||
t, err := s.DB.InvalidateToken(ctx, claims.UserID, claims.TokenID)
|
||||
tokenID, err := xid.FromString(chi.URLParam(r, "id"))
|
||||
if err != nil {
|
||||
return server.APIError{Code: server.ErrBadRequest}
|
||||
}
|
||||
|
||||
t, err := s.DB.InvalidateToken(ctx, claims.UserID, tokenID)
|
||||
if err != nil {
|
||||
if errors.Cause(err) == pgx.ErrNoRows {
|
||||
return server.APIError{Code: server.ErrNotFound}
|
||||
}
|
||||
|
||||
return errors.Wrap(err, "invalidating token")
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -27,6 +27,7 @@ type GetUserResponse struct {
|
|||
type GetMeResponse struct {
|
||||
GetUserResponse
|
||||
|
||||
MaxInvites int `json:"max_invites"`
|
||||
Discord *string `json:"discord"`
|
||||
DiscordUsername *string `json:"discord_username"`
|
||||
}
|
||||
|
|
@ -156,6 +157,7 @@ func (s *Server) getMeUser(w http.ResponseWriter, r *http.Request) error {
|
|||
|
||||
render.JSON(w, r, GetMeResponse{
|
||||
GetUserResponse: dbUserToResponse(u, fields, members),
|
||||
MaxInvites: u.MaxInvites,
|
||||
Discord: u.Discord,
|
||||
DiscordUsername: u.DiscordUsername,
|
||||
})
|
||||
|
|
|
|||
|
|
@ -212,7 +212,12 @@ func (s *Server) patchUser(w http.ResponseWriter, r *http.Request) error {
|
|||
}
|
||||
|
||||
// echo the updated user back on success
|
||||
render.JSON(w, r, dbUserToResponse(u, fields, nil))
|
||||
render.JSON(w, r, GetMeResponse{
|
||||
GetUserResponse: dbUserToResponse(u, fields, nil),
|
||||
MaxInvites: u.MaxInvites,
|
||||
Discord: u.Discord,
|
||||
DiscordUsername: u.DiscordUsername,
|
||||
})
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue