blob: f1ee14980e1d1ce7ebe5b58c6c7a727efaf85526 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
package token
import (
"errors"
"log"
"tildegit.org/andinus/perseus/storage/sqlite3"
"tildegit.org/andinus/perseus/user"
)
// ValToken will validate the token and returns an error. If error
// doesn't equal nil then consider token invalid.
func ValToken(db *sqlite3.DB, uInfo map[string]string) error {
// Acquire read lock on the database.
db.Mu.RLock()
defer db.Mu.RUnlock()
u := user.User{}
u.SetUsername(uInfo["username"])
// Set user id from username.
err := u.GetID(db)
if err != nil {
log.Printf("auth/token.go: %s\n",
"failed to get id from username")
return err
}
// Check if user's token is valid.
stmt, err := db.Conn.Prepare("SELECT token FROM access WHERE id = ?")
if err != nil {
log.Printf("auth/token.go: %s\n",
"failed to prepare statement")
return err
}
defer stmt.Close()
var token string
err = stmt.QueryRow(u.ID()).Scan(&token)
if err != nil {
log.Printf("auth/token.go: %s\n",
"query failed")
return err
}
if token != uInfo["token"] {
err = errors.New("token mismatch")
}
return err
}
|