mirror of
https://code.mensbeam.com/MensBeam/Arsse.git
synced 2024-12-23 09:02:41 +00:00
Add token data to database
This commit is contained in:
parent
dd3e143212
commit
1b149e770c
5 changed files with 36 additions and 4 deletions
|
@ -39,7 +39,7 @@ use JKingWeb\Arsse\Misc\URL;
|
||||||
*/
|
*/
|
||||||
class Database {
|
class Database {
|
||||||
/** The version number of the latest schema the interface is aware of */
|
/** The version number of the latest schema the interface is aware of */
|
||||||
const SCHEMA_VERSION = 5;
|
const SCHEMA_VERSION = 6;
|
||||||
/** The size of a set of values beyond which the set will be embedded into the query text */
|
/** The size of a set of values beyond which the set will be embedded into the query text */
|
||||||
const LIMIT_SET_SIZE = 25;
|
const LIMIT_SET_SIZE = 25;
|
||||||
/** The length of a string in an embedded set beyond which a parameter placeholder will be used for the string */
|
/** The length of a string in an embedded set beyond which a parameter placeholder will be used for the string */
|
||||||
|
@ -404,8 +404,9 @@ class Database {
|
||||||
* @param string $class The class of the token e.g. the protocol name
|
* @param string $class The class of the token e.g. the protocol name
|
||||||
* @param string|null $id The value of the token; if none is provided a UUID will be generated
|
* @param string|null $id The value of the token; if none is provided a UUID will be generated
|
||||||
* @param \DateTimeInterface|null $expires An optional expiry date and time for the token
|
* @param \DateTimeInterface|null $expires An optional expiry date and time for the token
|
||||||
|
* @param string $data Application-specific data associated with a token
|
||||||
*/
|
*/
|
||||||
public function tokenCreate(string $user, string $class, string $id = null, \DateTimeInterface $expires = null): string {
|
public function tokenCreate(string $user, string $class, string $id = null, \DateTimeInterface $expires = null, string $data = null): string {
|
||||||
// If the user isn't authorized to perform this action then throw an exception.
|
// If the user isn't authorized to perform this action then throw an exception.
|
||||||
if (!Arsse::$user->authorize($user, __FUNCTION__)) {
|
if (!Arsse::$user->authorize($user, __FUNCTION__)) {
|
||||||
throw new User\ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
|
throw new User\ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
|
@ -415,7 +416,7 @@ class Database {
|
||||||
// generate a token if it's not provided
|
// generate a token if it's not provided
|
||||||
$id = $id ?? UUID::mint()->hex;
|
$id = $id ?? UUID::mint()->hex;
|
||||||
// save the token to the database
|
// save the token to the database
|
||||||
$this->db->prepare("INSERT INTO arsse_tokens(id,class,\"user\",expires) values(?,?,?,?)", "str", "str", "str", "datetime")->run($id, $class, $user, $expires);
|
$this->db->prepare("INSERT INTO arsse_tokens(id,class,\"user\",expires,data) values(?,?,?,?,?)", "str", "str", "str", "datetime", "str")->run($id, $class, $user, $expires, $data);
|
||||||
// return the ID
|
// return the ID
|
||||||
return $id;
|
return $id;
|
||||||
}
|
}
|
||||||
|
@ -441,7 +442,7 @@ class Database {
|
||||||
|
|
||||||
/** Look up data associated with a token */
|
/** Look up data associated with a token */
|
||||||
public function tokenLookup(string $class, string $id): array {
|
public function tokenLookup(string $class, string $id): array {
|
||||||
$out = $this->db->prepare("SELECT id,class,\"user\",created,expires from arsse_tokens where class = ? and id = ? and (expires is null or expires > CURRENT_TIMESTAMP)", "str", "str")->run($class, $id)->getRow();
|
$out = $this->db->prepare("SELECT id,class,\"user\",created,expires,data from arsse_tokens where class = ? and id = ? and (expires is null or expires > CURRENT_TIMESTAMP)", "str", "str")->run($class, $id)->getRow();
|
||||||
if (!$out) {
|
if (!$out) {
|
||||||
throw new Db\ExceptionInput("subjectMissing", ["action" => __FUNCTION__, "field" => "token", 'id' => $id]);
|
throw new Db\ExceptionInput("subjectMissing", ["action" => __FUNCTION__, "field" => "token", 'id' => $id]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -89,4 +89,7 @@ class Auth extends \JKingWeb\Arsse\REST\AbstractHandler {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected function doIssue(string $user, ServerRequestInterface $req): ResponseInterface {
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
9
sql/MySQL/5.sql
Normal file
9
sql/MySQL/5.sql
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
-- SPDX-License-Identifier: MIT
|
||||||
|
-- Copyright 2017 J. King, Dustin Wilson et al.
|
||||||
|
-- See LICENSE and AUTHORS files for details
|
||||||
|
|
||||||
|
-- Please consult the SQLite 3 schemata for commented version
|
||||||
|
|
||||||
|
alter table arsse_tokens add column data longtext default null;
|
||||||
|
|
||||||
|
update arsse_meta set value = '6' where "key" = 'schema_version';
|
9
sql/PostgreSQL/5.sql
Normal file
9
sql/PostgreSQL/5.sql
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
-- SPDX-License-Identifier: MIT
|
||||||
|
-- Copyright 2017 J. King, Dustin Wilson et al.
|
||||||
|
-- See LICENSE and AUTHORS files for details
|
||||||
|
|
||||||
|
-- Please consult the SQLite 3 schemata for commented version
|
||||||
|
|
||||||
|
alter table arsse_tokens add column data text default null;
|
||||||
|
|
||||||
|
update arsse_meta set value = '6' where "key" = 'schema_version';
|
10
sql/SQLite3/5.sql
Normal file
10
sql/SQLite3/5.sql
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
-- SPDX-License-Identifier: MIT
|
||||||
|
-- Copyright 2017 J. King, Dustin Wilson et al.
|
||||||
|
-- See LICENSE and AUTHORS files for details
|
||||||
|
|
||||||
|
-- add a column to the token table to hold arbitrary class-specific data
|
||||||
|
alter table arsse_tokens add column data text default null;
|
||||||
|
|
||||||
|
-- set version marker
|
||||||
|
pragma user_version = 6;
|
||||||
|
update arsse_meta set value = '6' where "key" = 'schema_version';
|
Loading…
Reference in a new issue