Home Explore Help
Register Sign In
oscarleiva
/
energylink
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

handle expired tokens

Marcus Efraimsson 7 years ago
parent
697ddccd8e
commit
565408194a
2 changed files with 15 additions and 5 deletions
Unified View Show Diff Stats
  1. 2 1
      pkg/services/auth/auth_token.go
  2. 13 4
      pkg/services/auth/auth_token_test.go

+ 2 - 1
pkg/services/auth/auth_token.go
View File 

@@ -141,9 +141,10 @@ func (s *UserAuthTokenService) CreateToken(userId int64, clientIP, userAgent str
 
 
 
 func (s *UserAuthTokenService) LookupToken(unhashedToken string) (*models.UserAuthToken, error) {
 
 func (s *UserAuthTokenService) LookupToken(unhashedToken string) (*models.UserAuthToken, error) {
 
 	hashedToken := hashToken(unhashedToken)
 
 	hashedToken := hashToken(unhashedToken)
 
+	expireBefore := now().Add(time.Duration(-86400*setting.LogInRememberDays) * time.Second).Unix()
 
 
 
 	var userToken models.UserAuthToken
 
 	var userToken models.UserAuthToken
 
-	exists, err := s.SQLStore.NewSession().Where("auth_token = ? OR prev_auth_token = ?", hashedToken, hashedToken).Get(&userToken)
 
+	exists, err := s.SQLStore.NewSession().Where("(auth_token = ? OR prev_auth_token = ?) AND created_at > ?", hashedToken, hashedToken, expireBefore).Get(&userToken)
 
 	if err != nil {
 
 	if err != nil {
 
 		return nil, err
 
 		return nil, err
 
 	}
 
 	}

+ 13 - 4
pkg/services/auth/auth_token_test.go
View File 

@@ -4,6 +4,8 @@ import (
 
 	"testing"
 
 	"testing"
 
 	"time"
 
 	"time"
 
 
 
+	"github.com/grafana/grafana/pkg/setting"
 
+
 
 	"github.com/grafana/grafana/pkg/log"
 
 	"github.com/grafana/grafana/pkg/log"
 
 	"github.com/grafana/grafana/pkg/models"
 
 	"github.com/grafana/grafana/pkg/models"
 
 	"github.com/grafana/grafana/pkg/services/sqlstore"
 
 	"github.com/grafana/grafana/pkg/services/sqlstore"
 
@@ -58,9 +60,13 @@ func TestUserAuthToken(t *testing.T) {
 
 			token, err = ctx.getAuthTokenByID(token.Id)
 
 			token, err = ctx.getAuthTokenByID(token.Id)
 
 			So(err, ShouldBeNil)
 
 			So(err, ShouldBeNil)
 
 
 
-			// set now (now - 23 hours)
 
-			_, err = userAuthTokenService.RefreshToken(token, "192.168.10.11:1234", "some user agent")
 
+			now = func() time.Time {
 
+				return t.Add(time.Hour)
 
+			}
 
+
 
+			refreshed, err := userAuthTokenService.RefreshToken(token, "192.168.10.11:1234", "some user agent")
 
 			So(err, ShouldBeNil)
 
 			So(err, ShouldBeNil)
 
+			So(refreshed, ShouldBeTrue)
 
 
 
 			_, err = userAuthTokenService.LookupToken(token.UnhashedToken)
 
 			_, err = userAuthTokenService.LookupToken(token.UnhashedToken)
 
 			So(err, ShouldBeNil)
 
 			So(err, ShouldBeNil)
 
@@ -69,7 +75,9 @@ func TestUserAuthToken(t *testing.T) {
 
 			So(err, ShouldBeNil)
 
 			So(err, ShouldBeNil)
 
 			So(stillGood, ShouldNotBeNil)
 
 			So(stillGood, ShouldNotBeNil)
 
 
 
-			// set now (new - 2 hours)
 
+			now = func() time.Time {
 
+				return t.Add(24 * 7 * time.Hour)
 
+			}
 
 			notGood, err := userAuthTokenService.LookupToken(token.UnhashedToken)
 
 			notGood, err := userAuthTokenService.LookupToken(token.UnhashedToken)
 
 			So(err, ShouldEqual, ErrAuthTokenNotFound)
 
 			So(err, ShouldEqual, ErrAuthTokenNotFound)
 
 			So(notGood, ShouldBeNil)
 
 			So(notGood, ShouldBeNil)
 
@@ -93,7 +101,7 @@ func TestUserAuthToken(t *testing.T) {
 
 
 
 			// ability to auth using an old token
 
 			// ability to auth using an old token
 
 			now = func() time.Time {
 
 			now = func() time.Time {
 
-				return t
 
+				return t.Add(time.Hour)
 
 			}
 
 			}
 
 
 
 			refreshed, err = userAuthTokenService.RefreshToken(token, "192.168.10.12:1234", "a new user agent")
 
 			refreshed, err = userAuthTokenService.RefreshToken(token, "192.168.10.12:1234", "a new user agent")
 
@@ -172,6 +180,7 @@ func createTestContext(t *testing.T) *testContext {
 
 
 
 	RotateTime = 10 * time.Minute
 
 	RotateTime = 10 * time.Minute
 
 	UrgentRotateTime = time.Minute
 
 	UrgentRotateTime = time.Minute
 
+	setting.LogInRememberDays = 7
 
 
 
 	return &testContext{
 
 	return &testContext{
 
 		sqlstore:     sqlstore,
 
 		sqlstore:     sqlstore,