1
package models
2

3
import (
4
    "time"
5

6
    "github.com/jinzhu/gorm"
7
)
8

9
const (
10
    // AccessToken token type
11
    AccessToken               string = "access_token"
12
    // RefreshToken token type
13
    RefreshToken              string = "refresh_token"
14
    // GrantToken token type
15
    GrantToken                string = "grant_token"
16

17
    // PublicScope session scope
18
    // This is used by public clients (they can't read or write user data)
19
    PublicScope               string = "public"
20
    // ReadScope session scope
21
    // This is used by confidential clients (they can only read user data)
22
    ReadScope                 string = "read"
23
    // ReadWriteScope session scope
24
    // No client is allowed to hold this scope (they can't write user data)
25
    ReadWriteScope            string = "read_write"
26
)
27

28
// Session model/struct
29
type Session struct {
30
    Model
31
    UUID string                 `gorm:"not null;unique;index" validate:"omitempty,uuid4" json:"-"`
32
    User User                   `gorm:"not null" validate:"exists" json:"-"`
33
    UserID uint                 `gorm:"not null" json:"-"`
34
    Client Client               `gorm:"not null" validate:"exists" json:"-"`
35
    ClientID uint               `gorm:"not null" json:"-"`
36
    Moment int64                `gorm:"not null" json:"moment"`
37
    ExpiresIn int64             `gorm:"not null;default:0" json:"expires_in"`
38
    IP string                   `gorm:"not null;index" validate:"required" json:"-"`
39
    UserAgent string            `gorm:"not null" validate:"required" json:"-"`
40
    Invalidated bool            `gorm:"not null;default:false"`
41
    Token string                `gorm:"not null;unique;index" validate:"omitempty,alphanum" json:"token"`
42
    TokenType string            `gorm:"not null;index" validate:"required,token" json:"token_type"`
43
    Scopes string               `gorm:"not null" validate:"required,scope" json:"-"`
44
}
45

46 0
func validScope(top interface{}, current interface{}, field interface{}, param string) bool {
47 0
    scope := field.(string)
48 0
    if scope != PublicScope && scope != ReadScope && scope != ReadWriteScope {
49 0
        return false
50
    }
51 0
    return true
52
}
53

54 0
func validTokenType(top interface{}, current interface{}, field interface{}, param string) bool {
55 0
    tokenType := field.(string)
56 0
    if tokenType != AccessToken && tokenType != RefreshToken && tokenType != GrantToken {
57 0
        return false
58
    }
59 0
    return true
60
}
61

62 0
func expirationLengthForTokenType(tokenType string) int64 {
63 0
    switch tokenType {
64 0
    case AccessToken:
65 0
        return largestExpirationLength
66 0
    case RefreshToken:
67 0
        return eternalExpirationLength
68 0
    case GrantToken:
69 0
        return machineryExpirationLength
70 0
    default:
71 0
        return defaultExpirationLength
72
    }
73
}
74

75
// BeforeSave Session model/struct hook
76 0
func (session *Session) BeforeSave(scope *gorm.Scope) error {
77 0
    return validateModel("validate", session)
78
}
79

80
// BeforeCreate Session model/struct hook
81 0
func (session *Session) BeforeCreate(scope *gorm.Scope) error {
82 0
    scope.SetColumn("Token", GenerateRandomString(64))
83 0
    scope.SetColumn("UUID", generateUUID())
84 0
    scope.SetColumn("Moment", time.Now().UTC().Unix())
85 0
    scope.SetColumn("ExpiresIn", expirationLengthForTokenType(session.TokenType))
86 0
    return nil
87
}
88

89
// WithinExpirationWindow checks if a Session entry is still valid (time-based)
90 0
func (session *Session) WithinExpirationWindow() bool {
91 0
    now := time.Now().UTC().Unix()
92 0
    return session.ExpiresIn == eternalExpirationLength || session.Moment + session.ExpiresIn >= now
93
}

Read our documentation on viewing source code .

Loading