168 lines
5.1 KiB
Rust
168 lines
5.1 KiB
Rust
/*
|
|
* Yggdrasil: Minecraft authentication server
|
|
* Copyright (C) 2023 0xf8.dev@proton.me
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
use anyhow::Result;
|
|
use log::debug;
|
|
use serde::{Deserialize, Serialize};
|
|
use sqlx::Error;
|
|
|
|
use structs::account::Account;
|
|
|
|
use crate::*;
|
|
|
|
#[derive(Deserialize, Serialize, Debug)]
|
|
pub struct Token {
|
|
pub id: i64,
|
|
pub access: String,
|
|
pub client: String,
|
|
pub account: Account,
|
|
pub issued: i64,
|
|
pub expires: i64,
|
|
}
|
|
|
|
impl Token {
|
|
pub async fn from_id(db: &Database, id: i64) -> Option<Self> {
|
|
let record = sqlx::query_as!(TokenRaw, "SELECT * FROM tokens WHERE id = $1", id)
|
|
.fetch_one(&db.pool)
|
|
.await;
|
|
|
|
match record {
|
|
Ok(r) => Some(r.complete(db).await),
|
|
Err(e) => { debug!("{e}"); None },
|
|
}
|
|
}
|
|
|
|
pub async fn from_access_token(db: &Database, access: String) -> Option<Self> {
|
|
let record = sqlx::query_as!(TokenRaw, "SELECT * FROM tokens WHERE access = $1", access)
|
|
.fetch_one(&db.pool)
|
|
.await;
|
|
|
|
match record {
|
|
Ok(r) => Some(r.complete(db).await),
|
|
Err(e) => { debug!("{e}"); None },
|
|
}
|
|
}
|
|
|
|
pub async fn from_client_token(db: &Database, client: String) -> Option<Self> {
|
|
let record = sqlx::query_as!(TokenRaw, "SELECT * FROM tokens WHERE client = $1", client)
|
|
.fetch_one(&db.pool)
|
|
.await;
|
|
|
|
match record {
|
|
Ok(r) => Some(r.complete(db).await),
|
|
Err(e) => { debug!("{e}"); None },
|
|
}
|
|
}
|
|
|
|
pub fn random_token() -> String {
|
|
random_string::generate(128, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_.")
|
|
}
|
|
|
|
pub fn rehyphenate(uuid: String) -> String {
|
|
format!("{}-{}-{}-{}-{}",
|
|
uuid[0..8].to_string(),
|
|
uuid[8..12].to_string(),
|
|
uuid[12..16].to_string(),
|
|
uuid[16..20].to_string(),
|
|
uuid[20..32].to_string()
|
|
)
|
|
}
|
|
|
|
pub async fn new(db: &Database, account: Account, client_token: String) -> Option<Token> {
|
|
let access_token = Self::random_token();
|
|
let issued = (get_unix_timestamp() / 1000) as i64;
|
|
let expires = issued + 604800;
|
|
|
|
let record = sqlx::query!("INSERT INTO tokens(access, client, account, issued, expires) VALUES ($1, $2, $3, $4, $5) RETURNING *",
|
|
access_token, client_token, account.id, issued, expires)
|
|
.fetch_one(&db.pool)
|
|
.await;
|
|
|
|
match record {
|
|
Ok(r) => Some(Token {
|
|
id: r.id,
|
|
access: access_token,
|
|
client: client_token,
|
|
account,
|
|
issued,
|
|
expires,
|
|
}),
|
|
Err(e) => { debug!("{e}"); None },
|
|
}
|
|
}
|
|
|
|
pub async fn delete(&self, db: &Database) -> Result<()> {
|
|
sqlx::query!("DELETE FROM tokens WHERE id = $1", self.id)
|
|
.execute(&db.pool)
|
|
.await?;
|
|
|
|
Ok(())
|
|
}
|
|
|
|
pub async fn delete_all_from(db: &Database, account: Account) -> Result<()> {
|
|
sqlx::query!("DELETE FROM tokens WHERE account = $1", account.id)
|
|
.execute(&db.pool)
|
|
.await?;
|
|
|
|
Ok(())
|
|
}
|
|
|
|
async fn remove_expired(db: &Database) -> Result<()> {
|
|
let time = (get_unix_timestamp() / 1000) as f64;
|
|
sqlx::query!("DELETE FROM tokens WHERE expires <= $1", time)
|
|
.execute(&db.pool)
|
|
.await?;
|
|
|
|
Ok(())
|
|
}
|
|
|
|
pub async fn validate_with(&self, db: &Database, client: String, allow_old: bool) -> Result<bool> {
|
|
Self::remove_expired(db).await?;
|
|
|
|
Ok({
|
|
if self.client != client { return Ok(false) }
|
|
else if !allow_old { get_unix_timestamp() / 1000 < (self.issued + 864000) as u128 }
|
|
else { true }
|
|
})
|
|
}
|
|
|
|
pub async fn validate(&self, db: &Database, allow_old: bool) -> Result<bool> {
|
|
Self::remove_expired(db).await?;
|
|
|
|
Ok({
|
|
if !allow_old { get_unix_timestamp() / 1000 < (self.issued + 864000) as u128 }
|
|
else { true }
|
|
})
|
|
}
|
|
}
|
|
|
|
pub struct TokenRaw {
|
|
pub id: i64,
|
|
pub access: String,
|
|
pub client: String,
|
|
pub account: i64,
|
|
pub issued: i64,
|
|
pub expires: i64
|
|
}
|
|
|
|
impl TokenRaw {
|
|
pub async fn complete(self, db: &Database) -> Token {
|
|
Token {
|
|
id: self.id,
|
|
access: self.access,
|
|
client: self.client,
|
|
account: Account::from_id(db, self.account).await.expect("Couldn't resolve token owner"),
|
|
issued: self.issued,
|
|
expires: self.expires,
|
|
}
|
|
}
|
|
}
|