From 6ca94970d68ceb201ef496be9e43301aeda839fc Mon Sep 17 00:00:00 2001 From: Kirill Zaitsev Date: Wed, 28 Jan 2015 01:42:20 +0300 Subject: [PATCH] Refresh only expired tokens --- plugin/remote/gitlab/gitlab.go | 7 +++++- server/datastore/database/database.go | 1 + server/datastore/migrate/migrate.go | 18 ++++++++++++++++ server/handler/commit.go | 1 + server/handler/hook.go | 1 + server/handler/login.go | 1 + server/handler/repo.go | 1 + server/handler/user.go | 1 + shared/model/login.go | 1 + shared/model/token.go | 6 +----- shared/model/user.go | 31 ++++++++++++++------------- 11 files changed, 48 insertions(+), 21 deletions(-) diff --git a/plugin/remote/gitlab/gitlab.go b/plugin/remote/gitlab/gitlab.go index 23a15d43..2aaefca7 100644 --- a/plugin/remote/gitlab/gitlab.go +++ b/plugin/remote/gitlab/gitlab.go @@ -230,7 +230,11 @@ func (r *Gitlab) OpenRegistration() bool { } func (r *Gitlab) GetToken(user *model.User) (*model.Token, error) { - expiry := time.Now().Truncate(7200 * time.Second) + expiry := time.Unix(user.TokenExpiry, 0) + if expiry.Sub(time.Now()) > (60 * time.Second) { + return nil, nil + } + t := &oauth.Transport{ Config: NewOauthConfig(r, ""), Token: &oauth.Token{ @@ -247,5 +251,6 @@ func (r *Gitlab) GetToken(user *model.User) (*model.Token, error) { var token = new(model.Token) token.AccessToken = t.Token.AccessToken token.RefreshToken = t.Token.RefreshToken + token.Expiry = t.Token.Expiry.Unix() return token, nil } diff --git a/server/datastore/database/database.go b/server/datastore/database/database.go index 6ca59d66..49237181 100644 --- a/server/datastore/database/database.go +++ b/server/datastore/database/database.go @@ -38,6 +38,7 @@ func Connect(driver, datasource string) (*sql.DB, error) { var migrations = []migration.Migrator{ migrate.Setup, migrate.Migrate_20142110, + migrate.Migrate_20152701, } return migration.Open(driver, datasource, migrations) } diff --git a/server/datastore/migrate/migrate.go b/server/datastore/migrate/migrate.go index 42a3c57c..9c8b14fc 100644 --- a/server/datastore/migrate/migrate.go +++ b/server/datastore/migrate/migrate.go @@ -39,6 +39,20 @@ func Migrate_20142110(tx migration.LimitedTx) error { return nil } +// Migrate_20142110 is a database migration on Oct-10 2014. +func Migrate_20152701(tx migration.LimitedTx) error { + var stmts = []string{ + addUserTokenExpires, // index the commit table repo_id column + } + for _, stmt := range stmts { + _, err := tx.Exec(transform(stmt)) + if err != nil { + return err + } + } + return nil +} + var userTable = ` CREATE TABLE IF NOT EXISTS users ( user_id INTEGER PRIMARY KEY AUTOINCREMENT @@ -144,3 +158,7 @@ CREATE TABLE IF NOT EXISTS blobs ( ,UNIQUE(blob_path) ); ` + +var addUserTokenExpires = ` +ALTER TABLE users ADD COLUMN user_access_expires INTEGER +` diff --git a/server/handler/commit.go b/server/handler/commit.go index edd0b9fa..d0c341c0 100644 --- a/server/handler/commit.go +++ b/server/handler/commit.go @@ -103,6 +103,7 @@ func PostCommit(c web.C, w http.ResponseWriter, r *http.Request) { if user_token != nil { owner.Access = user_token.AccessToken owner.Secret = user_token.RefreshToken + owner.TokenExpiry = user_token.Expiry datastore.PutUser(ctx, owner) } else if err != nil { w.WriteHeader(http.StatusBadRequest) diff --git a/server/handler/hook.go b/server/handler/hook.go index e506deb3..1b46ceb2 100644 --- a/server/handler/hook.go +++ b/server/handler/hook.go @@ -81,6 +81,7 @@ func PostHook(c web.C, w http.ResponseWriter, r *http.Request) { if user_token != nil { user.Access = user_token.AccessToken user.Secret = user_token.RefreshToken + user.TokenExpiry = user_token.Expiry datastore.PutUser(ctx, user) } else if err != nil { w.WriteHeader(http.StatusBadRequest) diff --git a/server/handler/login.go b/server/handler/login.go index 2ae13603..69bfac34 100644 --- a/server/handler/login.go +++ b/server/handler/login.go @@ -88,6 +88,7 @@ func GetLogin(c web.C, w http.ResponseWriter, r *http.Request) { u.Access = login.Access u.Secret = login.Secret u.Name = login.Name + u.TokenExpiry = login.Expiry u.SetEmail(login.Email) u.Syncing = u.IsStale() diff --git a/server/handler/repo.go b/server/handler/repo.go index 5b2048a5..2c89f607 100644 --- a/server/handler/repo.go +++ b/server/handler/repo.go @@ -109,6 +109,7 @@ func PostRepo(c web.C, w http.ResponseWriter, r *http.Request) { if user_token != nil { user.Access = user_token.AccessToken user.Secret = user_token.RefreshToken + user.TokenExpiry = user_token.Expiry datastore.PutUser(ctx, user) } else if err != nil { w.WriteHeader(http.StatusBadRequest) diff --git a/server/handler/user.go b/server/handler/user.go index 6b21528a..85e86127 100644 --- a/server/handler/user.go +++ b/server/handler/user.go @@ -163,6 +163,7 @@ func PostUserSync(c web.C, w http.ResponseWriter, r *http.Request) { if user_token != nil { user.Access = user_token.AccessToken user.Secret = user_token.RefreshToken + user.TokenExpiry = user_token.Expiry } else if err != nil { w.WriteHeader(http.StatusNotFound) return diff --git a/shared/model/login.go b/shared/model/login.go index a7ff2c04..c0546b2d 100644 --- a/shared/model/login.go +++ b/shared/model/login.go @@ -9,4 +9,5 @@ type Login struct { Secret string Name string Email string + Expiry int64 } diff --git a/shared/model/token.go b/shared/model/token.go index 5b18cac6..986429c6 100644 --- a/shared/model/token.go +++ b/shared/model/token.go @@ -1,11 +1,7 @@ package model -import ( - "time" -) - type Token struct { AccessToken string RefreshToken string - Expiry time.Time + Expiry int64 } diff --git a/shared/model/user.go b/shared/model/user.go index 5edc9455..2b7b5ad1 100644 --- a/shared/model/user.go +++ b/shared/model/user.go @@ -5,21 +5,22 @@ import ( ) type User struct { - ID int64 `meddler:"user_id,pk" json:"-"` - Remote string `meddler:"user_remote" json:"remote"` - Login string `meddler:"user_login" json:"login"` - Access string `meddler:"user_access" json:"-"` - Secret string `meddler:"user_secret" json:"-"` - Name string `meddler:"user_name" json:"name"` - Email string `meddler:"user_email" json:"email,omitempty"` - Gravatar string `meddler:"user_gravatar" json:"gravatar"` - Token string `meddler:"user_token" json:"-"` - Admin bool `meddler:"user_admin" json:"admin"` - Active bool `meddler:"user_active" json:"active"` - Syncing bool `meddler:"user_syncing" json:"syncing"` - Created int64 `meddler:"user_created" json:"created_at"` - Updated int64 `meddler:"user_updated" json:"updated_at"` - Synced int64 `meddler:"user_synced" json:"synced_at"` + ID int64 `meddler:"user_id,pk" json:"-"` + Remote string `meddler:"user_remote" json:"remote"` + Login string `meddler:"user_login" json:"login"` + Access string `meddler:"user_access" json:"-"` + Secret string `meddler:"user_secret" json:"-"` + Name string `meddler:"user_name" json:"name"` + Email string `meddler:"user_email" json:"email,omitempty"` + Gravatar string `meddler:"user_gravatar" json:"gravatar"` + Token string `meddler:"user_token" json:"-"` + Admin bool `meddler:"user_admin" json:"admin"` + Active bool `meddler:"user_active" json:"active"` + Syncing bool `meddler:"user_syncing" json:"syncing"` + Created int64 `meddler:"user_created" json:"created_at"` + Updated int64 `meddler:"user_updated" json:"updated_at"` + Synced int64 `meddler:"user_synced" json:"synced_at"` + TokenExpiry int64 `meddler:"user_access_expires" json:"-"` } func NewUser(remote, login, email string) *User {