From a8c50005b09dafd686aba2924b25131f9ca6fc76 Mon Sep 17 00:00:00 2001 From: Brad Rydzewski Date: Fri, 8 Apr 2016 17:16:45 -0700 Subject: [PATCH] ability to revoke user tokens --- Makefile | 1 - api/user.go | 18 ++++++++++++++++++ router/router.go | 1 + 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index ca2fc29a..632c8bfe 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,6 @@ all: gen build deps: go get -u golang.org/x/tools/cmd/cover - go get -u golang.org/x/tools/cmd/vet go get -u github.com/eknkc/amber/... go get -u github.com/eknkc/amber go get -u github.com/jteeuwen/go-bindata/... diff --git a/api/user.go b/api/user.go index d7a7cde3..667bf4ed 100644 --- a/api/user.go +++ b/api/user.go @@ -8,6 +8,7 @@ import ( "github.com/drone/drone/cache" "github.com/drone/drone/model" "github.com/drone/drone/router/middleware/session" + "github.com/drone/drone/shared/crypto" "github.com/drone/drone/shared/token" "github.com/drone/drone/store" ) @@ -88,6 +89,23 @@ func PostToken(c *gin.Context) { c.String(http.StatusOK, tokenstr) } +func DeleteToken(c *gin.Context) { + user := session.User(c) + user.Hash = crypto.Rand() + if err := store.UpdateUser(c, user); err != nil { + c.String(500, "Error revoking tokens. %s", err) + return + } + + token := token.New(token.UserToken, user.Login) + tokenstr, err := token.Sign(user.Hash) + if err != nil { + c.AbortWithError(http.StatusInternalServerError, err) + return + } + c.String(http.StatusOK, tokenstr) +} + // swagger:response user type userResp struct { // in: body diff --git a/router/router.go b/router/router.go index b49419ce..6d313646 100644 --- a/router/router.go +++ b/router/router.go @@ -68,6 +68,7 @@ func Load(middleware ...gin.HandlerFunc) http.Handler { user.GET("/repos", api.GetRepos) user.GET("/repos/remote", api.GetRemoteRepos) user.POST("/token", api.PostToken) + user.DELETE("/token", api.DeleteToken) } users := e.Group("/api/users")