Skip to content

Commit

Permalink
Added optional expiresAfter argument to login and fixed bug in Token …
Browse files Browse the repository at this point in the history 
…Invalidation
  • Loading branch information
@racerxdl
racerxdl committed Feb 11, 2019
1 parent e1ef9c7 commit 951f3c5
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 4 deletions.
2 changes: 1 addition & 1 deletion models/UserToken.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ func GetUserToken(conn *r.Session, token string) (ut *UserToken, err error) {
}

func InvalidateUserTokens(conn *r.Session) (int, error) {
wr, err := r.Table(UserTokenTableInit).
wr, err := r.Table(UserTokenTableInit.TableName).
Filter(r.Row.Field("Expiration").Lt(time.Now())).
Delete().
RunWrite(conn)
Expand Down
19 changes: 16 additions & 3 deletions server/agent/graphql.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,10 @@ var RootManagementMutation = graphql.NewObject(graphql.ObjectConfig{
Type: graphql.NewNonNull(graphql.String),
Description: "Password to Login",
},
"expiresAfter": &graphql.ArgumentConfig{
Type: graphql.Int,
Description: "Number of seconds since creation when the generated token will expire. If 0, defaults to server default.",
},
},
Resolve: resolveLogin,
},
Expand Down Expand Up @@ -124,14 +128,21 @@ func resolveLogin(p graphql.ResolveParams) (i interface{}, e error) {
}

createdAt := time.Now()
exp := createdAt.Add(time.Second * time.Duration(remote_signer.AgentTokenExpiration))

token := tm.AddUser(&etc.BasicUser{
expTime := remote_signer.AgentTokenExpiration
exp := createdAt.Add(time.Second * time.Duration(expTime))

if p.Args["expiresAfter"] != nil {
expTime = p.Args["expiresAfter"].(int)
exp = createdAt.Add(time.Second * time.Duration(expTime))
}

token := tm.AddUserWithExpiration(&etc.BasicUser{
FingerPrint: fingerPrint,
Username: username,
CreatedAt: createdAt,
FullName: fullname,
})
}, expTime)

return mgql.Token{
Value: token,
Expand Down Expand Up @@ -159,11 +170,13 @@ func resolveAddUser(p graphql.ResolveParams) (i interface{}, e error) {

username = p.Args["username"].(string)
fullname = p.Args["fullname"].(string)

if p.Args["fingerPrint"] != nil {
fingerPrint = p.Args["fingerPrint"].(string)
} else {
fingerPrint = remote_signer.AgentKeyFingerPrint
}

password = remote_signer.GeneratePassword()

err := am.LoginAdd(username, password, fullname, fingerPrint)
Expand Down

0 comments on commit 951f3c5

Please sign in to comment.